| |
| |||||||
Log-Analyse und Auswertung: WIndowa 7 Funde OpenCandy.Gen im abgesichternen ModusWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
28.01.2017, 12:45
| #1 |
 |  WIndowa 7 Funde OpenCandy.Gen im abgesichternen Modus Hallo, da Avira sich nicht mehr starten und updaten ließ, habe ich einen Scan im abgesicherten Modus durchgeführt, mit 2 aktuellen Funden OpenCandy.Gen. Danach habe ich, dank Eurer tollen Anleitung http://www.trojaner-board.de/147258-...entfernen.html das Problem beseitigen wollen. Allerdings hat der ESET OnlineCLeaner immer noch was gefunden: Code:
ATTFilter C:\AdwCleaner\quarantine\files\ggoppqrpfeabtekltzlalztmxkjtjgqk\DVDVideoSoftTB.exe Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung
C:\Program Files\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe Variante von Win32/Hao123.A eventuell unerwünschte Anwendung
C:\Users\Kornelia\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.05\agent\stub_data\stubinst_pkg_de.cab Variante von Win32/RealNetworks.A eventuell unerwünschte Anwendung
C:\Users\Kornelia\AppData\Roaming\uTorrent\updates\3.3.1_30017.exe Variante von Win32/AdkDLLWrapper.A eventuell unerwünschte Anwendung
C:\Users\Kornelia\Downloads\Format_Factory260DE.exe Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung
C:\Users\Kornelia\Downloads\freeyoutubetomp3converter31126.exe.vir Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung
E:\SICHERUNG VON EXTERN\EIGENE DOKUMENTE\AppData\Local\Mozilla\Firefox\Profiles\20811wxw.default\Cache\860C184Ed01 Win32/SoftonicDownloader.A eventuell unerwünschte Anwendung
E:\SICHERUNG VON EXTERN\EIGENE DOKUMENTE\AppData\Local\Mozilla\Firefox\Profiles\20811wxw.default\Cache\C1F9F939d01 Win32/SoftonicDownloader.A eventuell unerwünschte Anwendung
I:\Program Files\Common Files\DVDVideoSoft\TB\DVDVideoSoftTB.exe Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung
I:\Program Files\Conduit\Community Alerts\Alert.dll Win32/Toolbar.Conduit.Y eventuell unerwünschte Anwendung
I:\Users\Kornelia\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx Variante von Win32/Toolbar.Conduit.AL eventuell unerwünschte Anwendung
I:\Users\Kornelia\AppData\Local\uTorrentBar_DE\ldrtbuTor.dll Variante von Win32/Toolbar.Conduit.P eventuell unerwünschte Anwendung
I:\Users\Kornelia\AppData\Local\uTorrentBar_DE\tbuTor.dll Variante von Win32/Toolbar.Conduit.P eventuell unerwünschte Anwendung
I:\Users\Kornelia\Downloads\Format_Factory260DE.exe Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung
I:\Users\Kornelia\Downloads\Heidi\FreeYouTubeToMP3Converter31126.exe Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung
M:\KORNELIA-PC\Backup Set 2015-08-26 200049\Backup Files 2015-08-26 200049\Backup files 137.zip Variante von Win32/Hao123.A eventuell unerwünschte Anwendung
M:\KORNELIA-PC\Backup Set 2015-08-26 200049\Backup Files 2015-08-26 200049\Backup files 3.zip Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung
M:\KORNELIA-PC\Backup Set 2015-08-26 200049\Backup Files 2015-08-26 200049\Backup files 4.zip Win32/Toolbar.Conduit.Y eventuell unerwünschte Anwendung
M:\KORNELIA-PC\Backup Set 2015-08-26 200049\Backup Files 2015-08-26 200049\Backup files 42.zip Variante von Win32/Toolbar.Conduit.AL eventuell unerwünschte Anwendung
M:\KORNELIA-PC\Backup Set 2015-08-26 200049\Backup Files 2015-08-26 200049\Backup files 49.zip Variante von Win32/Toolbar.Conduit.P eventuell unerwünschte Anwendung
M:\KORNELIA-PC\Backup Set 2015-08-26 200049\Backup Files 2015-08-26 200049\Backup files 50.zip Variante von Win32/AdkDLLWrapper.A eventuell unerwünschte Anwendung
M:\KORNELIA-PC\Backup Set 2015-08-26 200049\Backup Files 2015-08-26 200049\Backup files 52.zip Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung
M:\KORNELIA-PC\Backup Set 2015-08-26 200049\Backup Files 2015-08-26 200049\Backup files 53.zip Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung
M:\KORNELIA-PC\Backup Set 2015-08-26 200049\Backup Files 2015-08-26 200049\Backup files 7.zip Variante von Win32/Hao123.A eventuell unerwünschte Anwendung
M:\KORNELIA-PC\Backup Set 2016-10-24 123618\Backup Files 2016-10-24 123618\Backup files 4.zip Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung
M:\SICHERUNG VON EXTERN\DATENSICHERUNG HANDY\Handykarte 20161612\Wechseldatenträger\rerware\MyBackup\AllAppsBackups\AppsMedia_2014_02_19\Apps\zsj.android.uninstall_328.apk Variante von Android/AdDisplay.AppFlood.A eventuell unerwünschte Anwendung
M:\SICHERUNG VON EXTERN\EIGENE DOKUMENTE\AppData\Local\Mozilla\Firefox\Profiles\20811wxw.default\Cache\860C184Ed01 Win32/SoftonicDownloader.A eventuell unerwünschte Anwendung
M:\SICHERUNG VON EXTERN\EIGENE DOKUMENTE\AppData\Local\Mozilla\Firefox\Profiles\20811wxw.default\Cache\C1F9F939d01 Win32/SoftonicDownloader.A eventuell unerwünschte Anwendung
Lieben Gruß Konni |
|
28.01.2017, 12:49
| #2 | |
| /// TB-Ausbilder   | WIndowa 7 Funde OpenCandy.Gen im abgesichternen Modus Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zu Beginn erst mal folgendes: Zitat:
Bitte die Logdateien von AdwCleaner und MBAM posten. Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
28.01.2017, 14:12
| #3 |
| | WIndowa 7 Funde OpenCandy.Gen im abgesichternen Modus Hallo Matthias,
__________________vielen Dank für Deine Hilfe. Nach dem Scan-Marathon war ich müde und hab wohl nicht korrekt gelesen ... Was auf M liegt werde ich einfach nur komplett löschen. FSRT.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 28-01-2017 01
durchgeführt von Kornelia (Administrator) auf KORNELIA-PC (28-01-2017 13:04:42)
Gestartet von C:\Users\Kornelia\Desktop\Neuer Ordner (2)
Geladene Profile: Kornelia & (Verfügbare Profile: Kornelia & Tabea & Konni)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\VPN\Avira.VpnService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
() C:\Windows\System32\PSIService.exe
() C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Users\Kornelia\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\dvd43\DVD43_Tray.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
() C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
() C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intenium) C:\Program Files\DEUTSCHLAND SPIELT\Alamandi\TaskBarNotifier.exe
(Google) C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
() C:\Program Files\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4702208 2007-10-01] (Realtek Semiconductor)
HKLM\...\Run: [dvd43] => C:\Program Files\dvd43\dvd43_tray.exe [827904 2009-10-23] ()
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [AgentMonitor] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe [391040 2013-06-20] ()
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [286992 2015-11-28] (RealNetworks, Inc.)
HKLM\...\Run: [RealDownloader] => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [714992 2016-07-05] ()
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [917576 2016-12-16] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira System Speedup User Starter] => C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [25744 2017-01-11] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira System Speedup Tray] => C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [160936 2017-01-11] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM Group Policy restriction on software: C:\Program Files\Common Files\G DATA <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Common Files\Symantec Shared <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\G DATA <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Run: [Alamandi tray notifier] => C:\Program Files\DEUTSCHLAND SPIELT\Alamandi\TaskBarNotifier.exe [394992 2012-07-10] (Intenium)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Run: [Facebook Update] => C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-06-11] (Facebook Inc.)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Run: [Amazon Music] => C:\Users\Kornelia\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 1
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\MountPoints2: {dd31715e-6298-11df-b571-001d607b2853} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\MountPoints2: {fdc8adba-0935-11e2-a19e-001d607b2853} - G:\DPFMate.exe
HKU\S-1-5-21-1736235967-2657770174-236075978-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01282017122828520\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1736235967-2657770174-236075978-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01282017122828520\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1736235967-2657770174-236075978-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01282017122828520\...\MountPoints2: {663fc844-a6e0-11e0-b32f-806e6f6e6963} - D:\Autorun.exe
HKU\S-1-5-21-1736235967-2657770174-236075978-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01282017122831952\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1736235967-2657770174-236075978-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01282017122831952\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Google Calendar Sync.lnk [2013-01-10]
ShortcutTarget: Google Calendar Sync.lnk -> C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2015-11-28]
ShortcutTarget: RealTimes.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk [2015-10-02]
ShortcutTarget: TP-LINK-Konfigurationstool.lnk -> C:\Program Files\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe ()
Startup: C:\Users\Konni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-28]
ShortcutTarget: zSpeedup.lnk -> C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG)
Startup: C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2014-03-04]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-28]
ShortcutTarget: zSpeedup.lnk -> C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG)
Startup: C:\Users\Tabea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-28]
ShortcutTarget: zSpeedup.lnk -> C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG)
GroupPolicy: Beschränkung ? <======= ACHTUNG
GroupPolicy\User: Beschränkung ? <======= ACHTUNG
GroupPolicyUsers\S-1-5-21-1736235967-2657770174-236075978-1002\User: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{23F9AFAB-2021-4A7D-9477-EBCFE8F59F7E}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9AD09A44-51EC-4D6E-9E93-74F49F171E7E}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art
URLSearchHook: HKU\S-1-5-21-1736235967-2657770174-236075978-1001 - (Kein Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - Keine Datei
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2015-11-04] (RealDownloader)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2012-02-15] (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-02-15] (Sun Microsystems, Inc.)
Toolbar: HKU\S-1-5-21-1736235967-2657770174-236075978-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01282017122828520 -> Kein Name - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - Keine Datei
Toolbar: HKU\S-1-5-21-1736235967-2657770174-236075978-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01282017122828520 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - Keine Datei
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default [2017-01-28]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\20811wxw.default ->
FF Homepage: Mozilla\Firefox\Profiles\20811wxw.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\20811wxw.default -> ist aktiviert.
FF NetworkProxy: Mozilla\Firefox\Profiles\20811wxw.default -> type", 1
FF Extension: (Avira Browser Safety) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\abs@avira.com [2017-01-26]
FF Extension: (Avira Browser Safety) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\abs@avira.com.xpi [2017-01-08]
FF Extension: (FacebookBlocker) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\facebookBlocker@webgraph.com [2014-02-16] [ist nicht signiert]
FF Extension: (NO Google Analytics) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\jid1-JcGokIiQyjoBAQ@jetpack.xpi [2016-06-09]
FF Extension: (Official My JDownloader AddOn) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2017-01-07]
FF Extension: (Test Pilot) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\testpilot@labs.mozilla.com.xpi [2016-09-01]
FF Extension: (NoScript) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-01-20]
FF Extension: (Adblock Plus) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-16]
FF Extension: (Torbutton) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}.xpi [2012-10-11] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-07-05] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: (Mehr Leistung und Videoformate für dein HTML5 &video&) - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-12-27] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1165635.dll [2012-07-05] (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2012-02-15] (Sun Microsystems, Inc.)
FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=18.1.2.175 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2015-11-28] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-08] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-08] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll [2010-02-04] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=18.1.2.175 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2015-11-28] (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-05] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1736235967-2657770174-236075978-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kornelia\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012-02-15] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2014-04-27] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2014-04-27] (RealPlayer Cloud)
Chrome:
=======
CHR DefaultProfile: Default
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\50.0.2661.102\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll => Keine Datei
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\50.0.2661.102\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\50.0.2661.102\pdf.dll => Keine Datei
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default [2017-01-27]
CHR Extension: (Kein Name) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-16]
CHR Extension: (Kein Name) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-16]
CHR Extension: (RealDownloader) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-11-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-16]
CHR Extension: (Kein Name) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-04-07]
CHR Extension: (Kein Name) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-15]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - Chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [1089592 2016-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [476736 2016-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [476736 2016-12-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1490296 2016-12-16] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files\Avira\VPN\Avira.VpnService.exe [300344 2017-01-18] (Avira Operations GmbH & Co. KG)
S3 CGVPNCliSrvc; C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
S2 gupdate1cacc58a1955820; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-10-02] (Google Inc.)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-12-06] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3303888 2017-01-20] (Malwarebytes)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [174656 2006-11-02] () [Datei ist nicht signiert]
R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [33088 2015-11-04] ()
R2 RealTimes Desktop Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [1095976 2015-11-28] (RealNetworks, Inc.)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [Datei ist nicht signiert]
R2 SpeedupService; C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [35304 2017-01-11] (Avira Operations GmbH & Co. KG)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 ACEDRV05; C:\Windows\system32\drivers\ACEDRV05.sys [97792 2010-03-10] (Protect Software GmbH) [Datei ist nicht signiert]
R2 ACEDRV08; C:\Windows\system32\drivers\ACEDRV08.sys [108768 2010-12-28] (Protect Software GmbH)
R2 acedrv10; C:\Windows\system32\drivers\acedrv10.sys [330144 2007-07-27] (Protect Software GmbH)
R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
R2 acehlp10; C:\Windows\system32\drivers\acehlp10.sys [251680 2007-07-27] (Protect Software GmbH)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278984 2010-04-05] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119208 2016-12-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140840 2016-12-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2016-09-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [60088 2016-09-27] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [30672 2016-12-16] (Avira Operations GmbH & Co. KG)
R3 dvd43llh; C:\Windows\System32\DRIVERS\dvd43llh.sys [18816 2010-06-09] (RIF) [Datei ist nicht signiert]
S3 eapihdrv; C:\Users\Kornelia\AppData\Local\Temp\ehdrv.sys [135760 2017-01-27] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [59976 2017-01-20] ()
S3 HCW713x; C:\Windows\System32\DRIVERS\HCW713x.sys [827776 2007-03-26] (Hauppauge Computer Works inc.)
R0 hotcore3; C:\Windows\System32\drivers\hotcore3.sys [39472 2008-02-14] (Paragon Software Group)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2010-04-05] ()
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [152512 2017-01-27] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [94656 2017-01-28] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [39360 2017-01-28] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [219584 2017-01-28] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [63264 2017-01-28] (Malwarebytes)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2007-02-27] ()
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc.)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-13] (NXP Semiconductors)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-04-30] (Logitech Inc.)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36624 2007-01-28] (Sonic Solutions) [Datei ist nicht signiert]
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [801896 2012-10-25] (Realtek Semiconductor Corporation )
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [722416 2010-10-22] (Duplex Secure Ltd.)
R2 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5504 2012-06-03] () [Datei ist nicht signiert]
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2011-12-15] (The OpenVPN Project)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-28 01:39 - 2017-01-28 01:39 - 00263328 _____ C:\Users\Kornelia\Desktop\malwarebytes.txt
2017-01-27 23:56 - 2017-01-28 13:04 - 00000000 ____D C:\FRST
2017-01-27 16:27 - 2017-01-27 16:27 - 02870984 _____ (ESET) C:\Users\Kornelia\Desktop\esetsmartinstaller_deu.exe
2017-01-27 16:20 - 2017-01-27 16:20 - 00001898 _____ C:\Users\Kornelia\Desktop\sc-cleaner.txt
2017-01-27 16:12 - 2017-01-27 16:12 - 00015596 _____ C:\Users\Kornelia\Desktop\JRT.txt
2017-01-27 15:27 - 2017-01-27 15:41 - 00000000 ____D C:\AdwCleaner
2017-01-27 14:42 - 2017-01-27 14:42 - 00000000 ____D C:\Users\Kornelia\AppData\Local\AviraSpeedup
2017-01-27 14:35 - 2017-01-27 14:35 - 00000000 ____D C:\Users\Kornelia\AppData\Local\Avira
2017-01-27 13:56 - 2017-01-28 12:39 - 00063264 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-01-27 13:56 - 2017-01-28 12:30 - 00094656 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-01-27 13:56 - 2017-01-27 13:56 - 00152512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-01-27 13:55 - 2017-01-28 12:30 - 00039360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-01-27 13:55 - 2017-01-28 12:28 - 00219584 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-27 13:55 - 2017-01-27 13:55 - 00002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-27 13:55 - 2017-01-27 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-27 13:55 - 2017-01-20 07:47 - 00059976 _____ C:\Windows\system32\Drivers\mbae.sys
2017-01-27 13:54 - 2017-01-27 13:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-27 13:54 - 2017-01-27 13:54 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-27 00:03 - 2017-01-27 00:04 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2017-01-26 22:47 - 2017-01-26 22:47 - 00001134 _____ C:\Users\Kornelia\Desktop\Avira Antivirus starten.lnk
2017-01-26 21:06 - 2017-01-26 21:06 - 04581024 _____ (Avira Operations GmbH & Co. KG) C:\Users\Kornelia\Downloads\avira_de_fass0_588a51b66deb0__ws.exe
2017-01-26 19:57 - 2017-01-26 19:57 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\Avira
2017-01-26 17:28 - 2017-01-26 17:28 - 00000000 ____D C:\Users\Kornelia\Downloads\Notfall DVD 7.0 Free
2017-01-26 16:35 - 2017-01-26 17:04 - 1276319704 _____ C:\Users\Kornelia\Downloads\Notfall_DVD_7.0_Free.zip
2017-01-26 13:57 - 2017-01-26 13:57 - 00001101 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2017-01-26 13:57 - 2017-01-26 13:57 - 00000998 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2017-01-26 13:56 - 2017-01-28 12:33 - 00000000 ____D C:\Users\Public\Speedup Sessions
2017-01-26 13:52 - 2017-01-26 13:52 - 00001166 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-01-26 13:43 - 2017-01-26 13:49 - 04581024 _____ (Avira Operations GmbH & Co. KG) C:\Users\Kornelia\Downloads\avira_de_fass0_5889ec8b9e38c__ws.exe
2017-01-24 23:24 - 2017-01-24 23:24 - 00000936 _____ C:\Users\Kornelia\Desktop\duplicate.txt
2017-01-19 19:22 - 2017-01-19 21:20 - 00000000 ____D C:\Users\Kornelia\Desktop\Rekla Herd
2017-01-12 23:57 - 2017-01-12 23:58 - 00000000 ____D C:\Users\Kornelia\Desktop\SCHULE
2017-01-11 13:22 - 2017-01-05 18:46 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-11 13:22 - 2017-01-05 18:46 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-11 13:22 - 2017-01-05 18:43 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-11 13:22 - 2017-01-05 18:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-11 13:22 - 2017-01-05 18:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-11 13:22 - 2017-01-05 18:19 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-11 13:22 - 2017-01-05 18:19 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-11 13:22 - 2017-01-05 18:19 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-11 13:22 - 2017-01-05 18:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-11 13:22 - 2017-01-05 18:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-11 13:22 - 2017-01-05 18:19 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-10 16:32 - 2017-01-25 00:18 - 00040346 _____ C:\Users\Kornelia\Desktop\Dateiliste.xlsx
2017-01-08 21:33 - 2017-01-08 21:33 - 00000000 ____D C:\Users\Kornelia\AppData\Local\CEF
2017-01-07 22:31 - 2017-01-07 22:31 - 00002075 _____ C:\Users\Kornelia\Desktop\JDownloader 2.lnk
2017-01-07 22:31 - 2017-01-07 22:31 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2017-01-07 22:27 - 2017-01-27 15:13 - 00000000 ____D C:\Users\Kornelia\AppData\Local\JDownloader 2.0
2017-01-07 22:23 - 2017-01-07 22:23 - 00076504 _____ (AppWork GmbH) C:\Users\Kornelia\Downloads\WebInstaller.exe
2017-01-07 19:32 - 2017-01-28 13:03 - 00000000 ____D C:\Users\Kornelia\AppData\LocalLow\Mozilla
2017-01-07 19:20 - 2017-01-07 19:20 - 00243720 _____ C:\Users\Kornelia\Downloads\Firefox Setup Stub 50.1.0.exe
2017-01-07 17:29 - 2017-01-24 23:13 - 00000000 ____D C:\Users\Kornelia\Downloads\Downloader
2017-01-07 17:21 - 2017-01-07 17:23 - 26539720 _____ (AppWork GmbH) C:\Users\Kornelia\Downloads\JDownloaderSetup.exe
2017-01-07 16:50 - 2017-01-07 16:50 - 00000000 ____D C:\Users\Kornelia\Downloads\Info
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-28 13:04 - 2015-09-16 17:12 - 00000000 ____D C:\Users\Kornelia\Desktop\Neuer Ordner (2)
2017-01-28 12:55 - 2011-07-05 09:29 - 00021264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-28 12:55 - 2011-07-05 09:29 - 00021264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-28 12:43 - 2010-03-26 02:57 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2017-01-28 12:32 - 2013-03-01 15:36 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-28 12:28 - 2011-07-05 09:31 - 00000000 ____D C:\Users\Kornelia
2017-01-28 12:28 - 2010-03-25 21:41 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2017-01-28 12:27 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-28 01:23 - 2013-06-11 21:18 - 00000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001UA.job
2017-01-27 22:23 - 2013-06-11 21:18 - 00000918 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001Core.job
2017-01-27 15:43 - 2016-03-27 19:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-01-27 15:43 - 2012-04-30 09:26 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-01-27 15:40 - 2011-03-09 20:40 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2017-01-27 15:33 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\tracing
2017-01-27 15:13 - 2011-11-01 11:13 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\Vidalia
2017-01-27 15:13 - 2011-07-05 10:25 - 00000000 ____D C:\Windows\Panther
2017-01-27 15:13 - 2011-04-13 13:21 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\skypePM
2017-01-27 15:12 - 2010-10-31 18:18 - 00000000 ___RD C:\Users\Kornelia\Desktop\Tabea Spiele
2017-01-27 15:12 - 2007-10-12 08:47 - 00000000 ____D C:\Program Files\DivX
2017-01-27 14:43 - 2011-07-05 10:27 - 01629284 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-27 14:43 - 2009-07-14 09:47 - 00702942 _____ C:\Windows\system32\perfh007.dat
2017-01-27 14:43 - 2009-07-14 09:47 - 00150582 _____ C:\Windows\system32\perfc007.dat
2017-01-27 14:43 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2017-01-27 00:05 - 2010-12-16 14:57 - 00000000 ____D C:\Program Files\GMX
2017-01-26 23:52 - 2011-09-30 10:13 - 00000000 ____D C:\Users\Public\Documents\Tivola_prefs
2017-01-26 23:52 - 2011-02-23 18:14 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\Amazon
2017-01-26 23:52 - 2011-02-23 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
2017-01-26 23:52 - 2011-02-23 18:11 - 00000000 ____D C:\Program Files\Amazon
2017-01-26 23:52 - 2010-03-10 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tivola
2017-01-26 23:48 - 2011-03-09 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2017-01-26 23:48 - 2011-03-09 20:41 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\DVDVideoSoft
2017-01-26 23:48 - 2011-03-09 20:40 - 00000000 ____D C:\Program Files\DVDVideoSoft
2017-01-26 23:43 - 2016-10-23 15:39 - 00150152 _____ C:\Windows\ntbtlog.txt
2017-01-26 17:26 - 2016-10-24 10:00 - 00120432 _____ C:\Users\Kornelia\AppData\Local\GDIPFONTCACHEV1.DAT
2017-01-26 16:28 - 2016-10-21 23:01 - 00428280 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-26 13:57 - 2016-10-21 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-01-26 13:57 - 2012-12-22 20:23 - 00000000 ____D C:\Program Files\Avira
2017-01-26 13:57 - 2012-05-20 11:07 - 00000000 ____D C:\ProgramData\Avira
2017-01-26 13:52 - 2015-11-28 11:45 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-26 13:30 - 2011-04-05 15:08 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2017-01-25 13:21 - 2012-02-26 18:45 - 00000000 ____D C:\Users\Kornelia\Downloads\Heidi
2017-01-24 23:47 - 2011-04-05 14:45 - 00000000 ____D C:\ProgramData\Norton
2017-01-23 15:51 - 2012-01-17 15:04 - 00000000 ____D C:\Users\Kornelia\AppData\Local\Microsoft Help
2017-01-23 12:32 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2017-01-22 00:11 - 2016-08-14 14:22 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-19 21:19 - 2010-04-01 21:23 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\COREL
2017-01-19 21:13 - 2010-04-29 21:48 - 00000000 ____D C:\Users\Kornelia\Documents\My PSP Files
2017-01-19 21:13 - 2010-04-22 22:31 - 00001786 ___SH C:\Windows\system32\KGyGaAvL.sys
2017-01-11 23:30 - 2013-09-01 10:47 - 00000000 ____D C:\Windows\system32\MRT
2017-01-11 23:19 - 2011-08-09 13:50 - 133456224 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-10 19:31 - 2012-05-27 00:08 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-01-10 19:31 - 2011-09-06 09:10 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-01-10 19:31 - 2010-03-13 11:32 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-08 21:33 - 2010-03-12 09:41 - 00000000 ____D C:\Users\Kornelia\AppData\Local\Adobe
2017-01-07 19:31 - 2011-10-05 01:27 - 00001117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-01-07 19:31 - 2010-03-06 17:48 - 00001105 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-12-29 23:30 - 2013-09-30 16:38 - 00000000 ____D C:\Users\Kornelia\Documents\Calibre-Bibliothek
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2010-06-02 05:21 - 2010-06-02 05:21 - 1347354 _____ () C:\Program Files\Apr2005_d3dx9_25_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1078962 _____ () C:\Program Files\Apr2005_d3dx9_25_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1397830 _____ () C:\Program Files\Apr2006_d3dx9_30_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1115221 _____ () C:\Program Files\Apr2006_d3dx9_30_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0916430 _____ () C:\Program Files\Apr2006_MDX1_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 4162630 _____ () C:\Program Files\Apr2006_MDX1_x86_Archive.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0179133 _____ () C:\Program Files\Apr2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0133103 _____ () C:\Program Files\Apr2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087101 _____ () C:\Program Files\Apr2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046010 _____ () C:\Program Files\Apr2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0698612 _____ () C:\Program Files\APR2007_d3dx10_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0695865 _____ () C:\Program Files\APR2007_d3dx10_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1607358 _____ () C:\Program Files\APR2007_d3dx9_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1606039 _____ () C:\Program Files\APR2007_d3dx9_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0195766 _____ () C:\Program Files\APR2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0151225 _____ () C:\Program Files\APR2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0096817 _____ () C:\Program Files\APR2007_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0053302 _____ () C:\Program Files\APR2007_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1350542 _____ () C:\Program Files\Aug2005_d3dx9_27_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1077644 _____ () C:\Program Files\Aug2005_d3dx9_27_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0182903 _____ () C:\Program Files\AUG2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0137235 _____ () C:\Program Files\AUG2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087142 _____ () C:\Program Files\AUG2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046058 _____ () C:\Program Files\AUG2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0852286 _____ () C:\Program Files\AUG2007_d3dx10_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0796867 _____ () C:\Program Files\AUG2007_d3dx10_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1800160 _____ () C:\Program Files\AUG2007_d3dx9_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1708152 _____ () C:\Program Files\AUG2007_d3dx9_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0198096 _____ () C:\Program Files\AUG2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0153012 _____ () C:\Program Files\AUG2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0867612 _____ () C:\Program Files\Aug2008_d3dx10_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0849167 _____ () C:\Program Files\Aug2008_d3dx10_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1794084 _____ () C:\Program Files\Aug2008_d3dx9_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1464672 _____ () C:\Program Files\Aug2008_d3dx9_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0121772 _____ () C:\Program Files\Aug2008_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0092996 _____ () C:\Program Files\Aug2008_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271412 _____ () C:\Program Files\Aug2008_XAudio_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271038 _____ () C:\Program Files\Aug2008_XAudio_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0919044 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0900598 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3112111 _____ () C:\Program Files\Aug2009_d3dcsx_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3319740 _____ () C:\Program Files\Aug2009_d3dcsx_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0232635 _____ () C:\Program Files\Aug2009_d3dx10_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0192131 _____ () C:\Program Files\Aug2009_d3dx10_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0136301 _____ () C:\Program Files\Aug2009_d3dx11_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0105044 _____ () C:\Program Files\Aug2009_d3dx11_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0930116 _____ () C:\Program Files\Aug2009_d3dx9_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0728456 _____ () C:\Program Files\Aug2009_d3dx9_42_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122408 _____ () C:\Program Files\Aug2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093106 _____ () C:\Program Files\Aug2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273264 _____ () C:\Program Files\Aug2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272642 _____ () C:\Program Files\Aug2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1357976 _____ () C:\Program Files\Dec2005_d3dx9_28_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1079456 _____ () C:\Program Files\Dec2005_d3dx9_28_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0212807 _____ () C:\Program Files\DEC2006_d3dx10_00_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0191720 _____ () C:\Program Files\DEC2006_d3dx10_00_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1571154 _____ () C:\Program Files\DEC2006_d3dx9_32_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1574376 _____ () C:\Program Files\DEC2006_d3dx9_32_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0192475 _____ () C:\Program Files\DEC2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0145599 _____ () C:\Program Files\DEC2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0089944 _____ (Microsoft Corporation) C:\Program Files\DSETUP.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 1801048 _____ () C:\Program Files\dsetup32.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 0042410 _____ () C:\Program Files\dxdllreg_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0537432 _____ () C:\Program Files\DXSETUP.exe
2010-06-02 05:22 - 2010-06-02 05:22 - 0094011 _____ () C:\Program Files\dxupdate.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1247499 _____ () C:\Program Files\Feb2005_d3dx9_24_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1013225 _____ () C:\Program Files\Feb2005_d3dx9_24_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1362796 _____ () C:\Program Files\Feb2006_d3dx9_29_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1084720 _____ () C:\Program Files\Feb2006_d3dx9_29_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0178359 _____ () C:\Program Files\Feb2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0132409 _____ () C:\Program Files\Feb2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0194675 _____ () C:\Program Files\FEB2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0147983 _____ () C:\Program Files\FEB2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054678 _____ () C:\Program Files\Feb2010_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0020713 _____ () C:\Program Files\Feb2010_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122446 _____ () C:\Program Files\Feb2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093180 _____ () C:\Program Files\Feb2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0276960 _____ () C:\Program Files\Feb2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277191 _____ () C:\Program Files\Feb2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1336002 _____ () C:\Program Files\Jun2005_d3dx9_26_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1064925 _____ () C:\Program Files\Jun2005_d3dx9_26_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0180785 _____ () C:\Program Files\JUN2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0133671 _____ () C:\Program Files\JUN2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0699044 _____ () C:\Program Files\JUN2007_d3dx10_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0698472 _____ () C:\Program Files\JUN2007_d3dx10_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607774 _____ () C:\Program Files\JUN2007_d3dx9_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607286 _____ () C:\Program Files\JUN2007_d3dx9_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197122 _____ () C:\Program Files\JUN2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0152909 _____ () C:\Program Files\JUN2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0867828 _____ () C:\Program Files\JUN2008_d3dx10_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0849919 _____ () C:\Program Files\JUN2008_d3dx10_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1792608 _____ () C:\Program Files\JUN2008_d3dx9_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1463878 _____ () C:\Program Files\JUN2008_d3dx9_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055154 _____ () C:\Program Files\JUN2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021905 _____ () C:\Program Files\JUN2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121054 _____ () C:\Program Files\JUN2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093128 _____ () C:\Program Files\JUN2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269628 _____ () C:\Program Files\JUN2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269024 _____ () C:\Program Files\JUN2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0944460 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0931471 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0752783 _____ () C:\Program Files\Jun2010_d3dcsx_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0762188 _____ () C:\Program Files\Jun2010_d3dcsx_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0235955 _____ () C:\Program Files\Jun2010_d3dx10_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197283 _____ () C:\Program Files\Jun2010_d3dx10_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138205 _____ () C:\Program Files\Jun2010_d3dx11_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0109445 _____ () C:\Program Files\Jun2010_d3dx11_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0937246 _____ () C:\Program Files\Jun2010_d3dx9_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0768036 _____ () C:\Program Files\Jun2010_d3dx9_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0124596 _____ () C:\Program Files\Jun2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093686 _____ () C:\Program Files\Jun2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277338 _____ () C:\Program Files\Jun2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0278060 _____ () C:\Program Files\Jun2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0844884 _____ () C:\Program Files\Mar2008_d3dx10_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0818260 _____ () C:\Program Files\Mar2008_d3dx10_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1769862 _____ () C:\Program Files\Mar2008_d3dx9_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1443282 _____ () C:\Program Files\Mar2008_d3dx9_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055058 _____ () C:\Program Files\Mar2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021867 _____ () C:\Program Files\Mar2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122336 _____ () C:\Program Files\Mar2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093734 _____ () C:\Program Files\Mar2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0251194 _____ () C:\Program Files\Mar2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0226250 _____ () C:\Program Files\Mar2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1067160 _____ () C:\Program Files\Mar2009_d3dx10_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1040745 _____ () C:\Program Files\Mar2009_d3dx10_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1973702 _____ () C:\Program Files\Mar2009_d3dx9_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1612446 _____ () C:\Program Files\Mar2009_d3dx9_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054600 _____ () C:\Program Files\Mar2009_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021298 _____ () C:\Program Files\Mar2009_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121506 _____ () C:\Program Files\Mar2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092740 _____ () C:\Program Files\Mar2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0275044 _____ () C:\Program Files\Mar2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273018 _____ () C:\Program Files\Mar2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0864600 _____ () C:\Program Files\Nov2007_d3dx10_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0803884 _____ () C:\Program Files\Nov2007_d3dx10_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1802058 _____ () C:\Program Files\Nov2007_d3dx9_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1709360 _____ () C:\Program Files\Nov2007_d3dx9_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0046144 _____ () C:\Program Files\NOV2007_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0018496 _____ () C:\Program Files\NOV2007_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0196762 _____ () C:\Program Files\NOV2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0148264 _____ () C:\Program Files\NOV2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0994154 _____ () C:\Program Files\Nov2008_d3dx10_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0965421 _____ () C:\Program Files\Nov2008_d3dx10_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1906878 _____ () C:\Program Files\Nov2008_d3dx9_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1550796 _____ () C:\Program Files\Nov2008_d3dx9_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054522 _____ () C:\Program Files\Nov2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021851 _____ () C:\Program Files\Nov2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121794 _____ () C:\Program Files\Nov2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092684 _____ () C:\Program Files\Nov2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273960 _____ () C:\Program Files\Nov2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272611 _____ () C:\Program Files\Nov2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0086037 _____ () C:\Program Files\Oct2005_xinput_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0045359 _____ () C:\Program Files\Oct2005_xinput_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1412902 _____ () C:\Program Files\OCT2006_d3dx9_31_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1127217 _____ () C:\Program Files\OCT2006_d3dx9_31_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0182361 _____ () C:\Program Files\OCT2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138017 _____ () C:\Program Files\OCT2006_XACT_x86.cab
2010-10-22 14:05 - 2010-10-22 14:46 - 0000388 _____ () C:\Users\Kornelia\AppData\Roaming\burnaware.ini
2013-12-18 23:02 - 2013-12-19 00:05 - 0000679 _____ () C:\Users\Kornelia\AppData\Local\cookies.ini
2011-08-17 17:39 - 2015-07-28 17:08 - 0008192 _____ () C:\Users\Kornelia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-07-26 18:23 - 2011-07-26 18:23 - 0000000 _____ () C:\Users\Kornelia\AppData\Local\{38D64D27-A406-4959-8E9F-79A45D04043C}
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2011-07-05 09:26
==================== Ende vom FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 28-01-2017 01
durchgeführt von Kornelia (28-01-2017 13:08:23)
Gestartet von C:\Users\Kornelia\Desktop\Neuer Ordner (2)
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2011-07-05 09:33:53)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1736235967-2657770174-236075978-500 - Administrator - Disabled)
Gast (S-1-5-21-1736235967-2657770174-236075978-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1736235967-2657770174-236075978-1005 - Limited - Enabled)
Konni (S-1-5-21-1736235967-2657770174-236075978-1003 - Administrator - Enabled) => C:\Users\Konni
Kornelia (S-1-5-21-1736235967-2657770174-236075978-1001 - Administrator - Enabled) => C:\Users\Kornelia
Tabea (S-1-5-21-1736235967-2657770174-236075978-1002 - Limited - Enabled) => C:\Users\Tabea
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
7-Zip 4.65 (HKLM\...\7-Zip) (Version: - )
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM\...\Digital Editions) (Version: - )
Adobe Flash Player 24 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Aladins Wunderlampe (HKLM\...\Aladins Wunderlampe_is1) (Version: - )
Alamandi (HKLM\...\Alamandi) (Version: 0.0.0.0 - INTENIUM GmbH)
Amazon Music (HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
Annabel (HKLM\...\Annabel) (Version: 1.0.0.0 - INTENIUM GmbH)
ATI Catalyst Install Manager (HKLM\...\{CC516453-9703-ABF9-201F-58A5EC567292}) (Version: 3.0.642.0 - ATI Technologies, Inc.)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM\...\Avira Phantom VPN) (Version: 2.4.3.30556 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM\...\Avira System Speedup_is1) (Version: 3.1.1.4250 - Avira Operations GmbH & Co. KG)
Azada ™: Ancient Magic (HKLM\...\BFG-Azada - Ancient Magic) (Version: - )
Azada: In Libro (HKLM\...\BFG-Azada - In Libro) (Version: - )
Azteca (HKLM\...\Azteca) (Version: 1.0.0.0 - INTENIUM GmbH)
Beetle Ju 2 (HKLM\...\Beetle Ju 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Bengal (HKLM\...\Bengal) (Version: 1.0.1.0 - INTENIUM GmbH)
Big Fish Games: Game Manager (HKLM\...\BFGC) (Version: 2.0.0.28 - )
Botanica - Reise ins Unbekannte (HKLM\...\BFG-Botanica - Reise ins Unbekannte) (Version: - )
calibre (HKLM\...\{BA356893-F9F4-4C84-B10B-6EB2FC3C3B90}) (Version: 1.5.0 - Kovid Goyal)
ccc-core-static (Version: 2007.0821.2146.36991 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.4003 - CDBurnerXP)
Chinese Checkers (HKLM\...\40-com.novelgames.flashgames.checkers) (Version: 1.8.0 - Novel Games Limited)
Chinese Checkers (Version: 1.8.0 - Novel Games Limited) Hidden
Corel Paint Shop Pro Photo XI (HKLM\...\{E1C7EF5E-3A7B-4ED4-A48B-F70F1B36EAB4}) (Version: 11.20.0000 - Corel Corporation)
Corel Snapfire DVD Maker (HKLM\...\{17E14D89-3A9F-4706-9F9B-C2DFC7ABE94B}) (Version: 1.20.0000 - Corel Corporation)
Corel Snapfire Plus (HKLM\...\{7ADE3A47-B425-45E9-8FF6-11BE2B775645}) (Version: 1.201.0000 - Corel Corporation)
CyberGhost VPN Patch 4.7.19 (HKLM\...\CyberGhost VPN_is1) (Version: - CyberGhost S.R.L.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Da Vincis Perlen Puzzle (HKLM\...\Da Vincis Perlen Puzzle) (Version: - )
Das Reich des Drachen (HKLM\...\Das Reich des Drachen) (Version: 1.0.0.0 - INTENIUM GmbH)
Das Vermächtnis - Der Baum des Lebens (1.00) (HKLM\...\Das Vermächtnis - Der Baum des Lebens_is1) (Version: - City Interactive)
Der Perfekte Weihnachtsbaum (HKLM\...\Der Perfekte Weihnachtsbaum) (Version: 1.0.0.0 - INTENIUM GmbH)
DEUTSCHLAND SPIELT GAME CENTER (HKLM\...\DSGPlayer) (Version: 1.2010.6.23 - INTENIUM GmbH)
Diamantenfee 2 (HKLM\...\Diamantenfee 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Diamond Drop 2 (HKLM\...\Diamond Drop 2) (Version: 1.0.0.0 - INTENIUM GmbH)
DIE GEHEIMNISSE DER SPIDERWICKS (HKLM\...\{DFA723CE-22B4-4E6B-92CF-176256ECF2DE}) (Version: 1.00.0000 - Sierra Entertainment)
Die Kluge Eule (HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Die Kluge Eule) (Version: - )
Die Wiege Olympias 2 (HKLM\...\Die Wiege Olympias 2) (Version: 1.0.0.0 - INTENIUM GmbH)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.3 - DivX, LLC)
Drawn: ® Flucht aus der Dunkelheit (HKLM\...\BFG-Drawn - Flucht aus der Dunkelheit) (Version: - )
Drawn: Der Turm ™ (HKLM\...\BFG-Drawn - Der Turm) (Version: - )
Dream Chronicles (HKLM\...\Dream Chronicles) (Version: - PlayFirst, Inc.)
Dream Chronicles ™ 2: The Eternal Maze (HKLM\...\BFG-Dream Chronicles 2 - The Eternal Maze) (Version: - )
DVD43 v4.6.0 (HKLM\...\DVD43_is1) (Version: - )
DVS Video Downloader Addon for Mozilla Firefox version 4.3.4.17 (HKLM\...\DVS Video Downloader Addon for Mozilla Firefox_is1) (Version: 4.3.4.17 - DVDVideoSoft Ltd.)
Emil und Pauline Auf dem Land (remove only) (HKLM\...\Emil und Pauline Auf dem Land) (Version: - )
Emil und Pauline In der Stadt (remove only) (HKLM\...\Emil und Pauline In der Stadt) (Version: - )
Enigmatis - Vermisst in Maple Creek (HKLM\...\Enigmatis - Vermisst in Maple Creek_is1) (Version: - rondomedia Marketing & Vertriebs GmbH)
Ewige Reise - Das neue Atlantis (HKLM\...\Ewige Reise - Das neue Atlantis) (Version: - )
Fabled Legends: Die Ruckkehr des Rattenfangers (HKLM\...\BFG-Fabled Legends - Die Rueckkehr des Rattenfaengers) (Version: - )
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FarmFrenzy (HKLM\...\FarmFrenzy) (Version: - )
Finstere Liebschaft - Immortal Lovers (HKLM\...\Finstere Liebschaft - Immortal Lovers) (Version: - )
foobar2000 v1.0.3 (HKLM\...\foobar2000) (Version: 1.0.3 - Peter Pawlowski)
Forest Legends - Der Ruf der Liebe (HKLM\...\Forest Legends - Der Ruf der Liebe) (Version: - )
FormatFactory 3.5.0.0 (HKLM\...\FormatFactory) (Version: 3.5.0.0 - Format Factory)
Free Studio version 2013 (HKLM\...\Free Studio_is1) (Version: 6.1.0.320 - DVDVideoSoft Ltd.)
Galileo Family Quiz - Spezial II (HKLM\...\Galileo Family Quiz - Spezial II) (Version: - SevenOne Intermedia)
Geheimakte 2 - Puritas Cordis (HKLM\...\{BE7347AD-2D93-4A74-8DBF-C1B073DAE509}) (Version: 1.00.0000 - Deep Silver)
Geheime Fälle: Die gestohlene Venus (HKLM\...\Geheime Fälle: Die gestohlene Venus) (Version: 1.0.0.0 - INTENIUM GmbH)
Geheimnis von Montezuma 2 (HKLM\...\Geheimnis von Montezuma 2) (Version: 1.0.0.0 - INTENIUM GmbH)
GMX SMS-Manager (HKLM\...\com.unitedinternet.ums.sms-mms-manager) (Version: 2.7.2.6 - 1 und 1 Internet AG)
GMX SMS-Manager (Version: 2.7.2 - 1 und 1 Internet AG) Hidden
Google Calendar Sync (HKLM\...\Google Calendar Sync) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Gravely Silent: Haus des Schreckens (HKLM\...\BFG-Gravely Silent - Haus des Schreckens) (Version: - )
Haunted Manor: Der Herr der Spiegel (HKLM\...\BFG-Haunted Manor - Der Herr der Spiegel) (Version: - )
Hauppauge MCE XP/Vista Software Encoder (2.0.25102) (HKLM\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.25102 - Hauppauge Computer Works, Inc.)
Heroes of Hellas (HKLM\...\{C0906D83-1FE0-4176-A940-45A348080987}) (Version: 1.00.0000 - Purplehills)
Hexentanz und Firlefanz (HKLM\...\Hexentanz und Firlefanz) (Version: - )
Hidden Expedition ® : Bermudadreieck (HKLM\...\BFG-Hidden Expedition - Bermudadreieck) (Version: - )
Hidden Mysteries Salem Secrets (HKLM\...\Hidden Mysteries Salem Secrets) (Version: 1.0 - astrogon Software)
Hidden Mysteries Vampire Secrets (HKLM\...\Hidden Mysteries Vampire Secrets) (Version: 1.0 - astragon Software)
Java(TM) 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JetBee FREE 5.1.2 (build 456) (HKLM\...\JetBee_is1) (Version: - )
Jewel Puzzle (HKLM\...\Jewel Puzzle) (Version: 1.0.0.0 - INTENIUM GmbH)
Kleiner Eisbär 2 (HKLM\...\Kleiner Eisbär 2) (Version: - )
Kuros (HKLM\...\Kuros) (Version: 1.0.0.0 - INTENIUM GmbH)
Lauras Stern (HKLM\...\Lauras Stern) (Version: - )
Letstrade (HKLM\...\{E0091C29-DEE8-4B24-BF65-8C35B5940D77}) (Version: 1.00.0000 - Buhl Data Service)
LightScribe System Software 1.17.90.1 (HKLM\...\{CB16F6D9-EBC9-4BC6-B917-7AF53E99C067}) (Version: 1.17.90.1 - LightScribe)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Manic Digger (HKLM\...\{119E2FCB-5CDD-4C24-BCB2-56A824E2BF0A}_is1) (Version: - )
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Midnight Mysteries Salem Witch Trials (HKLM\...\Midnight Mysteries Salem Witch Trials) (Version: 1.1.0.0 - MumboJumbo)
Mozilla Firefox 51.0.1 (x86 de) (HKLM\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Mozilla Thunderbird 45.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 45.6.0 (x86 de)) (Version: 45.6.0 - Mozilla)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery Case Files®: Dire Grove™ (HKLM\...\BFG-Mystery Case Files - Dire Grove) (Version: - )
Mystery Case Files: Madame Fate ® (HKLM\...\BFG-Mystery Case Files - Madame Fate) (Version: - )
Mystery Case Files: Rückkehr nach Ravenhearst Handbuch ™ (HKLM\...\BFG-Mystery Case Files - Rueckkehr nach Ravenhearst Handbuch) (Version: - )
Mystery Case Files: Rückkehr nach Ravenhearst ™ (HKLM\...\BFG-Mystery Case Files - Rueckkehr nach Ravenhearst) (Version: - )
Mystery Case Files: Ravenhearst ™ (HKLM\...\BFG-Mystery Case Files - Ravenhearst) (Version: - )
Mystery of Cleopatra (HKLM\...\Mystery of Cleopatra 1.0) (Version: 1.0 - Rondo Media)
Mystery Places - Das Geheimnis der Geistervilla (HKLM\...\Mystery Places - Das Geheimnis der Geistervilla_is1) (Version: - )
Mystery Tales - Insel der Träume (HKLM\...\{2C0AC9A4-3FA8-4B71-848E-9BB9D492BC2E}_is1) (Version: - cerasus.media GmbH)
Mystery Trackers: Raincliff (HKLM\...\BFG-Mystery Trackers - Raincliff) (Version: - )
Natalie Brooks (HKLM\...\Natalie Brooks) (Version: - )
Nero 7 Essentials (HKLM\...\{0DE739CA-9487-4E3E-8511-92EAF01F1031}) (Version: 7.03.0274 - Nero AG)
Nightfall Mysteries - Die Ashburg Verschwörung (HKLM\...\Nightfall Mysteries - Die Ashburg Verschwörung_is1) (Version: - rondomedia)
Pahelika: Secret Legends (HKLM\...\Pahelika: Secret Legends) (Version: - The Games Company Worldwide GmbH)
Paragon Hard Disk Manager 2008 Professional (HKLM\...\{E9E4BB29-FA98-401B-9EDE-9906906E33DE}) (Version: - Paragon Software Group)
PixiePack Codec Pack (HKLM\...\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}) (Version: 1.1.1200.0 - None)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Polipo 1.0.4.1 (HKLM\...\Polipo) (Version: - )
Prinzessin Isabella (HKLM\...\Prinzessin Isabella) (Version: 1.0.0.0 - INTENIUM GmbH)
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
ProtectDisc Helper Driver 10 (HKLM\...\ProtectDisc Driver 10) (Version: 10.0.0.3 - )
Radiotracker (HKLM\...\{1E863F44-2D2D-4BD7-B25B-EDA9FF622267}) (Version: 6.2.13700.0 - RapidSolution Software AG)
ratDVD 0.78.1444 (HKLM\...\ratDVD) (Version: 0.78.1444 - ratDVD)
Ravensburger tiptoi (HKLM\...\Ravensburger tiptoi) (Version: - )
RealDownloader (Version: 18.1.2.176 - RealNetworks, Inc.) Hidden
RealDownloader (Version: 18.1.4.144 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM\...\RealPlayer 18.1) (Version: 18.1.2 - RealNetworks)
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - )
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Rooms - Die Villa 1.0d (HKLM\...\Rooms - Die Villa) (Version: 1.0d - Halycon Media)
Samantha Swift and the Mystery From Atlantis (HKLM\...\Samantha Swift and the Mystery From Atlantis) (Version: 1.1.0.0 - MumboJumbo)
Sandra Fleming Chronicles – Crystal Skulls (HKLM\...\Sandra Fleming Chronicles – Crystal Skulls) (Version: 1.0.0.0 - INTENIUM GmbH)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Simajo (HKLM\...\Simajo) (Version: - )
Skins (Version: 2007.0821.2146.36991 - ATI) Hidden
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony Ericsson Update Engine (HKLM\...\Update Engine) (Version: 2.13.6.201305161305 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.188 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.188 - Sony)
Spirits of Mystery: Dunkler Fluch (HKLM\...\BFG-Spirits of Mystery - Dunkler Fluch) (Version: - )
Spur der Träume (HKLM\...\Spur der Träume) (Version: 1.0.0.0 - INTENIUM GmbH)
Sweet Home 3D version 3.3 (HKLM\...\Sweet Home 3D_is1) (Version: - eTeks)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Enchanted Kingdom: Elisa’s Adventure (HKLM\...\The Enchanted Kingdom: Elisa’s Adventure) (Version: 1.0.0.0 - INTENIUM GmbH)
The Fall Trilogy (HKLM\...\The Fall Trilogy_is1) (Version: - Morphicon)
The Fall Trilogy Chapter 2 (HKLM\...\The Fall Trilogy Chapter 2_is1) (Version: - Morphicon)
The Night of the Rabbit (HKLM\...\The Night of the Rabbit) (Version: 1.0 - Daedalic Entertainment)
The Sultans Labyrinth: Das Opfer des Königs (HKLM\...\BFG-The Sultans Labyrinth - Das Opfer des Koenigs) (Version: - ) <==== ACHTUNG
Tor 0.2.2.35 (HKLM\...\Tor) (Version: - )
TP-LINK 300Mbps Wireless USB Adapter Treiber (HKLM\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
TP-LINK-Konfigurationstool (HKLM\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Trödelschätze (HKLM\...\{AC368309-A247-42C0-9AAF-ABB2E067B79C}) (Version: 1.00.0000 - Valusoft)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Try Corel Snapfire muvee autoProducer add on (Version: 1.00.0000 - Ihr Firmenname) Hidden
Turtix (HKLM\...\Turtix) (Version: - )
Turtix 2 (HKLM\...\Turtix 2) (Version: - )
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Vernaeht und zugeflixt! Was stimmt denn hier nicht? (HKLM\...\Vernaeht und zugeflixt! Was stimmt denn hier nicht?) (Version: - )
Vidalia 0.2.15 (HKLM\...\Vidalia) (Version: - )
Video Downloader (Version: 1.2.0 - RealNetworks) Hidden
Vista Codec Package (HKLM\...\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}) (Version: 5.6.4 - Shark007)
VTech Download Agent Library (Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (HKLM\...\VTechDownloadManager) (Version: - VTech)
Wieso? Weshalb? Warum? - Unser Körper (HKLM\...\com.rd.www.desktop.DesktopBody) (Version: 1.0.0 - Ravensburger Digital GmbH)
Wieso? Weshalb? Warum? - Unser Körper (Version: 1.0.0 - Ravensburger Digital GmbH) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WordPerfect Office X3 (HKLM\...\_{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}) (Version: - Corel Corporation)
WordPerfect Office X3 (Version: 13.3 - Corel Corporation) Hidden
World Voyage (HKLM\...\World Voyage) (Version: 1.0.0.0 - INTENIUM GmbH)
XMedia Recode 2.3.0.4 (HKLM\...\XMedia Recode) (Version: 2.3.0.4 - Sebastian Dörfler)
XMind 2013 (v3.4.1) (HKLM\...\XMind_is1) (Version: 3.4.1.201401221918 - XMind Ltd.)
Zuma's Revenge! (HKLM\...\Zuma's Revenge!1.0) (Version: 1.0 - AllSmartGames)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Kornelia\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Kornelia\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Kornelia\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837}\InprocServer32 -> kein Dateipfad
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {032A98DE-A547-4FB1-97B4-777E85FCE80F} - System32\Tasks\{51ECF608-A47D-464B-892E-9A3067C4CA0E} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {04338029-ABEF-4DB2-A56D-FF0641970A7A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001UA => C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-11] (Facebook Inc.)
Task: {08FA19ED-87A2-4BE4-B4F6-1170192766D0} - System32\Tasks\{1D76B916-65CA-47A7-9DD1-C614C8F74E56} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {0922A476-D472-4C6B-AF0D-283C447FF4F0} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {248BA49A-31FC-4CBC-AC12-0AD50B3730CD} - System32\Tasks\{2D2CF1E0-A39F-4435-B084-62C323AD4F56} => C:\Program Files\astragon Software\Hidden Mysteries Vampire Secrets\Hidden Mysteries - Vampire Secrets.exe [2010-09-03] ()
Task: {262EF14E-2D04-4238-8DD2-2B9AFBBAEC1F} - System32\Tasks\{D62DA859-B3A5-4A8C-8643-BC908C434082} => C:\Program Files\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {2B93871E-90A6-4BD6-B5B2-2B2CCE5A5740} - System32\Tasks\{C791566E-54A6-4DAF-8C0F-0153AA08A504} => pcalua.exe -a D:\Software\Nero\setupx.exe -d D:\Software\Nero
Task: {2D4FEC81-5640-445A-97C1-A780D1FD2CD8} - System32\Tasks\{3D22388D-753E-494E-8F61-D351F8E67C68} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {34B169BF-29C1-4D9E-ABAD-DD33D6A48488} - System32\Tasks\{AA3E9FEA-EE1C-4BD0-A6EE-0AB550AE278F} => pcalua.exe -a D:\autorun.exe -d D:\
Task: {3C30CE7A-A21F-4478-8DFD-AB4484B05538} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-10] (Adobe Systems Incorporated)
Task: {3F4F5314-363F-4D5F-AD46-3C6D3EAA7DDA} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-11-04] ()
Task: {40B72FB4-CFE2-4347-A69C-6AA6A1291F0F} - System32\Tasks\{CC841AF3-7C05-4252-BDD9-2A3892CD4929} => Firefox.exe
Task: {474C30BF-0A7E-4DC2-9E6B-369B154E8229} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-02] (Google Inc.)
Task: {49897270-27FE-4B7E-A4F9-1B4F8AE27E3F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {49E28B95-9408-4715-97DA-1AB7339805C6} - System32\Tasks\{EA4F2F72-7C23-4AB9-8184-245B49DE749F} => C:\Program Files\DEUTSCHLAND SPIELT\BeetleJu2 VollVersion\BeetleJu2_og.exe [2010-11-23] (INTENIUM GmbH)
Task: {4C08C992-D45F-4D07-9702-9FF2FB1E7DA0} - System32\Tasks\{7D0AE273-2305-48F1-AF5C-46BFD622F47E} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {4E016ADD-5044-4D20-841E-C43FFE2861BD} - System32\Tasks\{F4A27F14-3152-470D-9565-039442275C50} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {4EC8D6F7-19A4-43EB-A744-BF2A0A15F56E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {50748F55-16EA-4C55-8547-7EC1D0947037} - System32\Tasks\RealDownloader Update Check => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [2016-07-05] ()
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {5AC92F98-B42E-4F21-9AA0-01AD0439642E} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {5B3F853B-FE70-4847-8631-186551D7012C} - System32\Tasks\{07CBC734-EBA5-454A-913B-EC737132222F} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {66D53617-940A-4E05-871F-28B9007E2CC3} - System32\Tasks\{9BFE3ECE-693E-45CE-A00E-7DC315188CEC} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {6B725544-E42B-4580-B4AE-E272703AF399} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {6C42F0C8-5E73-4DE6-A971-9CE99159C71D} - System32\Tasks\{71507EB2-BF35-48B0-8135-FCBC7D54BAEC} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {77D92D5C-1736-4593-BC70-36551C747A1A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {78201B2F-5E80-4168-B233-7212E7A89D0D} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18] (Sun Microsystems, Inc.)
Task: {7DD6E2A0-C6F1-4EFD-92B0-4A0D547C24C5} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {893B18BE-C091-4B27-9D76-82F0BCA99813} - System32\Tasks\{84074564-9C97-48A0-BBB3-89DAB27B7C9B} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {9240E8E9-1D41-40BA-B4DE-32542C7145DB} - System32\Tasks\{97E672C4-E6D1-4ED6-99D8-B122A1F86FC0} => pcalua.exe -a D:\DVPP\Setup.exe -d D:\DVPP
Task: {979D3F17-6619-45C5-B404-606838B44253} - System32\Tasks\{E4546B87-1D17-4B95-A0A5-37522F5D05EF} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {9C2F05E8-F861-43CF-987B-095EF430F405} - System32\Tasks\{F3AEE607-769D-4C8B-824B-88BEB035F102} => pcalua.exe -a C:\Spiele\Lillifee\setup.exe -d D:
Task: {B0993B05-978C-4A15-AA87-B18AB9A99EFD} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001Core => C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-11] (Facebook Inc.)
Task: {B37A6E42-727E-4E31-A77C-04022A464880} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2015-11-04] (RealNetworks, Inc.)
Task: {BFD53BF4-19B8-4502-92DD-7D926FFA8CA6} - System32\Tasks\{EC680A57-E7BC-4A66-8FBB-20A511FDFA89} => pcalua.exe -a D:\bin\EasyInst.exe -d D:\
Task: {C8250CB2-F11F-4A98-95BB-BA5E812E6A7E} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {DAAAE172-7743-4C96-B232-DCC0F5FC7607} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-02] (Google Inc.)
Task: {DBF5DE37-8E99-4B07-813D-41126EA90DB3} - System32\Tasks\{81430713-60CA-4B71-8FBB-D14DA0751514} => pcalua.exe -a D:\autorun.exe -d D:\
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {F0E42A33-0E8E-4BB2-80F9-8418E2340E57} - System32\Tasks\{287D07D5-E1D7-4882-9C98-35680FC50E9A} => C:\Program Files\astragon Software\Hidden Mysteries Vampire Secrets\Hidden Mysteries - Vampire Secrets.exe [2010-09-03] ()
Task: {F20691E7-0B1D-438A-ABD0-2D94FF823CEA} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {F526EC9D-6127-42C8-A3B4-E081029D3F7D} - System32\Tasks\{3DEE68DB-465B-46BB-87CD-D6BEE805EFD1} => C:\Program Files\Daedalic Entertainment\The Night of the Rabbit\rabbit.exe [2013-04-28] (Daedalic Entertainment GmbH)
Task: {FB0BD155-6754-4ECC-9711-162FE2741D51} - System32\Tasks\Amazon Music Helper => C:\Users\Kornelia\AppData\Local\Amazon Music\Amazon Music Helper.exe [2014-12-08] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001Core.job => C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001UA.job => C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2006-11-02 11:40 - 2006-11-02 11:40 - 00174656 _____ () C:\Windows\system32\PSIService.exe
2015-11-04 15:20 - 2015-11-04 15:20 - 00033088 _____ () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
2015-11-04 15:20 - 2015-11-04 15:20 - 00037720 _____ () C:\Program Files\Real\UpdateService\DL2UpdatePlugin.dll
2015-11-04 15:19 - 2015-11-04 15:19 - 00039768 _____ () C:\Program Files\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2015-11-04 15:20 - 2015-11-04 15:20 - 00037728 _____ () C:\Program Files\Real\UpdateService\VideoDLUpdatePlugin.dll
2017-01-27 13:54 - 2017-01-20 07:47 - 01732896 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-01-27 13:55 - 2017-01-20 07:47 - 02097616 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2017-01-27 13:55 - 2017-01-20 07:47 - 01719760 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2015-01-17 15:57 - 2014-12-08 07:27 - 06277952 _____ () C:\Users\Kornelia\AppData\Local\Amazon Music\Amazon Music Helper.exe
2010-06-09 18:10 - 2009-10-23 18:34 - 00827904 _____ () C:\Program Files\dvd43\DVD43_Tray.exe
2011-07-29 00:08 - 2011-07-29 00:08 - 01259376 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2011-07-29 00:09 - 2011-07-29 00:09 - 00096112 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2013-06-24 09:54 - 2013-06-20 08:58 - 00391040 _____ () C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
2013-06-24 09:54 - 2010-06-24 02:16 - 02150400 _____ () C:\Program Files\VTech\DownloadManager\System\QtCore4.dll
2013-06-24 09:54 - 2010-07-13 14:07 - 07826432 _____ () C:\Program Files\VTech\DownloadManager\System\QtGui4.dll
2013-06-24 09:54 - 2010-06-02 03:29 - 00934912 _____ () C:\Program Files\VTech\DownloadManager\System\QtNetwork4.dll
2013-06-24 09:54 - 2010-06-02 03:28 - 00335360 _____ () C:\Program Files\VTech\DownloadManager\System\QtXml4.dll
2013-06-24 09:54 - 2012-08-06 10:54 - 09843640 _____ () C:\Program Files\VTech\DownloadManager\System\QtWebKit4.dll
2013-06-24 09:54 - 2010-06-02 03:56 - 00232960 _____ () C:\Program Files\VTech\DownloadManager\System\phonon4.dll
2013-06-24 09:54 - 2010-06-02 03:54 - 02530816 _____ () C:\Program Files\VTech\DownloadManager\System\QtXmlPatterns4.dll
2013-06-24 09:54 - 2010-07-05 10:19 - 00116736 _____ () C:\Program Files\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2013-06-24 09:54 - 2010-11-11 10:24 - 00028160 _____ () C:\Program Files\VTech\DownloadManager\System\DACommCenter.dll
2013-06-24 09:54 - 2010-06-02 06:05 - 00025600 _____ () C:\Program Files\VTech\DownloadManager\System\imageformats\qgif4.dll
2013-06-24 09:54 - 2010-06-02 06:05 - 00119808 _____ () C:\Program Files\VTech\DownloadManager\System\imageformats\qjpeg4.dll
2016-07-05 17:18 - 2016-07-05 17:18 - 00714992 _____ () C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
2016-07-05 17:13 - 2016-07-05 17:13 - 01382048 _____ () C:\Program Files\RealNetworks\RealDownloader\cpprest100_1_2.dll
2015-11-28 11:37 - 2015-11-28 11:37 - 00653608 _____ () c:\program files\real\realplayer\RPDS\Lib\r1api.dll
2016-07-05 17:18 - 2016-07-05 17:18 - 00077552 _____ () C:\Program Files\RealNetworks\RealDownloader\dtvhooks.dll
2015-11-28 11:37 - 2015-11-28 11:37 - 00022312 _____ () c:\program files\real\realplayer\RPDS\Tools\ffmpeg\mediautil.dll
2015-11-28 11:37 - 2015-11-28 11:37 - 01520936 _____ () c:\program files\real\realplayer\RPDS\Tools\ffmpeg\avformat-55.dll
2015-11-28 11:37 - 2015-11-28 11:37 - 04274984 _____ () c:\program files\real\realplayer\RPDS\Tools\ffmpeg\avcodec-55.dll
2015-11-28 11:37 - 2015-11-28 11:37 - 00322856 _____ () c:\program files\real\realplayer\RPDS\Tools\ffmpeg\avutil-52.dll
2015-10-02 18:33 - 2012-10-25 15:19 - 00846848 _____ () C:\Program Files\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe
2015-10-02 18:33 - 2012-10-25 15:19 - 01401344 _____ () C:\Program Files\TP-LINK\TP-LINK-Konfigurationstool\nicLan.dll
2015-10-02 18:33 - 2012-12-04 15:22 - 00193024 _____ () C:\Program Files\TP-LINK\TP-LINK-Konfigurationstool\DC_WFF.dll
2015-10-02 18:33 - 2012-10-25 15:19 - 00293376 _____ () C:\Program Files\TP-LINK\TP-LINK-Konfigurationstool\WJRtl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:24FECE50 [398]
AlternateDataStreams: C:\ProgramData\TEMP:260575F1 [422]
AlternateDataStreams: C:\ProgramData\TEMP:35501BA4 [368]
AlternateDataStreams: C:\ProgramData\TEMP:45A64DE6 [183]
AlternateDataStreams: C:\ProgramData\TEMP:574F975B [184]
AlternateDataStreams: C:\ProgramData\TEMP:9BB8C675 [171]
AlternateDataStreams: C:\ProgramData\TEMP:A3B8F70C [128]
AlternateDataStreams: C:\ProgramData\TEMP:A4AF8D0D [169]
AlternateDataStreams: C:\ProgramData\TEMP:ADF211B1 [100]
AlternateDataStreams: C:\ProgramData\TEMP:B139DDF3 [173]
AlternateDataStreams: C:\ProgramData\TEMP:B8791731 [170]
AlternateDataStreams: C:\ProgramData\TEMP:BEE39E9B [190]
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]
AlternateDataStreams: C:\ProgramData\TEMP:E51234A9 [154]
AlternateDataStreams: C:\ProgramData\TEMP:FAB64002 [164]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.exe: => <===== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.scr: => <===== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.bat: => <===== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.com: => <===== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.cmd: => <===== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.reg: => <===== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2006-11-02 03:23 - 2006-09-18 14:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1736235967-2657770174-236075978-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01282017122828520\Control Panel\Desktop\\Wallpaper -> C:\Users\Tabea\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1736235967-2657770174-236075978-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01282017122831952\Control Panel\Desktop\\Wallpaper -> C:\Users\Konni\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AOButler.exe - Verknüpfung.lnk => C:\Windows\pss\AOButler.exe - Verknüpfung.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Kornelia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^AOButler.lnk => C:\Windows\pss\AOButler.lnk.Startup
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Spiele Post => C:\Program Files\OXXOGames\GPlayer\GameCenterNotifier.exe
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{771781D7-42F2-4719-BCFC-468823CD634A}] => C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{F8F60273-BD4C-4058-B246-6F633BD6A891}] => LPort=1900
FirewallRules: [{20D276B1-3C90-4929-8A32-E4ACCBECC2C8}] => LPort=2869
FirewallRules: [{3355F104-DC9F-42F3-8E9D-3BF5DBF8FEB3}] => C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0BEA84F4-2656-475A-AE06-59E81719D75F}] => svchost.exe
FirewallRules: [{2BFBBFCF-8C85-480D-A055-0DB5677BDCDE}] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{5B4D0C77-79AF-4923-BDC1-B51891E48444}C:\program files\vidalia bundle\tor\tor.exe] => C:\program files\vidalia bundle\tor\tor.exe
FirewallRules: [UDP Query User{BC460BB0-BD68-48F3-BEB2-47578A7623D9}C:\program files\vidalia bundle\tor\tor.exe] => C:\program files\vidalia bundle\tor\tor.exe
FirewallRules: [{2339DF44-A7DD-4E22-A32A-32DCC95DC337}] => C:\program files\vidalia bundle\tor\tor.exe
FirewallRules: [{A59E1834-01D3-478B-90C5-6E1D4924AFDB}] => C:\program files\vidalia bundle\tor\tor.exe
FirewallRules: [{AEB0C184-B9E4-434C-B087-A14CA1DF867B}] => C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{08572AF5-8353-4B61-B8C0-24C618870A9E}] => C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{670FA4AF-6DA8-487A-91EE-B07143EB2170}] => C:\Users\Kornelia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8BD40ABE-22B5-4230-B66B-47D3BD3D0390}] => C:\Users\Kornelia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{55D99CB2-C725-42FC-847A-5909C961EAE8}] => C:\Users\Kornelia\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{85FDB52D-7A01-43A8-9009-6A168010138A}] => C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{8758F947-09B2-41DF-88EC-579BC9CA03E7}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{459568E9-83FC-4C8A-9663-91C2C9B6026F}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{92605963-E425-410C-BB6E-8F4EDEA0C349}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D48E3507-9052-45D0-9E44-24AC955777AA}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4ED3AA0F-7E02-449A-BAA4-34B72C42BF3C}C:\program files\freetime\formatfactory\formatfactory.exe] => C:\program files\freetime\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{A8E2B43C-F558-48C1-A629-118843C42FE8}C:\program files\freetime\formatfactory\formatfactory.exe] => C:\program files\freetime\formatfactory\formatfactory.exe
FirewallRules: [{84839E9D-9BF0-4CCD-A922-70507EA96606}] => c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{175EF583-D4BB-4455-BF80-3778A39EAEAC}] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{189936DE-97ED-4FCF-AFD9-FA1ABFB6C531}] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{D0577CA9-F454-408A-ACDF-7F280302E7BD}] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{95DF96B5-51A5-4BAD-8FE7-4BC3CF9AF3DF}] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{D81DFAC4-5EE4-4BF8-A94D-84503C9C6E7F}] => C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{88496792-6A83-4826-9392-C3A2DBF731BE}C:\program files\java\jre6\bin\javaw.exe] => C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{08F10482-4231-4238-9029-5220201C0B87}C:\program files\java\jre6\bin\javaw.exe] => C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{3199F9F6-FD40-4F4E-B578-F886A82D57DA}C:\users\kornelia\appdata\local\jdownloader 2.0\jdownloader2.exe] => C:\users\kornelia\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [UDP Query User{AE639368-64F0-4A58-B6CA-0EE42A599710}C:\users\kornelia\appdata\local\jdownloader 2.0\jdownloader2.exe] => C:\users\kornelia\appdata\local\jdownloader 2.0\jdownloader2.exe
==================== Wiederherstellungspunkte =========================
24-01-2017 15:04:25 Windows Update
27-01-2017 15:11:14 Avira System Speedup Optimierung
27-01-2017 16:04:18 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: atksgt
Description: atksgt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: atksgt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: sptd
Description: sptd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: sptd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/28/2017 12:27:43 PM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/28/2017 12:27:43 PM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/27/2017 09:26:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a4a7
Name des fehlerhaften Moduls: wmp.dll, Version: 12.0.7601.23517, Zeitstempel: 0x57adfdef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002f2a13
ID des fehlerhaften Prozesses: 0x454
Startzeit der fehlerhaften Anwendung: 0x01d278d9252d8e4f
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\wmp.dll
Berichtskennung: f0f65b0e-e4ce-11e6-bba0-001d607b2853
Error: (01/27/2017 09:08:25 PM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/27/2017 09:08:25 PM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/27/2017 04:39:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a4a7
Name des fehlerhaften Moduls: wmp.dll, Version: 12.0.7601.23517, Zeitstempel: 0x57adfdef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002f2a13
ID des fehlerhaften Prozesses: 0x14a4
Startzeit der fehlerhaften Anwendung: 0x01d278b24e22efa7
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\wmp.dll
Berichtskennung: d9a6174c-e4a6-11e6-bba0-001d607b2853
Error: (01/27/2017 04:29:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a4a7
Name des fehlerhaften Moduls: wmp.dll, Version: 12.0.7601.23517, Zeitstempel: 0x57adfdef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002f2a13
ID des fehlerhaften Prozesses: 0x12a0
Startzeit der fehlerhaften Anwendung: 0x01d278b112aa6646
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\wmp.dll
Berichtskennung: 75a2489e-e4a5-11e6-bba0-001d607b2853
Error: (01/27/2017 04:21:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a4a7
Name des fehlerhaften Moduls: wmp.dll, Version: 12.0.7601.23517, Zeitstempel: 0x57adfdef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002f2a13
ID des fehlerhaften Prozesses: 0x970
Startzeit der fehlerhaften Anwendung: 0x01d278ac80c5d4e3
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\wmp.dll
Berichtskennung: 37ec139c-e4a4-11e6-bba0-001d607b2853
Error: (01/27/2017 03:39:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a4a7
Name des fehlerhaften Moduls: wmp.dll, Version: 12.0.7601.23517, Zeitstempel: 0x57adfdef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002f2a13
ID des fehlerhaften Prozesses: 0xf28
Startzeit der fehlerhaften Anwendung: 0x01d278a2e66a420d
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\wmp.dll
Berichtskennung: 5c048713-e49e-11e6-b3bf-001d607b2853
Error: (01/27/2017 03:11:09 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {7e7a3d57-a2e5-4fe8-bbfd-51f5f0b8abcf}
Systemfehler:
=============
Error: (01/28/2017 01:13:27 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (01/28/2017 01:13:20 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (01/28/2017 01:13:12 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (01/28/2017 01:13:05 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (01/28/2017 01:12:57 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (01/28/2017 01:12:48 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (01/28/2017 01:12:42 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (01/28/2017 01:12:33 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (01/28/2017 01:12:26 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (01/28/2017 01:12:19 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
==================== Memory info ===========================
Processor: AMD Athlon(tm) X2 Dual Core Processor BE-2300
Prozentuale Nutzung des RAM: 53%
Installierter physikalischer RAM: 1918.49 MB
Verfügbarer physikalischer RAM: 896.95 MB
Summe virtueller Speicher: 3836.98 MB
Verfügbarer virtueller Speicher: 1987.94 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:242.77 GB) (Free:94.16 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive e: () (Fixed) (Total:207.36 GB) (Free:35.49 GB) NTFS
Drive g: (Black) (Fixed) (Total:465.76 GB) (Free:413.34 GB) NTFS
Drive i: (EXTERN 2 -Spiegel-) (Fixed) (Total:242.77 GB) (Free:143.09 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive m: (EXTERN 1 -DATEN-) (Fixed) (Total:1255.2 GB) (Free:437.65 GB) NTFS
Drive n: (EXTERN 3) (Fixed) (Total:100 GB) (Free:99.87 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C76EBDA3)
Partition 1: (Active) - (Size=242.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15.6 GB) - (Type=27)
Partition 3: (Not Active) - (Size=207.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 5C921633)
Partition 1: (Not Active) - (Size=1255.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=507.8 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 256E7802)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
|
|
28.01.2017, 14:54
| #4 |
| | WIndowa 7 Funde OpenCandy.Gen im abgesichternen ModusCode:
ATTFilter 13:24:30.0613 0x1f3c TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
13:24:45.0855 0x1f3c ============================================================
13:24:45.0855 0x1f3c Current date / time: 2017/01/28 13:24:45.0855
13:24:45.0855 0x1f3c SystemInfo:
13:24:45.0855 0x1f3c
13:24:45.0855 0x1f3c OS Version: 6.1.7601 ServicePack: 1.0
13:24:45.0855 0x1f3c Product type: Workstation
13:24:45.0855 0x1f3c ComputerName: KORNELIA-PC
13:24:45.0855 0x1f3c UserName: Kornelia
13:24:45.0855 0x1f3c Windows directory: C:\Windows
13:24:45.0855 0x1f3c System windows directory: C:\Windows
13:24:45.0855 0x1f3c Processor architecture: Intel x86
13:24:45.0855 0x1f3c Number of processors: 2
13:24:45.0855 0x1f3c Page size: 0x1000
13:24:45.0855 0x1f3c Boot type: Normal boot
13:24:45.0855 0x1f3c CodeIntegrityOptions = 0x00000000
13:24:45.0855 0x1f3c ============================================================
13:24:50.0301 0x1f3c KLMD registered as C:\Windows\system32\drivers\21416082.sys
13:24:50.0301 0x1f3c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x0
13:24:52.0079 0x1f3c System UUID: {36C9054F-E0BF-D255-A28C-08252F4122C0}
13:24:54.0247 0x1f3c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:24:54.0263 0x1f3c Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:24:54.0263 0x1f3c Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:24:54.0294 0x1f3c ============================================================
13:24:54.0294 0x1f3c \Device\Harddisk0\DR0:
13:24:54.0294 0x1f3c MBR partitions:
13:24:54.0294 0x1f3c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1E58BC8D
13:24:54.0294 0x1f3c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E58BCCC, BlocksNum 0x19EB7D7D
13:24:54.0294 0x1f3c \Device\Harddisk1\DR1:
13:24:54.0294 0x1f3c MBR partitions:
13:24:54.0294 0x1f3c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x9CE67800
13:24:54.0294 0x1f3c \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x9CE68000, BlocksNum 0xC7FF800
13:24:54.0294 0x1f3c \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0xA9668000, BlocksNum 0x3F79F800
13:24:54.0294 0x1f3c \Device\Harddisk2\DR2:
13:24:54.0294 0x1f3c MBR partitions:
13:24:54.0294 0x1f3c \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
13:24:54.0294 0x1f3c ============================================================
13:24:54.0372 0x1f3c C: <-> \Device\Harddisk0\DR0\Partition1
13:24:54.0419 0x1f3c E: <-> \Device\Harddisk0\DR0\Partition2
13:24:54.0715 0x1f3c G: <-> \Device\Harddisk2\DR2\Partition1
13:24:54.0731 0x1f3c M: <-> \Device\Harddisk1\DR1\Partition1
13:24:54.0793 0x1f3c I: <-> \Device\Harddisk1\DR1\Partition3
13:24:54.0809 0x1f3c N: <-> \Device\Harddisk1\DR1\Partition2
13:24:54.0825 0x1f3c ============================================================
13:24:54.0825 0x1f3c Initialize success
13:24:54.0825 0x1f3c ============================================================
13:26:44.0181 0x166c ============================================================
13:26:44.0181 0x166c Scan started
13:26:44.0181 0x166c Mode: Manual; SigCheck; TDLFS;
13:26:44.0181 0x166c ============================================================
13:26:44.0181 0x166c KSN ping started
13:26:56.0411 0x166c KSN ping finished: true
13:27:00.0701 0x166c ================ Scan system memory ========================
13:27:00.0701 0x166c System memory - ok
13:27:00.0717 0x166c ================ Scan services =============================
13:27:01.0216 0x166c [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:27:01.0715 0x166c 1394ohci - ok
13:27:01.0778 0x166c [ 0A1E97197609F92D2425B67DA0BB0A7F, 818FD957C6EA1869ED13EA8C0681D2850141E22A68A2D982E4AEEA2736F50555 ] ACEDRV05 C:\Windows\system32\drivers\ACEDRV05.sys
13:27:01.0856 0x166c ACEDRV05 - detected UnsignedFile.Multi.Generic ( 1 )
13:27:02.0823 0x166c Detect skipped due to KSN trusted
13:27:02.0823 0x166c ACEDRV05 - ok
13:27:02.0870 0x166c [ DA06D89CDFDD0D24DE75165CF6D4270B, 39C2B53E7BAF15A5B536E70B834B32D1D0E50617E697DB318816C828825E61C1 ] ACEDRV08 C:\Windows\system32\drivers\ACEDRV08.sys
13:27:02.0979 0x166c ACEDRV08 - ok
13:27:03.0057 0x166c [ 553BA53445795CBC0D4F9FA37EB855A6, 28925A0A8A8953179BE07C1DC2E1D5B99AAE6C2AFE71F41851DDE4B558BE4600 ] acedrv10 C:\Windows\system32\drivers\acedrv10.sys
13:27:03.0135 0x166c acedrv10 - ok
13:27:03.0228 0x166c [ E6F53D6C0DEA3D375362265E175CA638, 6C0C25DF28DB250BE3CD3A672AED26C3383F16E91D6FD3D964D15CD80208A8B6 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
13:27:03.0322 0x166c acedrv11 - ok
13:27:03.0369 0x166c [ 8CE00B6A46962A1808B19CD1DAE5170C, C889B2DA86A5F144386CB7763920C02A58C4E4B4F9CB0FAB8F4185EE3995C436 ] acehlp10 C:\Windows\system32\drivers\acehlp10.sys
13:27:03.0416 0x166c acehlp10 - ok
13:27:03.0494 0x166c [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:27:03.0587 0x166c ACPI - ok
13:27:03.0665 0x166c [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:27:03.0774 0x166c AcpiPmi - ok
13:27:04.0055 0x166c [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:27:04.0133 0x166c AdobeARMservice - ok
13:27:04.0367 0x166c [ CA363F172E1978FD155764F2840B0BE8, CB14E2C94ABB8C8809F4E96472F6D1A9A3A0860217631F592E0F62F043165575 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:27:04.0414 0x166c AdobeFlashPlayerUpdateSvc - ok
13:27:04.0508 0x166c [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:27:04.0601 0x166c adp94xx - ok
13:27:04.0632 0x166c [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:27:04.0695 0x166c adpahci - ok
13:27:04.0742 0x166c [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:27:04.0773 0x166c adpu320 - ok
13:27:04.0820 0x166c [ 39AEAECE9F42407F176FE130D790BFBE, 19010DF87BDC1884268098CC04B4B15ECB710C94054A57157C0F9B7A795BDB28 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:27:04.0913 0x166c AeLookupSvc - ok
13:27:04.0991 0x166c [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD C:\Windows\system32\drivers\afd.sys
13:27:05.0147 0x166c AFD - ok
13:27:05.0194 0x166c [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
13:27:05.0256 0x166c agp440 - ok
13:27:05.0303 0x166c [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
13:27:05.0334 0x166c aic78xx - ok
13:27:05.0397 0x166c [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
13:27:05.0537 0x166c ALG - ok
13:27:05.0568 0x166c [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
13:27:05.0631 0x166c aliide - ok
13:27:05.0662 0x166c [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
13:27:05.0709 0x166c amdagp - ok
13:27:05.0724 0x166c [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
13:27:05.0771 0x166c amdide - ok
13:27:05.0834 0x166c [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:27:05.0943 0x166c AmdK8 - ok
13:27:06.0005 0x166c [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:27:06.0083 0x166c AmdPPM - ok
13:27:06.0130 0x166c [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:27:06.0161 0x166c amdsata - ok
13:27:06.0192 0x166c [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:27:06.0239 0x166c amdsbs - ok
13:27:06.0270 0x166c [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:27:06.0317 0x166c amdxata - ok
13:27:06.0614 0x166c [ 98D7647EF729503A60EF870DA5C21D0D, 7E36E8E3D9D0BD940DC225E1DB7EFD90F76F7BE8DCAD9782255556C31D6FD476 ] AntiVirMailService C:\Program Files\Avira\Antivirus\avmailc7.exe
13:27:06.0723 0x166c AntiVirMailService - ok
13:27:06.0879 0x166c [ 229E752A26B53E155524D6530B95CDD4, B4D3DEA52860143D16A57EBA31CD3394B8B4FEA642EB3A736C8388447AB7E0E9 ] AntiVirSchedulerService C:\Program Files\Avira\Antivirus\sched.exe
13:27:07.0004 0x166c AntiVirSchedulerService - ok
13:27:07.0191 0x166c [ 229E752A26B53E155524D6530B95CDD4, B4D3DEA52860143D16A57EBA31CD3394B8B4FEA642EB3A736C8388447AB7E0E9 ] AntiVirService C:\Program Files\Avira\Antivirus\avguard.exe
13:27:07.0253 0x166c AntiVirService - ok
13:27:07.0409 0x166c [ F2B26CD2305E917B1EA1BF49E0C59E31, 8CCE64C68B80D56C7604DB6ABD187F66C624462328F4886C607F0A46D8E9DE92 ] AntiVirWebService C:\Program Files\Avira\Antivirus\avwebg7.exe
13:27:07.0518 0x166c AntiVirWebService - ok
13:27:07.0612 0x166c [ 873F0162D10893E3DF34FA2AC604E6EA, 79655CDB125DBA14DDA01E45A2F8E185788081A3DF8D9E7A6A167C9F0D5C3F62 ] AppID C:\Windows\system32\drivers\appid.sys
13:27:07.0815 0x166c AppID - ok
13:27:07.0893 0x166c [ E10F22695EAC1689DED6A9A45D6C352A, 15B10D2E4AB88DE729905E9E4DD24E812163AD45806713E3883E701723D44E3A ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:27:07.0955 0x166c AppIDSvc - ok
13:27:08.0033 0x166c [ 5EDA6BA186D1B05D5EF4E96F81F3F3EF, B815998ED90E4AC8F4394992082E1F05076CA07C868A15E616C291DCAAF8A000 ] Appinfo C:\Windows\System32\appinfo.dll
13:27:08.0127 0x166c Appinfo - ok
13:27:08.0174 0x166c [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
13:27:08.0220 0x166c arc - ok
13:27:08.0236 0x166c [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:27:08.0283 0x166c arcsas - ok
13:27:08.0564 0x166c [ C5BBC8487D89FC1C5D819BB1344F2845, 2265560C9D1DD544C17808F4F2D625B926014EFD5DFE2770BFACF89AB26B54AF ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
13:27:08.0735 0x166c aspnet_state - ok
13:27:08.0782 0x166c [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:27:08.0876 0x166c AsyncMac - ok
13:27:08.0922 0x166c [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
13:27:08.0969 0x166c atapi - ok
13:27:09.0344 0x166c [ 712D8A95E45B070114C5309ADA7358FF, 1F0285CFB9982637186531489743798511BA75B612B202231E9BC1CF5372C0BB ] atikmdag C:\Windows\system32\drivers\atikmdag.sys
13:27:09.0656 0x166c atikmdag - ok
13:27:09.0734 0x166c [ 4AA1EB65481C392955939E735D27118B, 167F91B0F48C13FA4B976EAB2DC0B29C31A2A98E276B2BF80323E051D54934CB ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
13:27:09.0827 0x166c AtiPcie - ok
13:27:09.0936 0x166c [ 3C4B9850A2631C2263507400D029057B, A3DFF043B92C2F8C533BA609FB9FB20CF132E9D516449877CC2EDD75F1D6BC5C ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
13:27:09.0999 0x166c atksgt - ok
13:27:10.0108 0x166c [ 4F1E405154D2E68E6ACC3FE07DE02E93, 83FAB4E92B87E8C46BF39DD7556D2F7DCE0AD1E4C9C09ED12C428B82FAD03BDE ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:27:10.0311 0x166c AudioEndpointBuilder - ok
13:27:10.0342 0x166c [ 4F1E405154D2E68E6ACC3FE07DE02E93, 83FAB4E92B87E8C46BF39DD7556D2F7DCE0AD1E4C9C09ED12C428B82FAD03BDE ] Audiosrv C:\Windows\System32\Audiosrv.dll
13:27:10.0389 0x166c Audiosrv - ok
13:27:10.0482 0x166c [ AC848E99627AE02493D57A3117756610, 1609DE8F58C028DC40086C424CBCA78D1B3BD6D8204065C687259A12391A19A4 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
13:27:10.0545 0x166c avgntflt - ok
13:27:10.0670 0x166c [ ED91715AAE2BBBF539519CC75AC1872A, 0DA7D30E57DB19127546B612733870E0A8CE4E6B72228C56A86D7710B6F66479 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
13:27:10.0701 0x166c avipbb - ok
13:27:10.0872 0x166c [ 2AEE4D1D7E668F1CCF97EDE93509B0EE, B082B3BBB27D3C8B26A754508C3B98BA803FEA707898FF18A120D6A2679098DF ] Avira.ServiceHost C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
13:27:10.0935 0x166c Avira.ServiceHost - ok
13:27:11.0153 0x166c [ C47395674E62626DDDC0E7C0E5D73F71, 4DBAC4E7E116D645F4BC030C3FA2A5076989425EE9AD4CE57D9093CDD46CA5C0 ] AviraPhantomVPN C:\Program Files\Avira\VPN\Avira.VpnService.exe
13:27:11.0216 0x166c AviraPhantomVPN - ok
13:27:11.0247 0x166c [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
13:27:11.0325 0x166c avkmgr - ok
13:27:11.0356 0x166c [ 9A7AE0B9D18749A79B3E523A97CA104A, 3678C5EB8A649D22E9B4E2A912C2A957D39312FB72675CB4C4E3790DBF7D0355 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
13:27:11.0403 0x166c avnetflt - ok
13:27:11.0450 0x166c [ 0CA918E542B7F627A0F114EF8703C8EC, EF90321CFC2ACCB171A174EDBB6C27E3F16B139E3D87D4043279BB7416614D4E ] avusbflt C:\Windows\system32\Drivers\avusbflt.sys
13:27:11.0496 0x166c avusbflt - ok
13:27:11.0590 0x166c [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:27:11.0730 0x166c AxInstSV - ok
13:27:11.0808 0x166c [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
13:27:11.0949 0x166c b06bdrv - ok
13:27:12.0027 0x166c [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
13:27:12.0089 0x166c b57nd60x - ok
13:27:12.0152 0x166c [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
13:27:12.0339 0x166c BDESVC - ok
13:27:12.0370 0x166c [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
13:27:12.0432 0x166c Beep - ok
13:27:12.0557 0x166c [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
13:27:12.0682 0x166c BFE - ok
13:27:12.0838 0x166c [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
13:27:13.0056 0x166c BITS - ok
13:27:13.0088 0x166c [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:27:13.0134 0x166c blbdrive - ok
13:27:13.0197 0x166c [ 28AF7D4427868B7CE4C00CAB1864C7F6, AAE5303878AF0F7AA18069A8FCD99639EBC34622B456AF86C5E4F27858196E06 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:27:13.0259 0x166c bowser - ok
13:27:13.0322 0x166c [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:27:13.0400 0x166c BrFiltLo - ok
13:27:13.0431 0x166c [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:27:13.0493 0x166c BrFiltUp - ok
13:27:13.0571 0x166c [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
13:27:13.0634 0x166c Browser - ok
13:27:13.0696 0x166c [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:27:13.0836 0x166c Brserid - ok
13:27:13.0868 0x166c [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:27:13.0930 0x166c BrSerWdm - ok
13:27:13.0961 0x166c [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:27:14.0039 0x166c BrUsbMdm - ok
13:27:14.0070 0x166c [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:27:14.0133 0x166c BrUsbSer - ok
13:27:14.0164 0x166c [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:27:14.0211 0x166c BTHMODEM - ok
13:27:14.0304 0x166c [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
13:27:14.0398 0x166c bthserv - ok
13:27:14.0429 0x166c [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:27:14.0507 0x166c cdfs - ok
13:27:14.0570 0x166c [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:27:14.0648 0x166c cdrom - ok
13:27:14.0726 0x166c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
13:27:14.0804 0x166c CertPropSvc - ok
13:27:15.0038 0x166c [ 213B6EC3DE19E35373A1906397588429, C72B74D4840946DC6952B9F6C4A568DA702DD2D6E211AA5BB7F82EF481F449C6 ] CGVPNCliSrvc C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe
13:27:15.0209 0x166c CGVPNCliSrvc - ok
13:27:15.0272 0x166c [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:27:15.0365 0x166c circlass - ok
13:27:15.0428 0x166c [ 1136E4A71849BCFCB057140AD03AAEE6, 9A9615F33E475039382E452052040C21EFA9C6669FB4E95D466C014FCAEF4D74 ] CLFS C:\Windows\system32\CLFS.sys
13:27:15.0490 0x166c CLFS - ok
13:27:15.0630 0x166c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:27:15.0677 0x166c clr_optimization_v2.0.50727_32 - ok
13:27:15.0724 0x166c [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:27:15.0896 0x166c clr_optimization_v4.0.30319_32 - ok
13:27:15.0942 0x166c [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:27:16.0005 0x166c CmBatt - ok
13:27:16.0036 0x166c [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:27:16.0067 0x166c cmdide - ok
13:27:16.0130 0x166c [ 7F7D4B16389CEF932950F6B2604D2601, E7C32734DAA75A00866A0F961C945BF7CC7A29D3A9806041D0046BC9FD3ACC5A ] CNG C:\Windows\system32\Drivers\cng.sys
13:27:16.0192 0x166c CNG - ok
13:27:16.0223 0x166c [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:27:16.0254 0x166c Compbatt - ok
13:27:16.0317 0x166c [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:27:16.0395 0x166c CompositeBus - ok
13:27:16.0442 0x166c COMSysApp - ok
13:27:16.0457 0x166c [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:27:16.0488 0x166c crcdisk - ok
13:27:16.0551 0x166c [ 348B3A4DD922F590EB39DB231F7AEE4D, 62341BBB263E8E72436FE008E2645692712C2143964D67CE38D58F47F5DEA8B1 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:27:16.0598 0x166c CryptSvc - ok
13:27:16.0722 0x166c [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:27:16.0832 0x166c DcomLaunch - ok
13:27:16.0878 0x166c [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
13:27:16.0956 0x166c defragsvc - ok
13:27:17.0003 0x166c [ EA9DBD76CE9254C77BAAB4339DD4C4FB, ECEE6EB8CFE1BD20BC7B6ED29A1624DDC3E22A37A56BA43B9B14E37D4003B72D ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:27:17.0097 0x166c DfsC - ok
13:27:17.0175 0x166c [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
13:27:17.0284 0x166c Dhcp - ok
13:27:17.0424 0x166c [ 58F9BFBAE3C25D1A349DF0C6ECE8F9DF, FF1CFC9B323BCE2CFC06F9B2A98A29396832134FD61A570C1971A7240899E526 ] DiagTrack C:\Windows\system32\diagtrack.dll
13:27:17.0596 0x166c DiagTrack - ok
13:27:17.0643 0x166c [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
13:27:17.0721 0x166c discache - ok
13:27:17.0799 0x166c [ B7B470F163002A0D0E381EE45834BF6B, 5B5E204341A6B1689C3F8717C41782B1A077A026F8B19DA3DE08CA44AB1D95B2 ] Disk C:\Windows\system32\drivers\disk.sys
13:27:17.0846 0x166c Disk - ok
13:27:17.0892 0x166c [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:27:18.0017 0x166c Dnscache - ok
13:27:18.0095 0x166c [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
13:27:18.0189 0x166c dot3svc - ok
13:27:18.0314 0x166c [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
13:27:18.0407 0x166c DPS - ok
13:27:18.0470 0x166c [ A3F684B866A7D89AE396276CE7AFD416, 1E4C034B7B106FA403B13842A199D88A33B492A577B58CDDAE0B4706266B9565 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:27:18.0548 0x166c drmkaud - ok
13:27:18.0594 0x166c [ 1FC1EED3EA0C3A0ECF8A95B97E1B4831, 162CA60AFEEB45C45BA986D21660F23CF2432645993D4FAB8C8AE27CE40DA9AF ] dvd43llh C:\Windows\system32\DRIVERS\dvd43llh.sys
13:27:18.0626 0x166c dvd43llh - detected UnsignedFile.Multi.Generic ( 1 )
13:27:19.0577 0x166c Detect skipped due to KSN trusted
13:27:19.0577 0x166c dvd43llh - ok
13:27:19.0733 0x166c [ 4B21D102E49E9D44C478D6766A7FCBE5, 7CEEBCF81EE23876F039ED1222020D6F45FE6B3A5CE3BB93DDA3B8BBEAA15E47 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:27:19.0858 0x166c DXGKrnl - ok
13:27:19.0920 0x166c [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
13:27:20.0014 0x166c EapHost - ok
13:27:20.0326 0x166c [ 560EDC0912BDB68290930E2542823A24, CB9578A19F717FBD388F2BE8179CF2D4755DF11AD246E13AF1D43E25CA026386 ] eapihdrv C:\Users\Kornelia\AppData\Local\Temp\ehdrv.sys
13:27:20.0732 0x166c eapihdrv - ok
13:27:21.0075 0x166c [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
13:27:21.0324 0x166c ebdrv - ok
13:27:21.0371 0x166c [ 4E568DBE3FFF1A0025EB432DC929B78F, 26F36CA31A1B977685F8DF5F8436848B7D4143B47EC0DAE68F8382C1B52A6C71 ] EFS C:\Windows\System32\lsass.exe
13:27:21.0465 0x166c EFS - ok
13:27:21.0605 0x166c [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:27:21.0761 0x166c ehRecvr - ok
13:27:21.0808 0x166c [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
13:27:21.0902 0x166c ehSched - ok
13:27:22.0058 0x166c [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:27:22.0151 0x166c elxstor - ok
13:27:22.0182 0x166c [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:27:22.0292 0x166c ErrDev - ok
13:27:22.0370 0x166c [ 47DF8A068BA5666A14848C242BF5002B, 7D48FBDB497B07414397008FD5D4021AC8F39131E097EF12B94974409461F65C ] ESProtectionDriver C:\Windows\system32\drivers\mbae.sys
13:27:22.0417 0x166c ESProtectionDriver - ok
13:27:22.0526 0x166c [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
13:27:22.0619 0x166c EventSystem - ok
13:27:22.0651 0x166c [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
13:27:22.0729 0x166c exfat - ok
13:27:22.0760 0x166c [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:27:22.0838 0x166c fastfat - ok
13:27:22.0931 0x166c [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
13:27:23.0072 0x166c Fax - ok
13:27:23.0134 0x166c [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:27:23.0212 0x166c fdc - ok
13:27:23.0243 0x166c [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
13:27:23.0337 0x166c fdPHost - ok
13:27:23.0368 0x166c [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
13:27:23.0431 0x166c FDResPub - ok
13:27:23.0462 0x166c [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:27:23.0509 0x166c FileInfo - ok
13:27:23.0540 0x166c [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:27:23.0618 0x166c Filetrace - ok
13:27:23.0649 0x166c [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:27:23.0711 0x166c flpydisk - ok
13:27:23.0774 0x166c [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:27:23.0867 0x166c FltMgr - ok
13:27:24.0008 0x166c [ DF15E8426D02C15422EBFF28BA83F03A, 51BEB315B0E5114906684FB3F460FA7BEA326C1B589C5C35D29795A7C13AB4FB ] FontCache C:\Windows\system32\FntCache.dll
13:27:24.0179 0x166c FontCache - ok
13:27:24.0304 0x166c [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:27:24.0382 0x166c FontCache3.0.0.0 - ok
13:27:24.0413 0x166c [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:27:24.0445 0x166c FsDepends - ok
13:27:24.0507 0x166c [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:27:24.0554 0x166c Fs_Rec - ok
13:27:24.0694 0x166c [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:27:24.0772 0x166c fvevol - ok
13:27:24.0819 0x166c [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:27:24.0850 0x166c gagp30kx - ok
13:27:24.0897 0x166c [ 5DC17164F66380CBFEFD895C18467773, E1174E0F95E9F343528162EFF5D4BA60C68477353FC6BDA61C19134687F50906 ] GearAspiWDM C:\Windows\system32\drivers\GEARAspiWDM.sys
13:27:24.0959 0x166c GearAspiWDM - ok
13:27:24.0991 0x166c [ 93CA4D9A0433BE0EDD0B9F2F26D5E54C, ACD6BBB639CAF092809927F84F5693B7BA11080684A4993029D713ACF67D4C79 ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
13:27:25.0037 0x166c ggflt - ok
13:27:25.0115 0x166c [ 17E678AAB82CCDFB80E7614504933895, 43935C8C5C30DA415957B789DC9FA10721C240C603DC8733D9B791A2F58BE1BD ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
13:27:25.0178 0x166c ggsemc - ok
13:27:25.0349 0x166c [ 8DA745095F6B73BB5B8266BF773DA1FA, 3EA614A9B8D4F61704A8754B014C8F6AC60551435BC4D9F2E761955905DA89F3 ] gpsvc C:\Windows\System32\gpsvc.dll
13:27:25.0537 0x166c gpsvc - ok
13:27:25.0802 0x166c [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate1cacc58a1955820 C:\Program Files\Google\Update\GoogleUpdate.exe
13:27:25.0864 0x166c gupdate1cacc58a1955820 - ok
13:27:25.0864 0x166c [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:27:25.0911 0x166c gupdatem - ok
13:27:26.0036 0x166c [ 8C518456A971B2C89D184DF8AD0018C9, 3142AD3BD6C9FC3D2A9465A688A6BD19E1B74F7BC1B9C5D8560C0974154C509F ] HCW713x C:\Windows\system32\DRIVERS\HCW713x.sys
13:27:26.0161 0x166c HCW713x - ok
13:27:26.0192 0x166c [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:27:26.0301 0x166c hcw85cir - ok
13:27:26.0363 0x166c [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:27:26.0441 0x166c HdAudAddService - ok
13:27:26.0535 0x166c [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:27:26.0613 0x166c HDAudBus - ok
13:27:26.0660 0x166c [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:27:26.0738 0x166c HidBatt - ok
13:27:26.0769 0x166c [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:27:26.0831 0x166c HidBth - ok
13:27:26.0863 0x166c [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:27:26.0925 0x166c HidIr - ok
13:27:26.0972 0x166c [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
13:27:27.0034 0x166c hidserv - ok
13:27:27.0128 0x166c [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
13:27:27.0284 0x166c HidUsb - ok
13:27:27.0331 0x166c [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
13:27:27.0471 0x166c hkmsvc - ok
13:27:27.0533 0x166c [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:27:27.0689 0x166c HomeGroupListener - ok
13:27:27.0767 0x166c [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:27:27.0861 0x166c HomeGroupProvider - ok
13:27:27.0908 0x166c [ C9E1A4DB0BC9BC82AD7C2F5310EEB90C, 4D8EA4923F40BDD9C93823FBAFFA3A56CB4E212D9A00073E16203E584F61B6D6 ] hotcore3 C:\Windows\system32\drivers\hotcore3.sys
13:27:27.0955 0x166c hotcore3 - ok
13:27:28.0017 0x166c [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:27:28.0064 0x166c HpSAMD - ok
13:27:28.0267 0x166c [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:27:28.0438 0x166c HTTP - ok
13:27:28.0469 0x166c [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:27:28.0532 0x166c hwpolicy - ok
13:27:28.0657 0x166c [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:27:28.0797 0x166c i8042prt - ok
13:27:28.0859 0x166c [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:27:28.0922 0x166c iaStorV - ok
13:27:29.0031 0x166c [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:27:29.0109 0x166c idsvc - ok
13:27:29.0171 0x166c IEEtwCollectorService - ok
13:27:29.0234 0x166c [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:27:29.0296 0x166c iirsp - ok
13:27:29.0515 0x166c [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
13:27:29.0608 0x166c IKEEXT - ok
13:27:29.0967 0x166c [ 34B8B4A442046E3D5FDD0B17926CF3F1, 28FCE9A09D8016D56EBC04192FD01FD9CD212E5AB7D91BB74823C5B777325578 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
13:27:30.0092 0x166c IntcAzAudAddService - ok
13:27:30.0154 0x166c [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
13:27:30.0201 0x166c intelide - ok
13:27:30.0232 0x166c [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:27:30.0295 0x166c intelppm - ok
13:27:30.0341 0x166c [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:27:30.0451 0x166c IPBusEnum - ok
13:27:30.0482 0x166c [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:27:30.0575 0x166c IpFilterDriver - ok
13:27:30.0700 0x166c [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:27:30.0841 0x166c iphlpsvc - ok
13:27:30.0887 0x166c [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:27:30.0934 0x166c IPMIDRV - ok
13:27:30.0965 0x166c [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:27:31.0075 0x166c IPNAT - ok
13:27:31.0106 0x166c [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:27:31.0215 0x166c IRENUM - ok
13:27:31.0246 0x166c [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:27:31.0293 0x166c isapnp - ok
13:27:31.0324 0x166c [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:27:31.0371 0x166c iScsiPrt - ok
13:27:31.0402 0x166c [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:27:31.0449 0x166c kbdclass - ok
13:27:31.0511 0x166c [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:27:31.0574 0x166c kbdhid - ok
13:27:31.0605 0x166c [ 4E568DBE3FFF1A0025EB432DC929B78F, 26F36CA31A1B977685F8DF5F8436848B7D4143B47EC0DAE68F8382C1B52A6C71 ] KeyIso C:\Windows\system32\lsass.exe
13:27:31.0667 0x166c KeyIso - ok
13:27:31.0714 0x166c [ EF7A3616C7902A232FEDAAB886AA07C2, B739EA5840E09E32AEF23A414F1E74B33785189BC0F43E156F6321CC0FA5BC35 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:27:31.0761 0x166c KSecDD - ok
13:27:31.0792 0x166c [ 78EF4037997534DD08545416EF4438E2, ABB739F1BA59A1D88F94C0F6569E92DBCFA73109A4AD7678C2CAB14AEEDEDDCD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:27:31.0839 0x166c KSecPkg - ok
13:27:31.0901 0x166c [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
13:27:32.0042 0x166c KtmRm - ok
13:27:32.0104 0x166c [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:27:32.0182 0x166c LanmanServer - ok
13:27:32.0260 0x166c [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:27:32.0338 0x166c LanmanWorkstation - ok
13:27:32.0494 0x166c [ FAAB52B7766409D702B99FE5553DC34F, 6856F3ACAD0A232C66DFB56237E05D7B8D51BE8B62C083C99607B33179BE5F8B ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
13:27:32.0525 0x166c LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
13:27:33.0430 0x166c Detect skipped due to KSN trusted
13:27:33.0430 0x166c LightScribeService - ok
13:27:33.0477 0x166c [ 4127E8B6DDB4090E815C1F8852C277D3, A5BC1F65FA6D8952CDDA08320ADDF0E4394E10AE4780017C8C86AC5E68DF83F8 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
13:27:33.0508 0x166c lirsgt - ok
13:27:33.0555 0x166c [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:27:33.0617 0x166c lltdio - ok
13:27:33.0664 0x166c [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:27:33.0742 0x166c lltdsvc - ok
13:27:33.0758 0x166c [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:27:33.0836 0x166c lmhosts - ok
13:27:33.0867 0x166c [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:27:33.0929 0x166c LSI_FC - ok
13:27:33.0961 0x166c [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:27:34.0007 0x166c LSI_SAS - ok
13:27:34.0039 0x166c [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:27:34.0085 0x166c LSI_SAS2 - ok
13:27:34.0132 0x166c [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:27:34.0179 0x166c LSI_SCSI - ok
13:27:34.0210 0x166c [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
13:27:34.0273 0x166c luafv - ok
13:27:34.0351 0x166c [ 1A7DB7A00A4B0D8DA24CD691A4547291, 604E29E827841EA06313172D9063FD946CE592BF844CEA8D10173CAA397704F8 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2Mon.sys
13:27:34.0444 0x166c LVPr2Mon - ok
13:27:34.0585 0x166c [ 0DDFDCAA92C7F553328DB06BA599BEA9, DB779E38B1CF1CAD69193857043F8ED8BBEB603E97363CD798F6699431D94A41 ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
13:27:34.0631 0x166c LVPrcSrv - ok
13:27:34.0756 0x166c [ B895839B8743E400D7C7DAE156F74E7E, 52E13C6260F7E6718C782DF0B43D838FB4939B314695A7A9CB2012D8B224066B ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
13:27:34.0834 0x166c LVRS - ok
13:27:34.0897 0x166c [ 23F8EF78BB9553E465A476F3CEE5CA18, 22E19B9F16EC555CCA091841711C8D1938F7EBCD8C6AC82E77375AE5EA96610C ] LVUSBSta C:\Windows\system32\drivers\LVUSBSta.sys
13:27:34.0943 0x166c LVUSBSta - ok
13:27:35.0068 0x166c [ EBEE7C1D4A0DBCCE5449252F2F2DDCB4, A039190A4EF3C94781F1EE573D8D0BC447B6362F601B4B0CD6545E97C35C6860 ] MBAMChameleon C:\Windows\system32\drivers\MBAMChameleon.sys
13:27:35.0162 0x166c MBAMChameleon - ok
13:27:35.0240 0x166c [ 1243CF7FC8E0E019CBC0FD5397F703BD, 6711DF4951AD1677B95E19D2BC4D2C1B4514BA4FD62A46E134268983336EAFCC ] MBAMFarflt C:\Windows\system32\drivers\farflt.sys
13:27:35.0318 0x166c MBAMFarflt - ok
13:27:35.0380 0x166c [ D9351F554ED0784764DB0564186906AE, C7DC59A8D528A9A2FCF592D20C20B40D4315B1C09E82A4C1D0B5C6807E8E7338 ] MBAMProtection C:\Windows\system32\drivers\mbam.sys
13:27:35.0458 0x166c MBAMProtection - ok
13:27:36.0207 0x166c [ ADED0E73F165B8353690F8055A51154D, BEED269D09723FE13A27A494E5CA9A0555142AE7647C97EB3E2C7AA111633A20 ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
13:27:36.0379 0x166c MBAMService - ok
13:27:36.0425 0x166c [ 6FE70B9DCAD66449119E733C276F83E8, C1C030D975527A4EF38E6E376153C8FCF1C4B1398217A045062D187DF5D8097A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
13:27:36.0472 0x166c MBAMSwissArmy - ok
13:27:36.0535 0x166c [ 47EDF3E9AF296D7836A50179AC0F3749, F15D463E9D2B567963E6AEDF1F26440D9A02680F3322BD5D3CA2605EDFFEFA09 ] MBAMWebProtection C:\Windows\system32\drivers\mwac.sys
13:27:36.0566 0x166c MBAMWebProtection - ok
13:27:36.0597 0x166c [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:27:36.0737 0x166c Mcx2Svc - ok
13:27:36.0784 0x166c [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:27:36.0815 0x166c megasas - ok
13:27:36.0847 0x166c [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:27:36.0909 0x166c MegaSR - ok
13:27:37.0096 0x166c [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
13:27:37.0143 0x166c Microsoft Office Groove Audit Service - ok
13:27:37.0190 0x166c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
13:27:37.0268 0x166c MMCSS - ok
13:27:37.0283 0x166c [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
13:27:37.0361 0x166c Modem - ok
13:27:37.0393 0x166c [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:27:37.0486 0x166c monitor - ok
13:27:37.0533 0x166c [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:27:37.0564 0x166c mouclass - ok
13:27:37.0595 0x166c [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:27:37.0673 0x166c mouhid - ok
13:27:37.0720 0x166c [ D1BDF813C9FE5ED53134EDF360927735, 0FC422513A9C98C32A90C7C5B2635DA6104C6425A2E2A8746B110A07AFB1B539 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:27:37.0783 0x166c mountmgr - ok
13:27:37.0954 0x166c [ ADF79A49E942C91D1FC9863CBFDD6B58, C2B2A792C4717133DCAE6297EE3F5D985B11D3C1E68A8DC23985AC6B78ACDE98 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:27:38.0032 0x166c MozillaMaintenance - ok
13:27:38.0079 0x166c [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
13:27:38.0126 0x166c mpio - ok
13:27:38.0173 0x166c [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:27:38.0266 0x166c mpsdrv - ok
13:27:38.0375 0x166c [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:27:38.0453 0x166c MpsSvc - ok
13:27:38.0516 0x166c [ 06AC0310138E4B2C35AF7344D18BC686, FCDB6CC851EC47F92FFF764717A44FF5D5D0E179C215B3C6E77FB9BEA4DE1908 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:27:38.0656 0x166c MRxDAV - ok
13:27:38.0703 0x166c [ 6284D46BAA301BEDB9AB7FA7672B2410, F998D17FEE497491CC3CF4711FB37E507D1A5B2E9B2E4D6001152EDB968A2D98 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:27:38.0765 0x166c mrxsmb - ok
13:27:38.0828 0x166c [ 78AD95493F015FA9941869A009C00286, EC075C44FE78249CA58B338EBC3905A020762571A27DBEDF32A41B2A84FDEAFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:27:38.0906 0x166c mrxsmb10 - ok
13:27:38.0968 0x166c [ D7C3ED1FD46FAC7083473D9B1718255E, BC4BFFDB4B044205A4A658701B7F0E9680C139A6A0141E333BE6D590F99D9D65 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:27:39.0031 0x166c mrxsmb20 - ok
13:27:39.0077 0x166c [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
13:27:39.0109 0x166c msahci - ok
13:27:39.0171 0x166c [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:27:39.0202 0x166c msdsm - ok
13:27:39.0249 0x166c [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
13:27:39.0327 0x166c MSDTC - ok
13:27:39.0374 0x166c [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:27:39.0467 0x166c Msfs - ok
13:27:39.0483 0x166c [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:27:39.0561 0x166c mshidkmdf - ok
13:27:39.0592 0x166c [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:27:39.0639 0x166c msisadrv - ok
13:27:39.0717 0x166c [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:27:39.0795 0x166c MSiSCSI - ok
13:27:39.0811 0x166c msiserver - ok
13:27:39.0842 0x166c [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:27:39.0920 0x166c MSKSSRV - ok
13:27:39.0951 0x166c [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:27:40.0029 0x166c MSPCLOCK - ok
13:27:40.0045 0x166c [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:27:40.0138 0x166c MSPQM - ok
13:27:40.0185 0x166c [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:27:40.0247 0x166c MsRPC - ok
13:27:40.0263 0x166c [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:27:40.0325 0x166c mssmbios - ok
13:27:40.0341 0x166c [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:27:40.0403 0x166c MSTEE - ok
13:27:40.0435 0x166c [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:27:40.0466 0x166c MTConfig - ok
13:27:40.0513 0x166c [ DCDAAB8697A47894A554050CE18D0B56, 32F08D9B2890DD01B56043CAB74B4D948E09E5A92B15C4F99160416B1CBEC3A0 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
13:27:40.0591 0x166c MTsensor - ok
13:27:40.0591 0x166c [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
13:27:40.0653 0x166c Mup - ok
13:27:40.0809 0x166c [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
13:27:40.0918 0x166c napagent - ok
13:27:41.0027 0x166c [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:27:41.0105 0x166c NativeWifiP - ok
13:27:41.0277 0x166c [ 6D8FCDD5BB3B676EF58FA234073492C6, 07A69DD00E45C59CBB6FABFBD62FE897655970BE2D09997CF29D20241ED9AF13 ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
13:27:41.0355 0x166c NBService - ok
13:27:41.0464 0x166c [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:27:41.0542 0x166c NDIS - ok
13:27:41.0573 0x166c [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:27:41.0667 0x166c NdisCap - ok
13:27:41.0761 0x166c [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:27:41.0839 0x166c NdisTapi - ok
13:27:41.0901 0x166c [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:27:42.0057 0x166c Ndisuio - ok
13:27:42.0119 0x166c [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:27:42.0197 0x166c NdisWan - ok
13:27:42.0229 0x166c [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:27:42.0338 0x166c NDProxy - ok
13:27:42.0385 0x166c [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:27:42.0463 0x166c NetBIOS - ok
13:27:42.0525 0x166c [ A00996C9BFEF29A93B9F21DBE1DC502D, A97982CBBC2E240B0CD884ED3ED5D11B207DA8E7BEF73DCEA44E16E1CD84222F ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:27:42.0697 0x166c NetBT - ok
13:27:42.0728 0x166c [ 4E568DBE3FFF1A0025EB432DC929B78F, 26F36CA31A1B977685F8DF5F8436848B7D4143B47EC0DAE68F8382C1B52A6C71 ] Netlogon C:\Windows\system32\lsass.exe
13:27:42.0790 0x166c Netlogon - ok
13:27:42.0868 0x166c [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
13:27:42.0962 0x166c Netman - ok
13:27:43.0165 0x166c [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:27:43.0258 0x166c NetMsmqActivator - ok
13:27:43.0321 0x166c [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:27:43.0367 0x166c NetPipeActivator - ok
13:27:43.0414 0x166c [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
13:27:43.0508 0x166c netprofm - ok
13:27:43.0523 0x166c [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:27:43.0601 0x166c NetTcpActivator - ok
13:27:43.0633 0x166c [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:27:43.0711 0x166c NetTcpPortSharing - ok
13:27:43.0789 0x166c [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:27:43.0835 0x166c nfrd960 - ok
13:27:43.0960 0x166c [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:27:44.0101 0x166c NlaSvc - ok
13:27:44.0257 0x166c [ 060DAF68493AD7ADF104413E5A62AFA8, DE88D31EE3628FB8BCD9F3314395F295151EEA5DA8E1839652119DB08B7AE9E8 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
13:27:44.0381 0x166c NMIndexingService - ok
13:27:44.0397 0x166c [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:27:44.0506 0x166c Npfs - ok
13:27:44.0537 0x166c [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
13:27:44.0615 0x166c nsi - ok
13:27:44.0647 0x166c [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:27:44.0725 0x166c nsiproxy - ok
13:27:44.0849 0x166c [ 978E7A2E4BF4E8E70D0776EF0D9E97FB, B6C82BB9B3025FD2D37B6AB6FA9C2944F8B3020CD4588BE464CE73A992B7FF00 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:27:44.0959 0x166c Ntfs - ok
13:27:44.0990 0x166c [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
13:27:45.0130 0x166c Null - ok
13:27:45.0193 0x166c [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:27:45.0239 0x166c nvraid - ok
13:27:45.0302 0x166c [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:27:45.0364 0x166c nvstor - ok
13:27:45.0427 0x166c [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:27:45.0473 0x166c nv_agp - ok
13:27:45.0598 0x166c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:27:45.0661 0x166c odserv - ok
13:27:45.0739 0x166c [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:27:45.0785 0x166c ohci1394 - ok
13:27:45.0848 0x166c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:27:45.0895 0x166c ose - ok
13:27:45.0988 0x166c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:27:46.0129 0x166c p2pimsvc - ok
13:27:46.0269 0x166c [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
13:27:46.0347 0x166c p2psvc - ok
13:27:46.0394 0x166c [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:27:46.0472 0x166c Parport - ok
13:27:46.0534 0x166c [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:27:46.0581 0x166c partmgr - ok
13:27:46.0612 0x166c [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
13:27:46.0659 0x166c Parvdm - ok
13:27:46.0753 0x166c [ 84752B402BF64CCDDF11816FEDF12DB4, 184DDFCEEE8C5B492415270FC640B8D584B3D79E7BADCE4DE7CDD74CC8C60130 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:27:46.0846 0x166c PcaSvc - ok
13:27:46.0909 0x166c [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
13:27:47.0002 0x166c pci - ok
13:27:47.0049 0x166c [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
13:27:47.0096 0x166c pciide - ok
13:27:47.0111 0x166c [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:27:47.0158 0x166c pcmcia - ok
13:27:47.0174 0x166c [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
13:27:47.0221 0x166c pcw - ok
13:27:47.0299 0x166c [ 0C941A3F148B4228867908F98F394461, 6D5F575F2E796C5EA8F9F3F96F9ACD935E274210A105C9365102B448E9AE2031 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:27:47.0408 0x166c PEAUTH - ok
13:27:47.0470 0x166c [ A05F0D7419CF4680EEDD5736E6549E7B, D8B32DE00A317593D61016E4823370B073618F9760A785FF7DA0F26DD5E4FCAB ] pepifilter C:\Windows\system32\DRIVERS\lv302af.sys
13:27:47.0548 0x166c pepifilter - ok
13:27:47.0860 0x166c [ 8B7AEC0ABA77DE5D2FEAC1824C15A3FA, 1185ED98FD157B5C4C858FFEB273F5782CDEAD9B2A571E3969706B2084F4AD6B ] Ph3xIB32 C:\Windows\system32\DRIVERS\Ph3xIB32.sys
13:27:47.0985 0x166c Ph3xIB32 - ok
13:27:48.0391 0x166c [ DD184D9ADFE2A8A21741DBDFE9E22F5C, 0C22966973246248FD15A6C192AA1B731D018B4FDF1BD97FE9AA67A746C9440C ] PID_PEPI C:\Windows\system32\DRIVERS\LV302V32.SYS
13:27:48.0562 0x166c PID_PEPI - ok
13:27:48.0890 0x166c [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
13:27:49.0046 0x166c pla - ok
13:27:49.0217 0x166c [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:27:49.0327 0x166c PlugPlay - ok
13:27:49.0373 0x166c [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:27:49.0467 0x166c PNRPAutoReg - ok
13:27:49.0529 0x166c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:27:49.0592 0x166c PNRPsvc - ok
13:27:49.0701 0x166c [ A2FEA7E16D8D056D2FF1EE93F9C73FB1, 6BC8C1B37274B50573F3DAC043DBD9B29B93F527290392842CD94910014D0C74 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:27:49.0841 0x166c PolicyAgent - ok
13:27:49.0888 0x166c [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
13:27:49.0966 0x166c Power - ok
13:27:50.0044 0x166c [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:27:50.0138 0x166c PptpMiniport - ok
13:27:50.0185 0x166c [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:27:50.0309 0x166c Processor - ok
13:27:50.0387 0x166c [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
13:27:50.0497 0x166c ProfSvc - ok
13:27:50.0528 0x166c [ 4E568DBE3FFF1A0025EB432DC929B78F, 26F36CA31A1B977685F8DF5F8436848B7D4143B47EC0DAE68F8382C1B52A6C71 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:27:50.0590 0x166c ProtectedStorage - ok
13:27:50.0653 0x166c [ 64E413BA0C529AA40C3924BBCC4153DB, 9E0EB02078EE250AC618D4A4537D54BACDD7E2B67349162CA61F35EAF91601EE ] ProtexisLicensing C:\Windows\system32\PSIService.exe
13:27:50.0715 0x166c ProtexisLicensing - detected UnsignedFile.Multi.Generic ( 1 )
13:27:51.0573 0x166c Detect skipped due to KSN trusted
13:27:51.0573 0x166c ProtexisLicensing - ok
13:27:51.0651 0x166c [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:27:51.0776 0x166c Psched - ok
13:27:51.0807 0x166c [ E70BF61FF293370B58909FC9727C8187, 75A9087D08A9D986F36B272D920FC11FBF73F888F939AB6D9A7CD0EB3D51DA62 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
13:27:51.0823 0x166c PxHelp20 - detected UnsignedFile.Multi.Generic ( 1 )
13:27:52.0587 0x166c Detect skipped due to KSN trusted
13:27:52.0587 0x166c PxHelp20 - ok
13:27:52.0805 0x166c [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:27:52.0915 0x166c ql2300 - ok
13:27:52.0961 0x166c [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:27:53.0008 0x166c ql40xx - ok
13:27:53.0055 0x166c [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
13:27:53.0149 0x166c QWAVE - ok
13:27:53.0180 0x166c [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:27:53.0258 0x166c QWAVEdrv - ok
13:27:53.0273 0x166c [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:27:53.0351 0x166c RasAcd - ok
13:27:53.0429 0x166c [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:27:53.0523 0x166c RasAgileVpn - ok
13:27:53.0539 0x166c [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
13:27:53.0648 0x166c RasAuto - ok
13:27:53.0695 0x166c [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:27:53.0788 0x166c Rasl2tp - ok
13:27:53.0882 0x166c [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
13:27:53.0975 0x166c RasMan - ok
13:27:54.0022 0x166c [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:27:54.0178 0x166c RasPppoe - ok
13:27:54.0225 0x166c [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:27:54.0334 0x166c RasSstp - ok
13:27:54.0428 0x166c [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:27:54.0568 0x166c rdbss - ok
13:27:54.0584 0x166c [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:27:54.0677 0x166c rdpbus - ok
13:27:54.0740 0x166c [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:27:54.0802 0x166c RDPCDD - ok
13:27:54.0865 0x166c [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:27:54.0958 0x166c RDPENCDD - ok
13:27:54.0974 0x166c [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:27:55.0052 0x166c RDPREFMP - ok
13:27:55.0130 0x166c [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:27:55.0301 0x166c RDPWD - ok
13:27:55.0395 0x166c [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:27:55.0426 0x166c rdyboost - ok
13:27:55.0723 0x166c [ 3394FAEF5FE401B076FD5DEC295C7919, 7674E6A36ADE653195BD240D7613C5E711940DF65A947ABA4D2546AF410A07C7 ] RealPlayerUpdateSvc C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
13:27:55.0801 0x166c RealPlayerUpdateSvc - ok
13:27:56.0378 0x166c [ 435685429F72AC4D43BF3A2658F13104, DBED552FE555C0E0BFDE046BDE5ED87C194CD84EBBF69A95C5B0E706941946E8 ] RealTimes Desktop Service c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
13:27:56.0456 0x166c RealTimes Desktop Service - ok
13:27:56.0534 0x166c [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:27:56.0643 0x166c RemoteAccess - ok
13:27:56.0705 0x166c [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:27:56.0830 0x166c RemoteRegistry - ok
13:27:57.0033 0x166c [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:27:57.0173 0x166c RpcEptMapper - ok
13:27:57.0267 0x166c [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
13:27:57.0392 0x166c RpcLocator - ok
13:27:57.0657 0x166c [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] RpcSs C:\Windows\system32\rpcss.dll
13:27:57.0766 0x166c RpcSs - ok
13:27:57.0938 0x166c [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:27:58.0078 0x166c rspndr - ok
13:27:58.0250 0x166c [ 9A929308A64183D3D9DCCBB6DF4BADAE, 6FB37676B64F3658B794E97CB5B98CC5B012D8C853A90C7B145BDB8F2FA49B3C ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
13:27:58.0593 0x166c RTL8169 - ok
13:27:59.0092 0x166c [ A77E6087129E463CDAB8080F5B846888, 677E1731578EAC1320EB3C6A7B8EBD6C6F68DEE770B50B0C9C11DE34EF587168 ] RTL8192cu C:\Windows\system32\DRIVERS\RTL8192cu.sys
13:27:59.0186 0x166c RTL8192cu - ok
13:27:59.0233 0x166c [ 4E568DBE3FFF1A0025EB432DC929B78F, 26F36CA31A1B977685F8DF5F8436848B7D4143B47EC0DAE68F8382C1B52A6C71 ] SamSs C:\Windows\system32\lsass.exe
13:27:59.0295 0x166c SamSs - ok
13:27:59.0404 0x166c [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:27:59.0467 0x166c sbp2port - ok
13:27:59.0623 0x166c [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:27:59.0732 0x166c SCardSvr - ok
13:27:59.0810 0x166c [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:27:59.0950 0x166c scfilter - ok
13:28:00.0371 0x166c [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule C:\Windows\system32\schedsvc.dll
13:28:00.0590 0x166c Schedule - ok
13:28:00.0699 0x166c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:28:00.0808 0x166c SCPolicySvc - ok
13:28:00.0839 0x166c [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:28:00.0964 0x166c SDRSVC - ok
13:28:01.0042 0x166c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:28:01.0136 0x166c secdrv - ok
13:28:01.0183 0x166c [ 38CBFFED5FC39CDFE6B4014401ED2629, 7BA730E2EDB8387190E45DA2F475BFE42AB3B12319DE088BD8E9F59227EDA4DD ] seclogon C:\Windows\system32\seclogon.dll
13:28:01.0432 0x166c seclogon - ok
13:28:01.0510 0x166c [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
13:28:01.0666 0x166c SENS - ok
13:28:01.0807 0x166c [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:28:02.0041 0x166c SensrSvc - ok
13:28:02.0150 0x166c [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:28:02.0353 0x166c Serenum - ok
13:28:02.0415 0x166c [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:28:02.0571 0x166c Serial - ok
13:28:02.0618 0x166c [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:28:02.0711 0x166c sermouse - ok
13:28:02.0821 0x166c [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
13:28:02.0977 0x166c SessionEnv - ok
13:28:03.0023 0x166c [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:28:03.0086 0x166c sffdisk - ok
13:28:03.0117 0x166c [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:28:03.0164 0x166c sffp_mmc - ok
13:28:03.0195 0x166c [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:28:03.0289 0x166c sffp_sd - ok
13:28:03.0351 0x166c [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:28:03.0429 0x166c sfloppy - ok
13:28:03.0601 0x166c [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:28:03.0710 0x166c SharedAccess - ok
13:28:03.0850 0x166c [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:28:03.0975 0x166c ShellHWDetection - ok
13:28:04.0053 0x166c [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
13:28:04.0147 0x166c sisagp - ok
13:28:04.0193 0x166c [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:28:04.0240 0x166c SiSRaid2 - ok
13:28:04.0271 0x166c [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:28:04.0334 0x166c SiSRaid4 - ok
13:28:04.0708 0x166c [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
13:28:04.0771 0x166c SkypeUpdate - ok
13:28:04.0817 0x166c [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:28:04.0942 0x166c Smb - ok
13:28:05.0098 0x166c [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:28:05.0176 0x166c SNMPTRAP - ok
13:28:05.0551 0x166c [ 3A4F2C0BB87A0895ABEBA341AA1E341B, 4DADEEF3C5D181502D6F4A00FBBF3B001FA626E49569FB330D7AE2955CC7DE08 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
13:28:05.0722 0x166c Sony PC Companion - detected UnsignedFile.Multi.Generic ( 1 )
13:28:14.0177 0x166c Detect skipped due to KSN trusted
13:28:14.0177 0x166c Sony PC Companion - ok
13:28:14.0864 0x166c [ 405C76BD01A72596D9EA6476F02717F7, 993848EB47251272662906A27B5FA9E08299B3D8EC17E19E259793FF85F3058C ] SpeedupService C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
13:28:14.0973 0x166c SpeedupService - ok
13:28:15.0098 0x166c [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
13:28:15.0207 0x166c spldr - ok
13:28:15.0363 0x166c [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
13:28:15.0628 0x166c Spooler - ok
13:28:16.0767 0x166c [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
13:28:17.0126 0x166c sppsvc - ok
13:28:17.0204 0x166c [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:28:17.0329 0x166c sppuinotify - ok
13:28:17.0594 0x166c [ A80CD850D69D996C832BEA37E3A6AA1E, 084231238A3E5DEC748EF67AA80485A3A5F4A9D3A13D338128BBA2BEA702B119 ] sptd C:\Windows\system32\Drivers\sptd.sys
13:28:17.0750 0x166c sptd - ok
13:28:17.0921 0x166c [ D86EA722F3337AA3F0253B6E359E6796, BA4C2DF629CBECFA1C1D589FFA6AEF8C5853C427B6B007793FD432B4AA8DA593 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:28:18.0077 0x166c srv - ok
13:28:18.0202 0x166c [ 1931823AC05967E5F79B791E9FFC2398, 255E6278F476F1D488199B0AD2004C3860CC74971AC3C0AB4B1DB4E42B329E94 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:28:18.0311 0x166c srv2 - ok
13:28:18.0405 0x166c [ 50A2FC7B0408F15B77E056076BBB6252, 801AD15B4CDFC09EE4909B7180A5CE562D54D4F08A9C0B7D9CA067ADC42A6C9D ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:28:18.0530 0x166c srvnet - ok
13:28:18.0670 0x166c [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:28:18.0951 0x166c SSDPSRV - ok
13:28:19.0029 0x166c [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:28:19.0279 0x166c SstpSvc - ok
13:28:19.0622 0x166c [ E57B778208C783D8DEBAB320C16A1B82, D9B0ACAF219D377E91737337466137F1AC78731659C1F0531BA3D9191DADC483 ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
13:28:19.0669 0x166c StarOpen - detected UnsignedFile.Multi.Generic ( 1 )
13:28:20.0667 0x166c Detect skipped due to KSN trusted
13:28:20.0667 0x166c StarOpen - ok
13:28:20.0745 0x166c [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:28:20.0807 0x166c stexstor - ok
13:28:21.0041 0x166c [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
13:28:21.0151 0x166c StiSvc - ok
13:28:21.0182 0x166c [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
13:28:21.0229 0x166c swenum - ok
13:28:21.0353 0x166c [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
13:28:21.0478 0x166c swprv - ok
13:28:21.0853 0x166c [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain C:\Windows\system32\sysmain.dll
13:28:22.0055 0x166c SysMain - ok
13:28:22.0149 0x166c [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
13:28:22.0258 0x166c TabletInputService - ok
13:28:22.0321 0x166c [ 8CF6E2AE1707D82E904ECCA68CEF8B87, 623765F0E5521B9EDDDEF3A3683C2E4A1FB6D96E80CC7CD22426066FE0D4843A ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
13:28:22.0461 0x166c tap0901 - ok
13:28:22.0601 0x166c [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
13:28:22.0742 0x166c TapiSrv - ok
13:28:23.0210 0x166c [ C7E41209132B9CF084CCEA8593F61328, 441E44C3C4803FA9304111E58AE7A2927EEB6584CEC9CBF81DC508E73A99033E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:28:23.0335 0x166c Tcpip - ok
13:28:23.0444 0x166c [ C7E41209132B9CF084CCEA8593F61328, 441E44C3C4803FA9304111E58AE7A2927EEB6584CEC9CBF81DC508E73A99033E ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:28:23.0537 0x166c TCPIP6 - ok
13:28:23.0662 0x166c [ A4BF8BE9D1F7D563C7868AC7B2561545, E3C2FFE53373E5255DC388E0C81CCE965E432EFAF52C85B5B3B3918815114073 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:28:23.0818 0x166c tcpipreg - ok
13:28:23.0896 0x166c [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:28:24.0021 0x166c TDPIPE - ok
13:28:24.0068 0x166c [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:28:24.0146 0x166c TDTCP - ok
13:28:24.0193 0x166c [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:28:24.0286 0x166c tdx - ok
13:28:24.0333 0x166c [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:28:24.0380 0x166c TermDD - ok
13:28:24.0489 0x166c [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
13:28:24.0723 0x166c TermService - ok
13:28:24.0801 0x166c [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
13:28:24.0941 0x166c Themes - ok
13:28:25.0004 0x166c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
13:28:25.0082 0x166c THREADORDER - ok
13:28:25.0207 0x166c [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
13:28:25.0285 0x166c TrkWks - ok
13:28:25.0503 0x166c [ ED5E4CE36C54F55E7698642E94D32EC7, 07BD324083D1784F8F716C528D530003369E6D87EFC7B79BCAA1767F80DA4FDC ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
13:28:25.0581 0x166c truecrypt - ok
13:28:25.0784 0x166c [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:28:25.0893 0x166c TrustedInstaller - ok
13:28:25.0924 0x166c [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:28:26.0002 0x166c tssecsrv - ok
13:28:26.0174 0x166c [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:28:26.0299 0x166c TsUsbFlt - ok
13:28:26.0470 0x166c [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:28:26.0548 0x166c tunnel - ok
13:28:26.0626 0x166c [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:28:26.0704 0x166c uagp35 - ok
13:28:26.0767 0x166c [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:28:26.0845 0x166c udfs - ok
13:28:26.0969 0x166c [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:28:27.0063 0x166c UI0Detect - ok
13:28:27.0141 0x166c [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:28:27.0188 0x166c uliagpkx - ok
13:28:27.0266 0x166c [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\drivers\umbus.sys
13:28:27.0328 0x166c umbus - ok
13:28:27.0344 0x166c [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:28:27.0422 0x166c UmPass - ok
13:28:27.0531 0x166c [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
13:28:27.0640 0x166c upnphost - ok
13:28:27.0718 0x166c [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:28:27.0827 0x166c usbaudio - ok
13:28:27.0874 0x166c [ 325A69967CC7B4BFB170F5636143A94A, E0341360827B9B3E244F24D0BC01D3B3C0CC97E232A361960849F799A16AD540 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
13:28:27.0999 0x166c usbccgp - ok
13:28:28.0139 0x166c [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:28:28.0233 0x166c usbcir - ok
13:28:28.0280 0x166c [ 5D57798CAE5A0DD0B8F61C52B8E7C3D1, 5097997508E1406AD5B018C5006D82F8BFC7B157C6CAF1B4D80C7D6DB722A77A ] usbehci C:\Windows\system32\drivers\usbehci.sys
13:28:28.0467 0x166c usbehci - ok
13:28:28.0639 0x166c [ 3835ECC1E928042F92D7AA1963D40523, 60237CB8C3F935544006621255FFD53C9E09C0AF4741D0C50968CB4D647336D5 ] usbhub C:\Windows\system32\drivers\usbhub.sys
13:28:28.0717 0x166c usbhub - ok
13:28:28.0795 0x166c [ 81E1E90305A4C7A13BADC5DFA22ABA37, 9EF3F5CD2FCF22A5BCC668778C8340D8C80719E9B43FB6C4484BFC98280B8BD9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:28:28.0888 0x166c usbohci - ok
13:28:28.0951 0x166c [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:28:29.0060 0x166c usbprint - ok
13:28:29.0138 0x166c [ 144DA53294922A84FFAA3D90B1453745, A8DC6B534E4526E2226CF6C9D53A4B6B251D2F23728E41737063D24024C5266F ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:28:29.0263 0x166c USBSTOR - ok
13:28:29.0294 0x166c [ B4A1789BE90403D9549EF9DBAD37A429, 1F590F8DE0081953B944A076FFEB5FF3BCF7E2BEE4ABD97236A29C00B9242163 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:28:29.0372 0x166c usbuhci - ok
13:28:29.0434 0x166c [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
13:28:29.0512 0x166c UxSms - ok
13:28:29.0559 0x166c [ 4E568DBE3FFF1A0025EB432DC929B78F, 26F36CA31A1B977685F8DF5F8436848B7D4143B47EC0DAE68F8382C1B52A6C71 ] VaultSvc C:\Windows\system32\lsass.exe
13:28:29.0637 0x166c VaultSvc - ok
13:28:29.0715 0x166c [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:28:29.0746 0x166c vdrvroot - ok
13:28:29.0902 0x166c [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
13:28:30.0027 0x166c vds - ok
13:28:30.0136 0x166c [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:28:30.0230 0x166c vga - ok
13:28:30.0277 0x166c [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:28:30.0355 0x166c VgaSave - ok
13:28:30.0417 0x166c [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:28:30.0464 0x166c vhdmp - ok
13:28:30.0589 0x166c [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
13:28:30.0682 0x166c viaagp - ok
13:28:30.0745 0x166c [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
13:28:30.0807 0x166c ViaC7 - ok
13:28:30.0854 0x166c [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
13:28:30.0916 0x166c viaide - ok
13:28:30.0947 0x166c [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:28:30.0994 0x166c volmgr - ok
13:28:31.0057 0x166c [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:28:31.0135 0x166c volmgrx - ok
13:28:31.0213 0x166c [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:28:31.0275 0x166c volsnap - ok
13:28:31.0322 0x166c [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:28:31.0384 0x166c vsmraid - ok
13:28:31.0618 0x166c [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
13:28:31.0759 0x166c VSS - ok
13:28:31.0790 0x166c [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:28:31.0868 0x166c vwifibus - ok
13:28:31.0930 0x166c [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:28:32.0008 0x166c vwififlt - ok
13:28:32.0149 0x166c [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
13:28:32.0227 0x166c W32Time - ok
13:28:32.0289 0x166c [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:28:32.0383 0x166c WacomPen - ok
13:28:32.0461 0x166c [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:28:32.0523 0x166c WANARP - ok
13:28:32.0539 0x166c [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:28:32.0617 0x166c Wanarpv6 - ok
13:28:32.0913 0x166c [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
13:28:33.0163 0x166c wbengine - ok
13:28:33.0287 0x166c [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:28:33.0365 0x166c WbioSrvc - ok
13:28:33.0459 0x166c [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:28:33.0553 0x166c wcncsvc - ok
13:28:33.0568 0x166c [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:28:33.0771 0x166c WcsPlugInService - ok
13:28:33.0833 0x166c [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:28:33.0880 0x166c Wd - ok
13:28:34.0067 0x166c [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:28:34.0161 0x166c Wdf01000 - ok
13:28:34.0223 0x166c [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:28:34.0333 0x166c WdiServiceHost - ok
13:28:34.0348 0x166c [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:28:34.0411 0x166c WdiSystemHost - ok
13:28:34.0504 0x166c [ DC54D7A40B6E18E5C7F592F836D163FF, 436AF3B94EAE6CBD2516A63235AE1D6EC4F1FCAA0F974A9672BB5AB2A846BB2C ] WebClient C:\Windows\System32\webclnt.dll
13:28:34.0629 0x166c WebClient - ok
13:28:34.0754 0x166c [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:28:34.0832 0x166c Wecsvc - ok
13:28:34.0863 0x166c [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:28:34.0957 0x166c wercplsupport - ok
13:28:35.0019 0x166c [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
13:28:35.0159 0x166c WerSvc - ok
13:28:35.0237 0x166c [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:28:35.0315 0x166c WfpLwf - ok
13:28:35.0347 0x166c [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:28:35.0378 0x166c WIMMount - ok
13:28:35.0487 0x166c [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
13:28:35.0643 0x166c WinDefend - ok
13:28:35.0690 0x166c WinHttpAutoProxySvc - ok
13:28:35.0799 0x166c [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:28:35.0893 0x166c Winmgmt - ok
13:28:36.0033 0x166c [ 8949A93520F7008C3B7AD320A0EEA267, F77C6BF73B300347FEB3D02C7A1F98807546D95E10E499D385B7F00D1366CC59 ] WinRM C:\Windows\system32\WsmSvc.dll
13:28:36.0142 0x166c WinRM - ok
13:28:36.0283 0x166c [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:28:36.0345 0x166c WinUsb - ok
13:28:36.0454 0x166c [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:28:36.0595 0x166c Wlansvc - ok
13:28:36.0969 0x166c [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:28:37.0078 0x166c wlidsvc - ok
13:28:37.0125 0x166c [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:28:37.0203 0x166c WmiAcpi - ok
13:28:37.0297 0x166c [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:28:37.0406 0x166c wmiApSrv - ok
13:28:37.0593 0x166c [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
13:28:37.0749 0x166c WMPNetworkSvc - ok
13:28:37.0796 0x166c [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:28:37.0952 0x166c WPCSvc - ok
13:28:38.0014 0x166c [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:28:38.0077 0x166c WPDBusEnum - ok
13:28:38.0108 0x166c [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:28:38.0217 0x166c ws2ifsl - ok
13:28:38.0233 0x166c [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
13:28:38.0342 0x166c wscsvc - ok
13:28:38.0357 0x166c WSearch - ok
13:28:38.0685 0x166c [ FAC7617DD8A8CCCBBB9D36C39AFA5ABE, 64BB658523F4610B6D092BD390D24307F0A545ABA5C78B5DB50B7AA9E65C6A51 ] wuauserv C:\Windows\system32\wuaueng.dll
13:28:38.0872 0x166c wuauserv - ok
13:28:38.0935 0x166c [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:28:39.0013 0x166c WudfPf - ok
13:28:39.0059 0x166c [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:28:39.0106 0x166c WUDFRd - ok
13:28:39.0200 0x166c [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:28:39.0247 0x166c wudfsvc - ok
13:28:39.0340 0x166c [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
13:28:39.0465 0x166c WwanSvc - ok
13:28:39.0496 0x166c ================ Scan global ===============================
13:28:39.0527 0x166c [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
13:28:39.0621 0x166c [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
13:28:39.0668 0x166c [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
13:28:39.0715 0x166c [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
13:28:39.0761 0x166c [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
13:28:39.0793 0x166c [ Global ] - ok
13:28:39.0793 0x166c ================ Scan MBR ==================================
13:28:39.0824 0x166c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:28:42.0881 0x166c \Device\Harddisk0\DR0 - ok
13:28:42.0881 0x166c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
13:28:43.0053 0x166c \Device\Harddisk1\DR1 - ok
13:28:43.0053 0x166c [ 8FF255184F078C9C04E6A2CE66117C5C ] \Device\Harddisk2\DR2
13:28:43.0459 0x166c \Device\Harddisk2\DR2 - ok
13:28:43.0459 0x166c ================ Scan VBR ==================================
13:28:43.0505 0x166c [ 8F40C1BE89B1EA50B22AE21A5F3278D6 ] \Device\Harddisk0\DR0\Partition1
13:28:43.0599 0x166c \Device\Harddisk0\DR0\Partition1 - ok
13:28:43.0615 0x166c [ 51CABA2CFF31E47E7D6A3BDEC6549B4A ] \Device\Harddisk0\DR0\Partition2
13:28:43.0646 0x166c \Device\Harddisk0\DR0\Partition2 - ok
13:28:43.0646 0x166c [ 64704A06AD3121272366C7B5E053E631 ] \Device\Harddisk1\DR1\Partition1
13:28:43.0661 0x166c \Device\Harddisk1\DR1\Partition1 - ok
13:28:43.0661 0x166c [ 62D218D5E89303053A0BC518A5981980 ] \Device\Harddisk1\DR1\Partition2
13:28:43.0661 0x166c \Device\Harddisk1\DR1\Partition2 - ok
13:28:43.0677 0x166c [ 8F40C1BE89B1EA50B22AE21A5F3278D6 ] \Device\Harddisk1\DR1\Partition3
13:28:43.0677 0x166c \Device\Harddisk1\DR1\Partition3 - ok
13:28:43.0693 0x166c [ D61CA06D0E6EBBDCD074A034301B187A ] \Device\Harddisk2\DR2\Partition1
13:28:43.0708 0x166c \Device\Harddisk2\DR2\Partition1 - ok
13:28:43.0708 0x166c ================ Scan generic autorun ======================
13:28:44.0395 0x166c [ A360F8AA95A086CB7F9D361B5485858F, 8340AD4042F1E5780C304A0DF12F22EB56BACC687D48387B9A1B05E4324D2A28 ] C:\Windows\RtHDVCpl.exe
13:28:44.0722 0x166c RtHDVCpl - ok
13:28:44.0987 0x166c [ BF0C53DDCF44B80EBDFB51D6BAA51216, A879160766F031BAE6A8C059F9B9EF5C2D9773AD0CEADE73A2835DFD0736DAE4 ] C:\Program Files\dvd43\dvd43_tray.exe
13:28:45.0065 0x166c dvd43 - detected UnsignedFile.Multi.Generic ( 1 )
13:28:45.0923 0x166c Detect skipped due to KSN trusted
13:28:45.0923 0x166c dvd43 - ok
13:28:46.0251 0x166c [ 4EB0C6C3EF4D8885CF2B5D0062F31E44, A3967758E30609D29A4856F373DD2C971B341F914825D720387ACFD7499EDC3D ] C:\Program Files\DivX\DivX Update\DivXUpdate.exe
13:28:46.0345 0x166c DivXUpdate - ok
13:28:46.0563 0x166c [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
13:28:46.0610 0x166c GrooveMonitor - ok
13:28:46.0766 0x166c [ 0B692C328AF648AD478A967C21DD7936, C06839FC4B748A364A710BCE1DEEB9FEE2F88979A4BEFC40B4EBBB7E0F34CC95 ] C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
13:28:46.0813 0x166c AgentMonitor - ok
13:28:46.0922 0x166c [ 7E99BC36A738265A20C218653A1ADFBC, EFDB13FDCFC3D7639F67E5772294492C2125A10C492BDF422D1B153294DB872E ] C:\Program Files\Real\RealPlayer\update\realsched.exe
13:28:46.0969 0x166c TkBellExe - ok
13:28:47.0171 0x166c [ 0CECC28CFDE7D0F323344569AF2A83AC, F7120A68F25A1542CAEF929CF916CECEFA1AFD59301FEAB31244D39742DE8AC5 ] C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
13:28:47.0234 0x166c RealDownloader - ok
13:28:47.0312 0x166c [ 258E2CD2C4984A977106C9EF7CA8AF69, D8F6409D5F5782CC27D159D18E914A3DB59D8644D7017CA6F84F0CF30E95174C ] C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe
13:28:47.0359 0x166c Avira SystrayStartTrigger - ok
13:28:47.0561 0x166c [ 1BC31F797516DC7B7446B62A849D5905, 49B35A41F1C3739800CBA2A559C2AEFE89FBC090F8305681AF3B379B639E16AA ] C:\Program Files\Avira\Antivirus\avgnt.exe
13:28:47.0655 0x166c avgnt - ok
13:28:47.0671 0x166c [ 18488F4890575E0AF614D722DC0B142D, A4224056DEFC1EFC282673503810688BAD776BE1F597F3E50341DA4375384ADD ] C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe
13:28:47.0717 0x166c Avira System Speedup User Starter - ok
13:28:47.0795 0x166c [ 2691DFA391404BE88DCCE34A601B7BF4, 5FA1DC2002726873283121A738E47A1F24EAAD09D2991BB1ED13D42ACF488190 ] C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
13:28:47.0842 0x166c Avira System Speedup Tray - ok
13:28:48.0497 0x166c [ A6A21A7D544675E98C040DA18904CF50, AACB578C297C7AC9FEBDAB4AD20235E5CFF6E3F260E76E6AE18D43DC57D69672 ] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
13:28:48.0638 0x166c Malwarebytes TrayApp - ok
13:28:48.0809 0x166c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:28:48.0997 0x166c Sidebar - ok
13:28:49.0059 0x166c [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
13:28:49.0137 0x166c mctadmin - ok
13:28:49.0199 0x166c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:28:49.0293 0x166c Sidebar - ok
13:28:49.0309 0x166c [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
13:28:49.0355 0x166c mctadmin - ok
13:28:49.0480 0x166c [ A7DC47DBBE3C0384BA719DC4188AFA7E, FCC8F68A8E55AE2AB9B877A6E46DFC28411B68D09AEACA4792625B5150EFDCFD ] C:\Windows\ehome\ehTray.exe
13:28:49.0543 0x166c ehTray.exe - ok
13:28:49.0652 0x166c [ 95F98E2B7FC538271040743C0C0943BC, 2BB07BE21BFEEA0A6208082DEDA11DF7F9FECFE48081DFB9F9AF387CE8FDEDF6 ] C:\Program Files\DEUTSCHLAND SPIELT\Alamandi\TaskBarNotifier.exe
13:28:49.0714 0x166c Alamandi tray notifier - ok
13:28:49.0964 0x166c [ 2A3FB4C98F139038E23330D2439DB8A4, DE9253AD362B03FA5D3D4912662398E5C4AC76F7274B83E51C251A6921A5B838 ] C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe
13:28:50.0026 0x166c Facebook Update - ok
13:28:50.0759 0x166c [ C7C42AC946E25EC04BC671516A347FF9, 03DCB98F1764862A0DFC1B3A6CD34BA583DA512E8E4556E891A228832C0F8DE1 ] C:\Users\Kornelia\AppData\Local\Amazon Music\Amazon Music Helper.exe
13:28:51.0056 0x166c Amazon Music - ok
13:28:51.0212 0x166c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\sidebar.exe
13:28:51.0321 0x166c Sidebar - ok
13:28:51.0337 0x166c Waiting for KSN requests completion. In queue: 20
13:28:52.0522 0x166c AV detected via SS2: Avira Antivirus, C:\Program Files\Avira\Antivirus\wsctool.exe ( 15.0.24.143 ), 0x41000 ( enabled : updated )
13:28:52.0569 0x166c AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.138 ), 0x61000 ( enabled : updated )
13:28:52.0631 0x166c Win FW state via NFP2: enabled ( trusted )
13:28:53.0489 0x166c ============================================================
13:28:53.0489 0x166c Scan finished
13:28:53.0489 0x166c ============================================================
13:28:53.0505 0x1484 Detected object count: 0
13:28:53.0505 0x1484 Actual detected object count: 0
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 28.01.17
Scan-Zeit: 14:16
Protokolldatei: MWB.txt
Administrator: Ja
-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.50
Version des Aktualisierungspakets: 1.0.1121
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Kornelia-PC\Kornelia
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 369342
Abgelaufene Zeit: 18 Min., 51 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
|
|
28.01.2017, 15:46
| #5 |
| /// TB-Ausbilder | WIndowa 7 Funde OpenCandy.Gen im abgesichternen Modus Servus, ich habe nicht gesagt, dass du MBAM oder AdwCleaner jetzt ausführen sollst. Ich habe nur gemeint, dass du die Logdateien mit den Funden (wie in deinem Eingangspost geschrieben) posten sollst. Leere Logdateien von MBAM ohne Funde helfen mir hier nicht, ich will die Logdateien sehen, in denen MBAM und AdwCleaner was gefunden haben. |
|
28.01.2017, 17:26
| #6 |
| | WIndowa 7 Funde OpenCandy.Gen im abgesichternen Modus Alles klar Code:
ATTFilter # AdwCleaner v6.042 - Bericht erstellt am 27/01/2017 um 15:41:46
# Aktualisiert am 06/01/2017 von Malwarebytes
# Datenbank : 2017-01-27.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X86)
# Benutzername : Kornelia - KORNELIA-PC
# Gestartet von : C:\Users\Kornelia\Desktop\Neuer Ordner (2)\adwcleaner_6.042.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\Kornelia\AppData\Local\apn
[-] Ordner gelöscht: C:\Users\Kornelia\AppData\LocalLow\AlterGeo
[-] Ordner gelöscht: C:\Users\Kornelia\AppData\Roaming\dvdvideosoftiehelpers
[-] Ordner gelöscht: C:\Users\Kornelia\AppData\Roaming\Gutscheinmieze
[-] Ordner gelöscht: C:\Users\Tabea\AppData\LocalLow\softonic-de3
[-] Ordner gelöscht: C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Smartbar
[-] Ordner gelöscht: C:\ProgramData\apn
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\apn
[-] Ordner gelöscht: C:\Program Files\Common Files\DVDVideoSoft\TB
[-] Ordner gelöscht: C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_leocdeigfnkaojcapikdjcdbedcjmffc_0
***** [ Dateien ] *****
[-] Datei gelöscht: C:\Windows\system32\conduitEngine.tmp
[-] Datei gelöscht: C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\invalidprefs.js
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Conduit.Engine
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\driverscanner
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\APN
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\Ask.com
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\AskToolbar
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\AppDataLow\Software\AskToolbar
[-] Schlüssel gelöscht: HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\APN PIP
[-] Schlüssel gelöscht: HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Softonic
[-] Schlüssel gelöscht: HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\YahooPartnerToolbar
[-] Schlüssel gelöscht: HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\AppDataLow\Software\Conduit
[-] Schlüssel gelöscht: HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
[-] Schlüssel gelöscht: HKU\S-1-5-21-1736235967-2657770174-236075978-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01272017143513006\Software\AppDataLow\Software\Conduit
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\APN
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\Ask.com
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\AskToolbar
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\AppDataLow\Software\AskToolbar
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\APN PIP
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Softonic
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\YahooPartnerToolbar
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Software\Conduit
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\ApnUpdater
[-] Wert gelöscht: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
[-] Wert gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
[#] Wert mit Neustart gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
[#] Wert mit Neustart gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[-] Schlüssel gelöscht: HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
***** [ Browser ] *****
[-] Firefox Einstellungen bereinigt: "CT2431245.components.1000080" - false
[-] Firefox Einstellungen bereinigt: "CT2431245.components.1000082" - false
[-] Firefox Einstellungen bereinigt: "CT2431245.components.1000234" - false
[-] Firefox Einstellungen bereinigt: "CT2431245.components.129009402578469381" - false
[-] Firefox Einstellungen bereinigt: "CT2431245.components.129009402593156547" - false
[-] Firefox Einstellungen bereinigt: "CT2431245.components.129009402593312798" - false
[-] Firefox Einstellungen bereinigt: "CT2431245.components.129009402595187825" - false
[-] Firefox Einstellungen bereinigt: "CT2431245.components.129009402595656583" - false
[-] Firefox Einstellungen bereinigt: "CT2431245.components.129009402596594108" - false
[-] Firefox Einstellungen bereinigt: "CT2431245.components.129009402596594109" - false
[-] Firefox Einstellungen bereinigt: "CT2431245.myStuffEnabled" - true
[-] Firefox Einstellungen bereinigt: "CT2431245.myStuffPublihserMinWidth" - 400
[-] Firefox Einstellungen bereinigt: "CT2431245.myStuffServiceIntervalMM" - 1440
[-] Firefox Einstellungen bereinigt: "CT2851647.ENABALE_HISTORY" - "{\"dataType\":\"string\",\"data\":\"true\"}"
[-] Firefox Einstellungen bereinigt: "CT2851647.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE" - "{\"dataType\":\"string\",\"data\":\"true\"}"
[-] Firefox Einstellungen bereinigt: "CT2851647.addressBarTakeOverEnabledInHidden" - "true"
[-] Firefox Einstellungen bereinigt: "CT2851647.autoDisableScopes" - -1
[-] Firefox Einstellungen bereinigt: "CT2851647.cbcountry_001" - "DE"
[-] Firefox Einstellungen bereinigt: "CT2851647.enableAlerts" - "always"
[-] Firefox Einstellungen bereinigt: "CT2851647.fixPageNotFoundError" - "true"
[-] Firefox Einstellungen bereinigt: "CT2851647.fixPageNotFoundErrorInHidden" - "true"
[-] Firefox Einstellungen bereinigt: "CT2851647.fixUrls" - true
[-] Firefox Einstellungen bereinigt: "CT2851647.isNewTabEnabled" - true
[-] Firefox Einstellungen bereinigt: "CT2851647.isPerformedSmartBarTransition" - "true"
[-] Firefox Einstellungen bereinigt: "CT2851647.isWelcomPage" - "{\"dataType\":\"boolean\",\"data\":\"true\"}"
[-] Firefox Einstellungen bereinigt: "CT2851647.search.searchCount" - "0"
[-] Firefox Einstellungen bereinigt: "CT2851647.searchInNewTabEnabledInHidden" - "true"
[-] Firefox Einstellungen bereinigt: "CT2851647.selectToSearchBoxEnabled" - "{\"dataType\":\"string\",\"data\":\"true\"}"
[-] Firefox Einstellungen bereinigt: "CT2851647.serviceLayer_service_login_isFirstLoginInvoked" - "{\"dataType\":\"boolean\",\"data\":\"true\"}"
[-] Firefox Einstellungen bereinigt: "CT2851647.serviceLayer_service_login_loginCount" - "{\"dataType\":\"number\",\"data\":\"2\"}"
[-] Firefox Einstellungen bereinigt: "CT2851647.serviceLayer_services_appTrackingFirstTime_lastUpdate" - "1345371452243"
[-] Firefox Einstellungen bereinigt: "CT2851647.serviceLayer_services_appsMetadata_lastUpdate" - "1345371440333"
[-] Firefox Einstellungen bereinigt: "CT2851647.serviceLayer_services_gottenAppsContextMenu_lastUpdate" - "1345371439025"
[-] Firefox Einstellungen bereinigt: "CT2851647.serviceLayer_services_login_10.10.20.14_lastUpdate" - "1345371446625"
[-] Firefox Einstellungen bereinigt: "CT2851647.serviceLayer_services_otherAppsContextMenu_lastUpdate" - "1345371440650"
[-] Firefox Einstellungen bereinigt: "CT2851647.serviceLayer_services_searchAPI_lastUpdate" - "1345371433847"
[-] Firefox Einstellungen bereinigt: "CT2851647.serviceLayer_services_serviceMap_lastUpdate" - "1345371432394"
[-] Firefox Einstellungen bereinigt: "CT2851647.serviceLayer_services_toolbarContextMenu_lastUpdate" - "1345371445567"
[-] Firefox Einstellungen bereinigt: "CT2851647.serviceLayer_services_toolbarSettings_lastUpdate" - "1345371434940"
[-] Firefox Einstellungen bereinigt: "CT2851647.serviceLayer_services_translation_lastUpdate" - "1345371443603"
[-] Firefox Einstellungen bereinigt: "CT2851647.settingsINI" - true
[-] Firefox Einstellungen bereinigt: "extensions.toolbar@ask.com.install-event-fired" - true
[-] [C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: ask.com
[-] [C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: conduit.search
[-] [C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: aaaaadgepjkdffhjbkfjgnnffnfcffbg
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [11994 Bytes] - [27/01/2017 15:41:46]
C:\AdwCleaner\AdwCleaner[S0].txt - [14900 Bytes] - [27/01/2017 15:37:33]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [12142 Bytes] ##########
|
|
29.01.2017, 10:46
| #7 |
| /// TB-Ausbilder | WIndowa 7 Funde OpenCandy.Gen im abgesichternen Modus Servus, dann bitte die Logdatei in ein .zip Archiv packen und als Anlage hochladen. |
|
29.01.2017, 14:51
| #8 |
| | WIndowa 7 Funde OpenCandy.Gen im abgesichternen Modus Hallo Matthias, ich habe plötzlich das Problem, dass ich mich zwar normal anmelde, aber danach kommt ein Hinweis dass mein Profil nur temporär ist. Veränderte Auflösung, Outlook soll eingerichtet werden... Was ist da plötzlich los? Lg Ich hab die Datei über den Explorer rausgesucht, (vorhanden ist die ja) und hab mein Tablet angeschlossen zum posten. Hoffentlich war das nicht falsch. |
|
30.01.2017, 16:47
| #9 | |
| /// TB-Ausbilder | WIndowa 7 Funde OpenCandy.Gen im abgesichternen Modus Servus, Zitat:
|
|
30.01.2017, 18:26
| #10 |
| | WIndowa 7 Funde OpenCandy.Gen im abgesichternen Modus Hallo Matthias, wurde erledigt. Heute startete wieder mein normales Profil ... Ich habe ausser den Firefox und den Windowsexplorer nichts anderes gestartet. Hier die Logs Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 29-01-2017
durchgeführt von Kornelia (Administrator) auf KORNELIA-PC (30-01-2017 17:53:15)
Gestartet von C:\Users\Kornelia\Desktop\Neuer Ordner (2)
Geladene Profile: Kornelia (Verfügbare Profile: Kornelia & Tabea)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\VPN\Avira.VpnService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
() C:\Users\Kornelia\AppData\Local\Amazon Music\Amazon Music Helper.exe
() C:\Windows\System32\PSIService.exe
() C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\dvd43\DVD43_Tray.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
() C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
() C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
(Intenium) C:\Program Files\DEUTSCHLAND SPIELT\Alamandi\TaskBarNotifier.exe
(Facebook Inc.) C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Google) C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
() C:\Program Files\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4702208 2007-10-01] (Realtek Semiconductor)
HKLM\...\Run: [dvd43] => C:\Program Files\dvd43\dvd43_tray.exe [827904 2009-10-23] ()
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [AgentMonitor] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe [391040 2013-06-20] ()
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [286992 2015-11-28] (RealNetworks, Inc.)
HKLM\...\Run: [RealDownloader] => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [714992 2016-07-05] ()
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [917576 2016-12-16] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira System Speedup User Starter] => C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [25744 2017-01-11] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira System Speedup Tray] => C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [160936 2017-01-11] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM Group Policy restriction on software: C:\Program Files\Common Files\G DATA <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Common Files\Symantec Shared <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\G DATA <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Run: [Alamandi tray notifier] => C:\Program Files\DEUTSCHLAND SPIELT\Alamandi\TaskBarNotifier.exe [394992 2012-07-10] (Intenium)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Run: [Facebook Update] => C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-06-11] (Facebook Inc.)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Run: [Amazon Music] => C:\Users\Kornelia\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 1
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\MountPoints2: {dd31715e-6298-11df-b571-001d607b2853} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\MountPoints2: {fdc8adba-0935-11e2-a19e-001d607b2853} - G:\DPFMate.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Google Calendar Sync.lnk [2013-01-10]
ShortcutTarget: Google Calendar Sync.lnk -> C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2015-11-28]
ShortcutTarget: RealTimes.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk [2015-10-02]
ShortcutTarget: TP-LINK-Konfigurationstool.lnk -> C:\Program Files\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe ()
Startup: C:\Users\Konni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-30]
ShortcutTarget: zSpeedup.lnk -> C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG)
Startup: C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2014-03-04]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-30]
ShortcutTarget: zSpeedup.lnk -> C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG)
Startup: C:\Users\Tabea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-30]
ShortcutTarget: zSpeedup.lnk -> C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG)
GroupPolicy: Beschränkung ? <======= ACHTUNG
GroupPolicy\User: Beschränkung ? <======= ACHTUNG
GroupPolicyUsers\S-1-5-21-1736235967-2657770174-236075978-1002\User: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{23F9AFAB-2021-4A7D-9477-EBCFE8F59F7E}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9AD09A44-51EC-4D6E-9E93-74F49F171E7E}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art
URLSearchHook: HKU\S-1-5-21-1736235967-2657770174-236075978-1001 - (Kein Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - Keine Datei
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2015-11-04] (RealDownloader)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2012-02-15] (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-02-15] (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default [2017-01-28]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\20811wxw.default ->
FF Homepage: Mozilla\Firefox\Profiles\20811wxw.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\20811wxw.default -> ist aktiviert.
FF NetworkProxy: Mozilla\Firefox\Profiles\20811wxw.default -> type", 1
FF Extension: (Avira Browser Safety) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\abs@avira.com [2017-01-26]
FF Extension: (Avira Browser Safety) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\abs@avira.com.xpi [2017-01-08]
FF Extension: (FacebookBlocker) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\facebookBlocker@webgraph.com [2014-02-16] [ist nicht signiert]
FF Extension: (NO Google Analytics) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\jid1-JcGokIiQyjoBAQ@jetpack.xpi [2016-06-09]
FF Extension: (Official My JDownloader AddOn) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2017-01-07]
FF Extension: (Test Pilot) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\testpilot@labs.mozilla.com.xpi [2016-09-01]
FF Extension: (NoScript) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-01-20]
FF Extension: (Adblock Plus) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-16]
FF Extension: (Torbutton) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}.xpi [2012-10-11] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-07-05] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: (Mehr Leistung und Videoformate für dein HTML5 &video&) - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-12-27] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1165635.dll [2012-07-05] (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2012-02-15] (Sun Microsystems, Inc.)
FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=18.1.2.175 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2015-11-28] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-08] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-08] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll [2010-02-04] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=18.1.2.175 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2015-11-28] (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-05] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1736235967-2657770174-236075978-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kornelia\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012-02-15] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2014-04-27] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2014-04-27] (RealPlayer Cloud)
Chrome:
=======
CHR DefaultProfile: Default
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\50.0.2661.102\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll => Keine Datei
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\50.0.2661.102\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\50.0.2661.102\pdf.dll => Keine Datei
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default [2017-01-27]
CHR Extension: (Kein Name) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-16]
CHR Extension: (Kein Name) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-16]
CHR Extension: (RealDownloader) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-11-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-16]
CHR Extension: (Kein Name) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-04-07]
CHR Extension: (Kein Name) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-15]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - Chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [1089592 2016-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [476736 2016-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [476736 2016-12-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1490296 2016-12-16] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files\Avira\VPN\Avira.VpnService.exe [300344 2017-01-18] (Avira Operations GmbH & Co. KG)
S3 CGVPNCliSrvc; C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
S2 gupdate1cacc58a1955820; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-10-02] (Google Inc.)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-12-06] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3303888 2017-01-20] (Malwarebytes)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [174656 2006-11-02] () [Datei ist nicht signiert]
R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [33088 2015-11-04] ()
R2 RealTimes Desktop Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [1095976 2015-11-28] (RealNetworks, Inc.)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [Datei ist nicht signiert]
R2 SpeedupService; C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [35304 2017-01-11] (Avira Operations GmbH & Co. KG)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 ACEDRV05; C:\Windows\system32\drivers\ACEDRV05.sys [97792 2010-03-10] (Protect Software GmbH) [Datei ist nicht signiert]
R2 ACEDRV08; C:\Windows\system32\drivers\ACEDRV08.sys [108768 2010-12-28] (Protect Software GmbH)
R2 acedrv10; C:\Windows\system32\drivers\acedrv10.sys [330144 2007-07-27] (Protect Software GmbH)
R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
R2 acehlp10; C:\Windows\system32\drivers\acehlp10.sys [251680 2007-07-27] (Protect Software GmbH)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278984 2010-04-05] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119208 2016-12-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140840 2016-12-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2016-09-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [60088 2016-09-27] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [30672 2016-12-16] (Avira Operations GmbH & Co. KG)
R3 dvd43llh; C:\Windows\System32\DRIVERS\dvd43llh.sys [18816 2010-06-09] (RIF) [Datei ist nicht signiert]
S3 eapihdrv; C:\Users\Kornelia\AppData\Local\Temp\ehdrv.sys [135760 2017-01-27] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [59976 2017-01-20] ()
S3 HCW713x; C:\Windows\System32\DRIVERS\HCW713x.sys [827776 2007-03-26] (Hauppauge Computer Works inc.)
R0 hotcore3; C:\Windows\System32\drivers\hotcore3.sys [39472 2008-02-14] (Paragon Software Group)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2010-04-05] ()
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [152512 2017-01-27] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [94656 2017-01-30] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [39360 2017-01-30] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [219584 2017-01-30] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [63264 2017-01-30] (Malwarebytes)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2007-02-27] ()
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc.)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-13] (NXP Semiconductors)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-04-30] (Logitech Inc.)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36624 2007-01-28] (Sonic Solutions) [Datei ist nicht signiert]
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [801896 2012-10-25] (Realtek Semiconductor Corporation )
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [722416 2010-10-22] (Duplex Secure Ltd.)
R2 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5504 2012-06-03] () [Datei ist nicht signiert]
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2011-12-15] (The OpenVPN Project)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-29 14:14 - 2017-01-29 14:14 - 00000000 ____D C:\Users\TEMP.Kornelia-PC\AppData\Local\Real
2017-01-29 14:12 - 2017-01-29 14:15 - 00000000 ____D C:\Users\TEMP.Kornelia-PC
2017-01-28 14:43 - 2017-01-28 14:43 - 00001254 _____ C:\Users\Kornelia\Desktop\MWB.txt
2017-01-28 13:31 - 2017-01-28 13:31 - 00109596 _____ C:\Users\Kornelia\Desktop\TDSSKiller.txt
2017-01-28 13:24 - 2017-01-28 13:31 - 00219282 _____ C:\TDSSKiller.3.1.0.12_28.01.2017_13.24.30_log.txt
2017-01-28 13:22 - 2017-01-28 13:22 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Kornelia\Desktop\tdsskiller.exe
2017-01-28 01:39 - 2017-01-28 01:39 - 00263328 _____ C:\Users\Kornelia\Desktop\malwarebytes.txt
2017-01-27 23:56 - 2017-01-30 17:53 - 00000000 ____D C:\FRST
2017-01-27 16:27 - 2017-01-27 16:27 - 02870984 _____ (ESET) C:\Users\Kornelia\Desktop\esetsmartinstaller_deu.exe
2017-01-27 16:20 - 2017-01-27 16:20 - 00001898 _____ C:\Users\Kornelia\Desktop\sc-cleaner.txt
2017-01-27 16:12 - 2017-01-27 16:12 - 00015596 _____ C:\Users\Kornelia\Desktop\JRT.txt
2017-01-27 15:27 - 2017-01-27 15:41 - 00000000 ____D C:\AdwCleaner
2017-01-27 14:42 - 2017-01-27 14:42 - 00000000 ____D C:\Users\Kornelia\AppData\Local\AviraSpeedup
2017-01-27 14:35 - 2017-01-27 14:35 - 00000000 ____D C:\Users\Kornelia\AppData\Local\Avira
2017-01-27 13:56 - 2017-01-30 17:48 - 00094656 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-01-27 13:56 - 2017-01-30 17:48 - 00063264 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-01-27 13:56 - 2017-01-27 13:56 - 00152512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-01-27 13:55 - 2017-01-30 17:48 - 00039360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-01-27 13:55 - 2017-01-30 17:46 - 00219584 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-27 13:55 - 2017-01-27 13:55 - 00002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-27 13:55 - 2017-01-27 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-27 13:55 - 2017-01-20 07:47 - 00059976 _____ C:\Windows\system32\Drivers\mbae.sys
2017-01-27 13:54 - 2017-01-27 13:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-27 13:54 - 2017-01-27 13:54 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-27 00:03 - 2017-01-27 00:04 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2017-01-26 22:47 - 2017-01-26 22:47 - 00001134 _____ C:\Users\Kornelia\Desktop\Avira Antivirus starten.lnk
2017-01-26 21:06 - 2017-01-26 21:06 - 04581024 _____ (Avira Operations GmbH & Co. KG) C:\Users\Kornelia\Downloads\avira_de_fass0_588a51b66deb0__ws.exe
2017-01-26 19:57 - 2017-01-26 19:57 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\Avira
2017-01-26 17:28 - 2017-01-26 17:28 - 00000000 ____D C:\Users\Kornelia\Downloads\Notfall DVD 7.0 Free
2017-01-26 16:35 - 2017-01-26 17:04 - 1276319704 _____ C:\Users\Kornelia\Downloads\Notfall_DVD_7.0_Free.zip
2017-01-26 13:57 - 2017-01-26 13:57 - 00001101 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2017-01-26 13:57 - 2017-01-26 13:57 - 00000998 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2017-01-26 13:56 - 2017-01-30 17:48 - 00000000 ____D C:\Users\Public\Speedup Sessions
2017-01-26 13:52 - 2017-01-26 13:52 - 00001166 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-01-26 13:43 - 2017-01-26 13:49 - 04581024 _____ (Avira Operations GmbH & Co. KG) C:\Users\Kornelia\Downloads\avira_de_fass0_5889ec8b9e38c__ws.exe
2017-01-24 23:24 - 2017-01-24 23:24 - 00000936 _____ C:\Users\Kornelia\Desktop\duplicate.txt
2017-01-19 19:22 - 2017-01-19 21:20 - 00000000 ____D C:\Users\Kornelia\Desktop\Rekla Herd
2017-01-12 23:57 - 2017-01-12 23:58 - 00000000 ____D C:\Users\Kornelia\Desktop\SCHULE
2017-01-11 13:22 - 2017-01-05 18:46 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-11 13:22 - 2017-01-05 18:46 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-11 13:22 - 2017-01-05 18:43 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-11 13:22 - 2017-01-05 18:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-11 13:22 - 2017-01-05 18:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-11 13:22 - 2017-01-05 18:19 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-11 13:22 - 2017-01-05 18:19 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-11 13:22 - 2017-01-05 18:19 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-11 13:22 - 2017-01-05 18:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-11 13:22 - 2017-01-05 18:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-11 13:22 - 2017-01-05 18:19 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-10 16:32 - 2017-01-25 00:18 - 00040346 _____ C:\Users\Kornelia\Desktop\Dateiliste.xlsx
2017-01-08 21:33 - 2017-01-08 21:33 - 00000000 ____D C:\Users\Kornelia\AppData\Local\CEF
2017-01-07 22:31 - 2017-01-07 22:31 - 00002075 _____ C:\Users\Kornelia\Desktop\JDownloader 2.lnk
2017-01-07 22:31 - 2017-01-07 22:31 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2017-01-07 22:27 - 2017-01-27 15:13 - 00000000 ____D C:\Users\Kornelia\AppData\Local\JDownloader 2.0
2017-01-07 22:23 - 2017-01-07 22:23 - 00076504 _____ (AppWork GmbH) C:\Users\Kornelia\Downloads\WebInstaller.exe
2017-01-07 19:32 - 2017-01-28 20:38 - 00000000 ____D C:\Users\Kornelia\AppData\LocalLow\Mozilla
2017-01-07 19:20 - 2017-01-07 19:20 - 00243720 _____ C:\Users\Kornelia\Downloads\Firefox Setup Stub 50.1.0.exe
2017-01-07 17:29 - 2017-01-24 23:13 - 00000000 ____D C:\Users\Kornelia\Downloads\Downloader
2017-01-07 17:21 - 2017-01-07 17:23 - 26539720 _____ (AppWork GmbH) C:\Users\Kornelia\Downloads\JDownloaderSetup.exe
2017-01-07 16:50 - 2017-01-07 16:50 - 00000000 ____D C:\Users\Kornelia\Downloads\Info
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-30 17:53 - 2015-09-16 17:12 - 00000000 ____D C:\Users\Kornelia\Desktop\Neuer Ordner (2)
2017-01-30 17:45 - 2011-07-05 09:31 - 00000000 ____D C:\Users\Kornelia
2017-01-30 17:45 - 2010-03-25 21:41 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2017-01-30 17:45 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-29 20:48 - 2013-06-11 21:18 - 00000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001UA.job
2017-01-29 20:48 - 2013-03-01 15:36 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-29 20:48 - 2010-03-26 02:57 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2017-01-29 14:30 - 2011-07-05 09:29 - 00021264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-29 14:30 - 2011-07-05 09:29 - 00021264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-27 22:23 - 2013-06-11 21:18 - 00000918 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001Core.job
2017-01-27 15:43 - 2016-03-27 19:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-01-27 15:43 - 2012-04-30 09:26 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-01-27 15:40 - 2011-03-09 20:40 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2017-01-27 15:33 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\tracing
2017-01-27 15:13 - 2011-11-01 11:13 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\Vidalia
2017-01-27 15:13 - 2011-07-05 10:25 - 00000000 ____D C:\Windows\Panther
2017-01-27 15:13 - 2011-04-13 13:21 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\skypePM
2017-01-27 15:12 - 2010-10-31 18:18 - 00000000 ___RD C:\Users\Kornelia\Desktop\Tabea Spiele
2017-01-27 15:12 - 2007-10-12 08:47 - 00000000 ____D C:\Program Files\DivX
2017-01-27 14:43 - 2011-07-05 10:27 - 01629284 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-27 14:43 - 2009-07-14 09:47 - 00702942 _____ C:\Windows\system32\perfh007.dat
2017-01-27 14:43 - 2009-07-14 09:47 - 00150582 _____ C:\Windows\system32\perfc007.dat
2017-01-27 14:43 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2017-01-27 00:05 - 2010-12-16 14:57 - 00000000 ____D C:\Program Files\GMX
2017-01-26 23:52 - 2011-09-30 10:13 - 00000000 ____D C:\Users\Public\Documents\Tivola_prefs
2017-01-26 23:52 - 2011-02-23 18:14 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\Amazon
2017-01-26 23:52 - 2011-02-23 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
2017-01-26 23:52 - 2011-02-23 18:11 - 00000000 ____D C:\Program Files\Amazon
2017-01-26 23:52 - 2010-03-10 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tivola
2017-01-26 23:48 - 2011-03-09 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2017-01-26 23:48 - 2011-03-09 20:41 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\DVDVideoSoft
2017-01-26 23:48 - 2011-03-09 20:40 - 00000000 ____D C:\Program Files\DVDVideoSoft
2017-01-26 23:43 - 2016-10-23 15:39 - 00150152 _____ C:\Windows\ntbtlog.txt
2017-01-26 17:26 - 2016-10-24 10:00 - 00120432 _____ C:\Users\Kornelia\AppData\Local\GDIPFONTCACHEV1.DAT
2017-01-26 16:28 - 2016-10-21 23:01 - 00428280 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-26 13:57 - 2016-10-21 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-01-26 13:57 - 2012-12-22 20:23 - 00000000 ____D C:\Program Files\Avira
2017-01-26 13:57 - 2012-05-20 11:07 - 00000000 ____D C:\ProgramData\Avira
2017-01-26 13:52 - 2015-11-28 11:45 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-26 13:30 - 2011-04-05 15:08 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2017-01-25 13:21 - 2012-02-26 18:45 - 00000000 ____D C:\Users\Kornelia\Downloads\Heidi
2017-01-24 23:47 - 2011-04-05 14:45 - 00000000 ____D C:\ProgramData\Norton
2017-01-23 15:51 - 2012-01-17 15:04 - 00000000 ____D C:\Users\Kornelia\AppData\Local\Microsoft Help
2017-01-23 12:32 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2017-01-22 00:11 - 2016-08-14 14:22 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-19 21:19 - 2010-04-01 21:23 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\COREL
2017-01-19 21:13 - 2010-04-29 21:48 - 00000000 ____D C:\Users\Kornelia\Documents\My PSP Files
2017-01-19 21:13 - 2010-04-22 22:31 - 00001786 ___SH C:\Windows\system32\KGyGaAvL.sys
2017-01-11 23:30 - 2013-09-01 10:47 - 00000000 ____D C:\Windows\system32\MRT
2017-01-11 23:19 - 2011-08-09 13:50 - 133456224 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-10 19:31 - 2012-05-27 00:08 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-01-10 19:31 - 2011-09-06 09:10 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-01-10 19:31 - 2010-03-13 11:32 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-08 21:33 - 2010-03-12 09:41 - 00000000 ____D C:\Users\Kornelia\AppData\Local\Adobe
2017-01-07 19:31 - 2011-10-05 01:27 - 00001117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-01-07 19:31 - 2010-03-06 17:48 - 00001105 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2010-06-02 05:21 - 2010-06-02 05:21 - 1347354 _____ () C:\Program Files\Apr2005_d3dx9_25_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1078962 _____ () C:\Program Files\Apr2005_d3dx9_25_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1397830 _____ () C:\Program Files\Apr2006_d3dx9_30_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1115221 _____ () C:\Program Files\Apr2006_d3dx9_30_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0916430 _____ () C:\Program Files\Apr2006_MDX1_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 4162630 _____ () C:\Program Files\Apr2006_MDX1_x86_Archive.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0179133 _____ () C:\Program Files\Apr2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0133103 _____ () C:\Program Files\Apr2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087101 _____ () C:\Program Files\Apr2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046010 _____ () C:\Program Files\Apr2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0698612 _____ () C:\Program Files\APR2007_d3dx10_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0695865 _____ () C:\Program Files\APR2007_d3dx10_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1607358 _____ () C:\Program Files\APR2007_d3dx9_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1606039 _____ () C:\Program Files\APR2007_d3dx9_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0195766 _____ () C:\Program Files\APR2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0151225 _____ () C:\Program Files\APR2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0096817 _____ () C:\Program Files\APR2007_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0053302 _____ () C:\Program Files\APR2007_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1350542 _____ () C:\Program Files\Aug2005_d3dx9_27_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1077644 _____ () C:\Program Files\Aug2005_d3dx9_27_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0182903 _____ () C:\Program Files\AUG2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0137235 _____ () C:\Program Files\AUG2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087142 _____ () C:\Program Files\AUG2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046058 _____ () C:\Program Files\AUG2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0852286 _____ () C:\Program Files\AUG2007_d3dx10_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0796867 _____ () C:\Program Files\AUG2007_d3dx10_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1800160 _____ () C:\Program Files\AUG2007_d3dx9_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1708152 _____ () C:\Program Files\AUG2007_d3dx9_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0198096 _____ () C:\Program Files\AUG2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0153012 _____ () C:\Program Files\AUG2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0867612 _____ () C:\Program Files\Aug2008_d3dx10_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0849167 _____ () C:\Program Files\Aug2008_d3dx10_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1794084 _____ () C:\Program Files\Aug2008_d3dx9_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1464672 _____ () C:\Program Files\Aug2008_d3dx9_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0121772 _____ () C:\Program Files\Aug2008_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0092996 _____ () C:\Program Files\Aug2008_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271412 _____ () C:\Program Files\Aug2008_XAudio_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271038 _____ () C:\Program Files\Aug2008_XAudio_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0919044 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0900598 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3112111 _____ () C:\Program Files\Aug2009_d3dcsx_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3319740 _____ () C:\Program Files\Aug2009_d3dcsx_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0232635 _____ () C:\Program Files\Aug2009_d3dx10_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0192131 _____ () C:\Program Files\Aug2009_d3dx10_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0136301 _____ () C:\Program Files\Aug2009_d3dx11_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0105044 _____ () C:\Program Files\Aug2009_d3dx11_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0930116 _____ () C:\Program Files\Aug2009_d3dx9_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0728456 _____ () C:\Program Files\Aug2009_d3dx9_42_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122408 _____ () C:\Program Files\Aug2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093106 _____ () C:\Program Files\Aug2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273264 _____ () C:\Program Files\Aug2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272642 _____ () C:\Program Files\Aug2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1357976 _____ () C:\Program Files\Dec2005_d3dx9_28_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1079456 _____ () C:\Program Files\Dec2005_d3dx9_28_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0212807 _____ () C:\Program Files\DEC2006_d3dx10_00_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0191720 _____ () C:\Program Files\DEC2006_d3dx10_00_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1571154 _____ () C:\Program Files\DEC2006_d3dx9_32_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1574376 _____ () C:\Program Files\DEC2006_d3dx9_32_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0192475 _____ () C:\Program Files\DEC2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0145599 _____ () C:\Program Files\DEC2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0089944 _____ (Microsoft Corporation) C:\Program Files\DSETUP.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 1801048 _____ () C:\Program Files\dsetup32.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 0042410 _____ () C:\Program Files\dxdllreg_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0537432 _____ () C:\Program Files\DXSETUP.exe
2010-06-02 05:22 - 2010-06-02 05:22 - 0094011 _____ () C:\Program Files\dxupdate.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1247499 _____ () C:\Program Files\Feb2005_d3dx9_24_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1013225 _____ () C:\Program Files\Feb2005_d3dx9_24_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1362796 _____ () C:\Program Files\Feb2006_d3dx9_29_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1084720 _____ () C:\Program Files\Feb2006_d3dx9_29_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0178359 _____ () C:\Program Files\Feb2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0132409 _____ () C:\Program Files\Feb2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0194675 _____ () C:\Program Files\FEB2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0147983 _____ () C:\Program Files\FEB2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054678 _____ () C:\Program Files\Feb2010_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0020713 _____ () C:\Program Files\Feb2010_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122446 _____ () C:\Program Files\Feb2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093180 _____ () C:\Program Files\Feb2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0276960 _____ () C:\Program Files\Feb2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277191 _____ () C:\Program Files\Feb2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1336002 _____ () C:\Program Files\Jun2005_d3dx9_26_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1064925 _____ () C:\Program Files\Jun2005_d3dx9_26_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0180785 _____ () C:\Program Files\JUN2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0133671 _____ () C:\Program Files\JUN2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0699044 _____ () C:\Program Files\JUN2007_d3dx10_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0698472 _____ () C:\Program Files\JUN2007_d3dx10_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607774 _____ () C:\Program Files\JUN2007_d3dx9_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607286 _____ () C:\Program Files\JUN2007_d3dx9_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197122 _____ () C:\Program Files\JUN2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0152909 _____ () C:\Program Files\JUN2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0867828 _____ () C:\Program Files\JUN2008_d3dx10_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0849919 _____ () C:\Program Files\JUN2008_d3dx10_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1792608 _____ () C:\Program Files\JUN2008_d3dx9_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1463878 _____ () C:\Program Files\JUN2008_d3dx9_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055154 _____ () C:\Program Files\JUN2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021905 _____ () C:\Program Files\JUN2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121054 _____ () C:\Program Files\JUN2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093128 _____ () C:\Program Files\JUN2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269628 _____ () C:\Program Files\JUN2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269024 _____ () C:\Program Files\JUN2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0944460 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0931471 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0752783 _____ () C:\Program Files\Jun2010_d3dcsx_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0762188 _____ () C:\Program Files\Jun2010_d3dcsx_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0235955 _____ () C:\Program Files\Jun2010_d3dx10_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197283 _____ () C:\Program Files\Jun2010_d3dx10_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138205 _____ () C:\Program Files\Jun2010_d3dx11_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0109445 _____ () C:\Program Files\Jun2010_d3dx11_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0937246 _____ () C:\Program Files\Jun2010_d3dx9_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0768036 _____ () C:\Program Files\Jun2010_d3dx9_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0124596 _____ () C:\Program Files\Jun2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093686 _____ () C:\Program Files\Jun2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277338 _____ () C:\Program Files\Jun2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0278060 _____ () C:\Program Files\Jun2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0844884 _____ () C:\Program Files\Mar2008_d3dx10_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0818260 _____ () C:\Program Files\Mar2008_d3dx10_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1769862 _____ () C:\Program Files\Mar2008_d3dx9_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1443282 _____ () C:\Program Files\Mar2008_d3dx9_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055058 _____ () C:\Program Files\Mar2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021867 _____ () C:\Program Files\Mar2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122336 _____ () C:\Program Files\Mar2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093734 _____ () C:\Program Files\Mar2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0251194 _____ () C:\Program Files\Mar2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0226250 _____ () C:\Program Files\Mar2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1067160 _____ () C:\Program Files\Mar2009_d3dx10_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1040745 _____ () C:\Program Files\Mar2009_d3dx10_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1973702 _____ () C:\Program Files\Mar2009_d3dx9_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1612446 _____ () C:\Program Files\Mar2009_d3dx9_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054600 _____ () C:\Program Files\Mar2009_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021298 _____ () C:\Program Files\Mar2009_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121506 _____ () C:\Program Files\Mar2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092740 _____ () C:\Program Files\Mar2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0275044 _____ () C:\Program Files\Mar2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273018 _____ () C:\Program Files\Mar2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0864600 _____ () C:\Program Files\Nov2007_d3dx10_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0803884 _____ () C:\Program Files\Nov2007_d3dx10_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1802058 _____ () C:\Program Files\Nov2007_d3dx9_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1709360 _____ () C:\Program Files\Nov2007_d3dx9_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0046144 _____ () C:\Program Files\NOV2007_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0018496 _____ () C:\Program Files\NOV2007_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0196762 _____ () C:\Program Files\NOV2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0148264 _____ () C:\Program Files\NOV2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0994154 _____ () C:\Program Files\Nov2008_d3dx10_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0965421 _____ () C:\Program Files\Nov2008_d3dx10_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1906878 _____ () C:\Program Files\Nov2008_d3dx9_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1550796 _____ () C:\Program Files\Nov2008_d3dx9_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054522 _____ () C:\Program Files\Nov2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021851 _____ () C:\Program Files\Nov2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121794 _____ () C:\Program Files\Nov2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092684 _____ () C:\Program Files\Nov2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273960 _____ () C:\Program Files\Nov2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272611 _____ () C:\Program Files\Nov2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0086037 _____ () C:\Program Files\Oct2005_xinput_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0045359 _____ () C:\Program Files\Oct2005_xinput_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1412902 _____ () C:\Program Files\OCT2006_d3dx9_31_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1127217 _____ () C:\Program Files\OCT2006_d3dx9_31_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0182361 _____ () C:\Program Files\OCT2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138017 _____ () C:\Program Files\OCT2006_XACT_x86.cab
2010-10-22 14:05 - 2010-10-22 14:46 - 0000388 _____ () C:\Users\Kornelia\AppData\Roaming\burnaware.ini
2013-12-18 23:02 - 2013-12-19 00:05 - 0000679 _____ () C:\Users\Kornelia\AppData\Local\cookies.ini
2011-08-17 17:39 - 2015-07-28 17:08 - 0008192 _____ () C:\Users\Kornelia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-07-26 18:23 - 2011-07-26 18:23 - 0000000 _____ () C:\Users\Kornelia\AppData\Local\{38D64D27-A406-4959-8E9F-79A45D04043C}
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2011-07-05 09:26
==================== Ende vom FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 29-01-2017
durchgeführt von Kornelia (30-01-2017 18:00:48)
Gestartet von C:\Users\Kornelia\Desktop\Neuer Ordner (2)
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2011-07-05 09:33:53)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1736235967-2657770174-236075978-500 - Administrator - Disabled)
Gast (S-1-5-21-1736235967-2657770174-236075978-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1736235967-2657770174-236075978-1005 - Limited - Enabled)
Konni (S-1-5-21-1736235967-2657770174-236075978-1003 - Administrator - Enabled)
Kornelia (S-1-5-21-1736235967-2657770174-236075978-1001 - Administrator - Enabled) => C:\Users\Kornelia
Tabea (S-1-5-21-1736235967-2657770174-236075978-1002 - Limited - Enabled) => C:\Users\Tabea
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
7-Zip 4.65 (HKLM\...\7-Zip) (Version: - )
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM\...\Digital Editions) (Version: - )
Adobe Flash Player 24 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Aladins Wunderlampe (HKLM\...\Aladins Wunderlampe_is1) (Version: - )
Alamandi (HKLM\...\Alamandi) (Version: 0.0.0.0 - INTENIUM GmbH)
Amazon Music (HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
Annabel (HKLM\...\Annabel) (Version: 1.0.0.0 - INTENIUM GmbH)
ATI Catalyst Install Manager (HKLM\...\{CC516453-9703-ABF9-201F-58A5EC567292}) (Version: 3.0.642.0 - ATI Technologies, Inc.)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM\...\Avira Phantom VPN) (Version: 2.4.3.30556 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM\...\Avira System Speedup_is1) (Version: 3.1.1.4250 - Avira Operations GmbH & Co. KG)
Azada ™: Ancient Magic (HKLM\...\BFG-Azada - Ancient Magic) (Version: - )
Azada: In Libro (HKLM\...\BFG-Azada - In Libro) (Version: - )
Azteca (HKLM\...\Azteca) (Version: 1.0.0.0 - INTENIUM GmbH)
Beetle Ju 2 (HKLM\...\Beetle Ju 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Bengal (HKLM\...\Bengal) (Version: 1.0.1.0 - INTENIUM GmbH)
Big Fish Games: Game Manager (HKLM\...\BFGC) (Version: 2.0.0.28 - )
Botanica - Reise ins Unbekannte (HKLM\...\BFG-Botanica - Reise ins Unbekannte) (Version: - )
calibre (HKLM\...\{BA356893-F9F4-4C84-B10B-6EB2FC3C3B90}) (Version: 1.5.0 - Kovid Goyal)
ccc-core-static (Version: 2007.0821.2146.36991 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.4003 - CDBurnerXP)
Chinese Checkers (HKLM\...\40-com.novelgames.flashgames.checkers) (Version: 1.8.0 - Novel Games Limited)
Chinese Checkers (Version: 1.8.0 - Novel Games Limited) Hidden
Corel Paint Shop Pro Photo XI (HKLM\...\{E1C7EF5E-3A7B-4ED4-A48B-F70F1B36EAB4}) (Version: 11.20.0000 - Corel Corporation)
Corel Snapfire DVD Maker (HKLM\...\{17E14D89-3A9F-4706-9F9B-C2DFC7ABE94B}) (Version: 1.20.0000 - Corel Corporation)
Corel Snapfire Plus (HKLM\...\{7ADE3A47-B425-45E9-8FF6-11BE2B775645}) (Version: 1.201.0000 - Corel Corporation)
CyberGhost VPN Patch 4.7.19 (HKLM\...\CyberGhost VPN_is1) (Version: - CyberGhost S.R.L.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Da Vincis Perlen Puzzle (HKLM\...\Da Vincis Perlen Puzzle) (Version: - )
Das Reich des Drachen (HKLM\...\Das Reich des Drachen) (Version: 1.0.0.0 - INTENIUM GmbH)
Das Vermächtnis - Der Baum des Lebens (1.00) (HKLM\...\Das Vermächtnis - Der Baum des Lebens_is1) (Version: - City Interactive)
Der Perfekte Weihnachtsbaum (HKLM\...\Der Perfekte Weihnachtsbaum) (Version: 1.0.0.0 - INTENIUM GmbH)
DEUTSCHLAND SPIELT GAME CENTER (HKLM\...\DSGPlayer) (Version: 1.2010.6.23 - INTENIUM GmbH)
Diamantenfee 2 (HKLM\...\Diamantenfee 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Diamond Drop 2 (HKLM\...\Diamond Drop 2) (Version: 1.0.0.0 - INTENIUM GmbH)
DIE GEHEIMNISSE DER SPIDERWICKS (HKLM\...\{DFA723CE-22B4-4E6B-92CF-176256ECF2DE}) (Version: 1.00.0000 - Sierra Entertainment)
Die Kluge Eule (HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Die Kluge Eule) (Version: - )
Die Wiege Olympias 2 (HKLM\...\Die Wiege Olympias 2) (Version: 1.0.0.0 - INTENIUM GmbH)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.3 - DivX, LLC)
Drawn: ® Flucht aus der Dunkelheit (HKLM\...\BFG-Drawn - Flucht aus der Dunkelheit) (Version: - )
Drawn: Der Turm ™ (HKLM\...\BFG-Drawn - Der Turm) (Version: - )
Dream Chronicles (HKLM\...\Dream Chronicles) (Version: - PlayFirst, Inc.)
Dream Chronicles ™ 2: The Eternal Maze (HKLM\...\BFG-Dream Chronicles 2 - The Eternal Maze) (Version: - )
DVD43 v4.6.0 (HKLM\...\DVD43_is1) (Version: - )
DVS Video Downloader Addon for Mozilla Firefox version 4.3.4.17 (HKLM\...\DVS Video Downloader Addon for Mozilla Firefox_is1) (Version: 4.3.4.17 - DVDVideoSoft Ltd.)
Emil und Pauline Auf dem Land (remove only) (HKLM\...\Emil und Pauline Auf dem Land) (Version: - )
Emil und Pauline In der Stadt (remove only) (HKLM\...\Emil und Pauline In der Stadt) (Version: - )
Enigmatis - Vermisst in Maple Creek (HKLM\...\Enigmatis - Vermisst in Maple Creek_is1) (Version: - rondomedia Marketing & Vertriebs GmbH)
Ewige Reise - Das neue Atlantis (HKLM\...\Ewige Reise - Das neue Atlantis) (Version: - )
Fabled Legends: Die Ruckkehr des Rattenfangers (HKLM\...\BFG-Fabled Legends - Die Rueckkehr des Rattenfaengers) (Version: - )
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FarmFrenzy (HKLM\...\FarmFrenzy) (Version: - )
Finstere Liebschaft - Immortal Lovers (HKLM\...\Finstere Liebschaft - Immortal Lovers) (Version: - )
foobar2000 v1.0.3 (HKLM\...\foobar2000) (Version: 1.0.3 - Peter Pawlowski)
Forest Legends - Der Ruf der Liebe (HKLM\...\Forest Legends - Der Ruf der Liebe) (Version: - )
FormatFactory 3.5.0.0 (HKLM\...\FormatFactory) (Version: 3.5.0.0 - Format Factory)
Free Studio version 2013 (HKLM\...\Free Studio_is1) (Version: 6.1.0.320 - DVDVideoSoft Ltd.)
Galileo Family Quiz - Spezial II (HKLM\...\Galileo Family Quiz - Spezial II) (Version: - SevenOne Intermedia)
Geheimakte 2 - Puritas Cordis (HKLM\...\{BE7347AD-2D93-4A74-8DBF-C1B073DAE509}) (Version: 1.00.0000 - Deep Silver)
Geheime Fälle: Die gestohlene Venus (HKLM\...\Geheime Fälle: Die gestohlene Venus) (Version: 1.0.0.0 - INTENIUM GmbH)
Geheimnis von Montezuma 2 (HKLM\...\Geheimnis von Montezuma 2) (Version: 1.0.0.0 - INTENIUM GmbH)
GMX SMS-Manager (HKLM\...\com.unitedinternet.ums.sms-mms-manager) (Version: 2.7.2.6 - 1 und 1 Internet AG)
GMX SMS-Manager (Version: 2.7.2 - 1 und 1 Internet AG) Hidden
Google Calendar Sync (HKLM\...\Google Calendar Sync) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Gravely Silent: Haus des Schreckens (HKLM\...\BFG-Gravely Silent - Haus des Schreckens) (Version: - )
Haunted Manor: Der Herr der Spiegel (HKLM\...\BFG-Haunted Manor - Der Herr der Spiegel) (Version: - )
Hauppauge MCE XP/Vista Software Encoder (2.0.25102) (HKLM\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.25102 - Hauppauge Computer Works, Inc.)
Heroes of Hellas (HKLM\...\{C0906D83-1FE0-4176-A940-45A348080987}) (Version: 1.00.0000 - Purplehills)
Hexentanz und Firlefanz (HKLM\...\Hexentanz und Firlefanz) (Version: - )
Hidden Expedition ® : Bermudadreieck (HKLM\...\BFG-Hidden Expedition - Bermudadreieck) (Version: - )
Hidden Mysteries Salem Secrets (HKLM\...\Hidden Mysteries Salem Secrets) (Version: 1.0 - astrogon Software)
Hidden Mysteries Vampire Secrets (HKLM\...\Hidden Mysteries Vampire Secrets) (Version: 1.0 - astragon Software)
Java(TM) 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JetBee FREE 5.1.2 (build 456) (HKLM\...\JetBee_is1) (Version: - )
Jewel Puzzle (HKLM\...\Jewel Puzzle) (Version: 1.0.0.0 - INTENIUM GmbH)
Kleiner Eisbär 2 (HKLM\...\Kleiner Eisbär 2) (Version: - )
Kuros (HKLM\...\Kuros) (Version: 1.0.0.0 - INTENIUM GmbH)
Lauras Stern (HKLM\...\Lauras Stern) (Version: - )
Letstrade (HKLM\...\{E0091C29-DEE8-4B24-BF65-8C35B5940D77}) (Version: 1.00.0000 - Buhl Data Service)
LightScribe System Software 1.17.90.1 (HKLM\...\{CB16F6D9-EBC9-4BC6-B917-7AF53E99C067}) (Version: 1.17.90.1 - LightScribe)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Manic Digger (HKLM\...\{119E2FCB-5CDD-4C24-BCB2-56A824E2BF0A}_is1) (Version: - )
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Midnight Mysteries Salem Witch Trials (HKLM\...\Midnight Mysteries Salem Witch Trials) (Version: 1.1.0.0 - MumboJumbo)
Mozilla Firefox 51.0.1 (x86 de) (HKLM\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Mozilla Thunderbird 45.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 45.6.0 (x86 de)) (Version: 45.6.0 - Mozilla)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery Case Files®: Dire Grove™ (HKLM\...\BFG-Mystery Case Files - Dire Grove) (Version: - )
Mystery Case Files: Madame Fate ® (HKLM\...\BFG-Mystery Case Files - Madame Fate) (Version: - )
Mystery Case Files: Rückkehr nach Ravenhearst Handbuch ™ (HKLM\...\BFG-Mystery Case Files - Rueckkehr nach Ravenhearst Handbuch) (Version: - )
Mystery Case Files: Rückkehr nach Ravenhearst ™ (HKLM\...\BFG-Mystery Case Files - Rueckkehr nach Ravenhearst) (Version: - )
Mystery Case Files: Ravenhearst ™ (HKLM\...\BFG-Mystery Case Files - Ravenhearst) (Version: - )
Mystery of Cleopatra (HKLM\...\Mystery of Cleopatra 1.0) (Version: 1.0 - Rondo Media)
Mystery Places - Das Geheimnis der Geistervilla (HKLM\...\Mystery Places - Das Geheimnis der Geistervilla_is1) (Version: - )
Mystery Tales - Insel der Träume (HKLM\...\{2C0AC9A4-3FA8-4B71-848E-9BB9D492BC2E}_is1) (Version: - cerasus.media GmbH)
Mystery Trackers: Raincliff (HKLM\...\BFG-Mystery Trackers - Raincliff) (Version: - )
Natalie Brooks (HKLM\...\Natalie Brooks) (Version: - )
Nero 7 Essentials (HKLM\...\{0DE739CA-9487-4E3E-8511-92EAF01F1031}) (Version: 7.03.0274 - Nero AG)
Nightfall Mysteries - Die Ashburg Verschwörung (HKLM\...\Nightfall Mysteries - Die Ashburg Verschwörung_is1) (Version: - rondomedia)
Pahelika: Secret Legends (HKLM\...\Pahelika: Secret Legends) (Version: - The Games Company Worldwide GmbH)
Paragon Hard Disk Manager 2008 Professional (HKLM\...\{E9E4BB29-FA98-401B-9EDE-9906906E33DE}) (Version: - Paragon Software Group)
PixiePack Codec Pack (HKLM\...\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}) (Version: 1.1.1200.0 - None)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Polipo 1.0.4.1 (HKLM\...\Polipo) (Version: - )
Prinzessin Isabella (HKLM\...\Prinzessin Isabella) (Version: 1.0.0.0 - INTENIUM GmbH)
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
ProtectDisc Helper Driver 10 (HKLM\...\ProtectDisc Driver 10) (Version: 10.0.0.3 - )
Radiotracker (HKLM\...\{1E863F44-2D2D-4BD7-B25B-EDA9FF622267}) (Version: 6.2.13700.0 - RapidSolution Software AG)
ratDVD 0.78.1444 (HKLM\...\ratDVD) (Version: 0.78.1444 - ratDVD)
Ravensburger tiptoi (HKLM\...\Ravensburger tiptoi) (Version: - )
RealDownloader (Version: 18.1.2.176 - RealNetworks, Inc.) Hidden
RealDownloader (Version: 18.1.4.144 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM\...\RealPlayer 18.1) (Version: 18.1.2 - RealNetworks)
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - )
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Rooms - Die Villa 1.0d (HKLM\...\Rooms - Die Villa) (Version: 1.0d - Halycon Media)
Samantha Swift and the Mystery From Atlantis (HKLM\...\Samantha Swift and the Mystery From Atlantis) (Version: 1.1.0.0 - MumboJumbo)
Sandra Fleming Chronicles – Crystal Skulls (HKLM\...\Sandra Fleming Chronicles – Crystal Skulls) (Version: 1.0.0.0 - INTENIUM GmbH)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Simajo (HKLM\...\Simajo) (Version: - )
Skins (Version: 2007.0821.2146.36991 - ATI) Hidden
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony Ericsson Update Engine (HKLM\...\Update Engine) (Version: 2.13.6.201305161305 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.188 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.188 - Sony)
Spirits of Mystery: Dunkler Fluch (HKLM\...\BFG-Spirits of Mystery - Dunkler Fluch) (Version: - )
Spur der Träume (HKLM\...\Spur der Träume) (Version: 1.0.0.0 - INTENIUM GmbH)
Sweet Home 3D version 3.3 (HKLM\...\Sweet Home 3D_is1) (Version: - eTeks)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Enchanted Kingdom: Elisa’s Adventure (HKLM\...\The Enchanted Kingdom: Elisa’s Adventure) (Version: 1.0.0.0 - INTENIUM GmbH)
The Fall Trilogy (HKLM\...\The Fall Trilogy_is1) (Version: - Morphicon)
The Fall Trilogy Chapter 2 (HKLM\...\The Fall Trilogy Chapter 2_is1) (Version: - Morphicon)
The Night of the Rabbit (HKLM\...\The Night of the Rabbit) (Version: 1.0 - Daedalic Entertainment)
The Sultans Labyrinth: Das Opfer des Königs (HKLM\...\BFG-The Sultans Labyrinth - Das Opfer des Koenigs) (Version: - ) <==== ACHTUNG
Tor 0.2.2.35 (HKLM\...\Tor) (Version: - )
TP-LINK 300Mbps Wireless USB Adapter Treiber (HKLM\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
TP-LINK-Konfigurationstool (HKLM\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Trödelschätze (HKLM\...\{AC368309-A247-42C0-9AAF-ABB2E067B79C}) (Version: 1.00.0000 - Valusoft)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Try Corel Snapfire muvee autoProducer add on (Version: 1.00.0000 - Ihr Firmenname) Hidden
Turtix (HKLM\...\Turtix) (Version: - )
Turtix 2 (HKLM\...\Turtix 2) (Version: - )
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Vernaeht und zugeflixt! Was stimmt denn hier nicht? (HKLM\...\Vernaeht und zugeflixt! Was stimmt denn hier nicht?) (Version: - )
Vidalia 0.2.15 (HKLM\...\Vidalia) (Version: - )
Video Downloader (Version: 1.2.0 - RealNetworks) Hidden
Vista Codec Package (HKLM\...\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}) (Version: 5.6.4 - Shark007)
VTech Download Agent Library (Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (HKLM\...\VTechDownloadManager) (Version: - VTech)
Wieso? Weshalb? Warum? - Unser Körper (HKLM\...\com.rd.www.desktop.DesktopBody) (Version: 1.0.0 - Ravensburger Digital GmbH)
Wieso? Weshalb? Warum? - Unser Körper (Version: 1.0.0 - Ravensburger Digital GmbH) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WordPerfect Office X3 (HKLM\...\_{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}) (Version: - Corel Corporation)
WordPerfect Office X3 (Version: 13.3 - Corel Corporation) Hidden
World Voyage (HKLM\...\World Voyage) (Version: 1.0.0.0 - INTENIUM GmbH)
XMedia Recode 2.3.0.4 (HKLM\...\XMedia Recode) (Version: 2.3.0.4 - Sebastian Dörfler)
XMind 2013 (v3.4.1) (HKLM\...\XMind_is1) (Version: 3.4.1.201401221918 - XMind Ltd.)
Zuma's Revenge! (HKLM\...\Zuma's Revenge!1.0) (Version: 1.0 - AllSmartGames)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Kornelia\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Kornelia\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Kornelia\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837}\InprocServer32 -> kein Dateipfad
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {032A98DE-A547-4FB1-97B4-777E85FCE80F} - System32\Tasks\{51ECF608-A47D-464B-892E-9A3067C4CA0E} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {04338029-ABEF-4DB2-A56D-FF0641970A7A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001UA => C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-11] (Facebook Inc.)
Task: {08FA19ED-87A2-4BE4-B4F6-1170192766D0} - System32\Tasks\{1D76B916-65CA-47A7-9DD1-C614C8F74E56} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {0922A476-D472-4C6B-AF0D-283C447FF4F0} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {248BA49A-31FC-4CBC-AC12-0AD50B3730CD} - System32\Tasks\{2D2CF1E0-A39F-4435-B084-62C323AD4F56} => C:\Program Files\astragon Software\Hidden Mysteries Vampire Secrets\Hidden Mysteries - Vampire Secrets.exe [2010-09-03] ()
Task: {262EF14E-2D04-4238-8DD2-2B9AFBBAEC1F} - System32\Tasks\{D62DA859-B3A5-4A8C-8643-BC908C434082} => C:\Program Files\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {2B93871E-90A6-4BD6-B5B2-2B2CCE5A5740} - System32\Tasks\{C791566E-54A6-4DAF-8C0F-0153AA08A504} => pcalua.exe -a D:\Software\Nero\setupx.exe -d D:\Software\Nero
Task: {2D4FEC81-5640-445A-97C1-A780D1FD2CD8} - System32\Tasks\{3D22388D-753E-494E-8F61-D351F8E67C68} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {34B169BF-29C1-4D9E-ABAD-DD33D6A48488} - System32\Tasks\{AA3E9FEA-EE1C-4BD0-A6EE-0AB550AE278F} => pcalua.exe -a D:\autorun.exe -d D:\
Task: {3C30CE7A-A21F-4478-8DFD-AB4484B05538} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-10] (Adobe Systems Incorporated)
Task: {3F4F5314-363F-4D5F-AD46-3C6D3EAA7DDA} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {40B72FB4-CFE2-4347-A69C-6AA6A1291F0F} - System32\Tasks\{CC841AF3-7C05-4252-BDD9-2A3892CD4929} => Firefox.exe
Task: {474C30BF-0A7E-4DC2-9E6B-369B154E8229} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-02] (Google Inc.)
Task: {49897270-27FE-4B7E-A4F9-1B4F8AE27E3F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {49E28B95-9408-4715-97DA-1AB7339805C6} - System32\Tasks\{EA4F2F72-7C23-4AB9-8184-245B49DE749F} => C:\Program Files\DEUTSCHLAND SPIELT\BeetleJu2 VollVersion\BeetleJu2_og.exe [2010-11-23] (INTENIUM GmbH)
Task: {4C08C992-D45F-4D07-9702-9FF2FB1E7DA0} - System32\Tasks\{7D0AE273-2305-48F1-AF5C-46BFD622F47E} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {4E016ADD-5044-4D20-841E-C43FFE2861BD} - System32\Tasks\{F4A27F14-3152-470D-9565-039442275C50} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {4EC8D6F7-19A4-43EB-A744-BF2A0A15F56E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {50748F55-16EA-4C55-8547-7EC1D0947037} - System32\Tasks\RealDownloader Update Check => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [2016-07-05] ()
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {5AC92F98-B42E-4F21-9AA0-01AD0439642E} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {5B3F853B-FE70-4847-8631-186551D7012C} - System32\Tasks\{07CBC734-EBA5-454A-913B-EC737132222F} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {66D53617-940A-4E05-871F-28B9007E2CC3} - System32\Tasks\{9BFE3ECE-693E-45CE-A00E-7DC315188CEC} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {6B725544-E42B-4580-B4AE-E272703AF399} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {6C42F0C8-5E73-4DE6-A971-9CE99159C71D} - System32\Tasks\{71507EB2-BF35-48B0-8135-FCBC7D54BAEC} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {77D92D5C-1736-4593-BC70-36551C747A1A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {78201B2F-5E80-4168-B233-7212E7A89D0D} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18] (Sun Microsystems, Inc.)
Task: {7DD6E2A0-C6F1-4EFD-92B0-4A0D547C24C5} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {893B18BE-C091-4B27-9D76-82F0BCA99813} - System32\Tasks\{84074564-9C97-48A0-BBB3-89DAB27B7C9B} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {9240E8E9-1D41-40BA-B4DE-32542C7145DB} - System32\Tasks\{97E672C4-E6D1-4ED6-99D8-B122A1F86FC0} => pcalua.exe -a D:\DVPP\Setup.exe -d D:\DVPP
Task: {979D3F17-6619-45C5-B404-606838B44253} - System32\Tasks\{E4546B87-1D17-4B95-A0A5-37522F5D05EF} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {9C2F05E8-F861-43CF-987B-095EF430F405} - System32\Tasks\{F3AEE607-769D-4C8B-824B-88BEB035F102} => pcalua.exe -a C:\Spiele\Lillifee\setup.exe -d D:
Task: {B0993B05-978C-4A15-AA87-B18AB9A99EFD} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001Core => C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-11] (Facebook Inc.)
Task: {B37A6E42-727E-4E31-A77C-04022A464880} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2015-11-04] (RealNetworks, Inc.)
Task: {BFD53BF4-19B8-4502-92DD-7D926FFA8CA6} - System32\Tasks\{EC680A57-E7BC-4A66-8FBB-20A511FDFA89} => pcalua.exe -a D:\bin\EasyInst.exe -d D:\
Task: {C8250CB2-F11F-4A98-95BB-BA5E812E6A7E} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {DAAAE172-7743-4C96-B232-DCC0F5FC7607} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-02] (Google Inc.)
Task: {DBF5DE37-8E99-4B07-813D-41126EA90DB3} - System32\Tasks\{81430713-60CA-4B71-8FBB-D14DA0751514} => pcalua.exe -a D:\autorun.exe -d D:\
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {F0E42A33-0E8E-4BB2-80F9-8418E2340E57} - System32\Tasks\{287D07D5-E1D7-4882-9C98-35680FC50E9A} => C:\Program Files\astragon Software\Hidden Mysteries Vampire Secrets\Hidden Mysteries - Vampire Secrets.exe [2010-09-03] ()
Task: {F20691E7-0B1D-438A-ABD0-2D94FF823CEA} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {F526EC9D-6127-42C8-A3B4-E081029D3F7D} - System32\Tasks\{3DEE68DB-465B-46BB-87CD-D6BEE805EFD1} => C:\Program Files\Daedalic Entertainment\The Night of the Rabbit\rabbit.exe [2013-04-28] (Daedalic Entertainment GmbH)
Task: {FB0BD155-6754-4ECC-9711-162FE2741D51} - System32\Tasks\Amazon Music Helper => C:\Users\Kornelia\AppData\Local\Amazon Music\Amazon Music Helper.exe [2014-12-08] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001Core.job => C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001UA.job => C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-01-17 15:57 - 2014-12-08 07:27 - 06277952 _____ () C:\Users\Kornelia\AppData\Local\Amazon Music\Amazon Music Helper.exe
2006-11-02 11:40 - 2006-11-02 11:40 - 00174656 _____ () C:\Windows\system32\PSIService.exe
2015-11-04 15:20 - 2015-11-04 15:20 - 00033088 _____ () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
2015-11-04 15:20 - 2015-11-04 15:20 - 00037720 _____ () C:\Program Files\Real\UpdateService\DL2UpdatePlugin.dll
2015-11-04 15:19 - 2015-11-04 15:19 - 00039768 _____ () C:\Program Files\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2015-11-04 15:20 - 2015-11-04 15:20 - 00037728 _____ () C:\Program Files\Real\UpdateService\VideoDLUpdatePlugin.dll
2017-01-27 13:54 - 2017-01-20 07:47 - 01732896 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-01-27 13:55 - 2017-01-20 07:47 - 01719760 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-01-27 13:55 - 2017-01-20 07:47 - 02097616 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2010-06-09 18:10 - 2009-10-23 18:34 - 00827904 _____ () C:\Program Files\dvd43\DVD43_Tray.exe
2011-07-29 00:08 - 2011-07-29 00:08 - 01259376 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2011-07-29 00:09 - 2011-07-29 00:09 - 00096112 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2013-06-24 09:54 - 2013-06-20 08:58 - 00391040 _____ () C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
2013-06-24 09:54 - 2010-06-24 02:16 - 02150400 _____ () C:\Program Files\VTech\DownloadManager\System\QtCore4.dll
2013-06-24 09:54 - 2010-07-13 14:07 - 07826432 _____ () C:\Program Files\VTech\DownloadManager\System\QtGui4.dll
2013-06-24 09:54 - 2010-06-02 03:29 - 00934912 _____ () C:\Program Files\VTech\DownloadManager\System\QtNetwork4.dll
2013-06-24 09:54 - 2010-06-02 03:28 - 00335360 _____ () C:\Program Files\VTech\DownloadManager\System\QtXml4.dll
2013-06-24 09:54 - 2012-08-06 10:54 - 09843640 _____ () C:\Program Files\VTech\DownloadManager\System\QtWebKit4.dll
2013-06-24 09:54 - 2010-06-02 03:56 - 00232960 _____ () C:\Program Files\VTech\DownloadManager\System\phonon4.dll
2013-06-24 09:54 - 2010-06-02 03:54 - 02530816 _____ () C:\Program Files\VTech\DownloadManager\System\QtXmlPatterns4.dll
2013-06-24 09:54 - 2010-07-05 10:19 - 00116736 _____ () C:\Program Files\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2013-06-24 09:54 - 2010-11-11 10:24 - 00028160 _____ () C:\Program Files\VTech\DownloadManager\System\DACommCenter.dll
2013-06-24 09:54 - 2010-06-02 06:05 - 00025600 _____ () C:\Program Files\VTech\DownloadManager\System\imageformats\qgif4.dll
2013-06-24 09:54 - 2010-06-02 06:05 - 00119808 _____ () C:\Program Files\VTech\DownloadManager\System\imageformats\qjpeg4.dll
2016-07-05 17:18 - 2016-07-05 17:18 - 00714992 _____ () C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
2016-07-05 17:13 - 2016-07-05 17:13 - 01382048 _____ () C:\Program Files\RealNetworks\RealDownloader\cpprest100_1_2.dll
2015-11-28 11:37 - 2015-11-28 11:37 - 00653608 _____ () c:\program files\real\realplayer\RPDS\Lib\r1api.dll
2015-11-28 11:37 - 2015-11-28 11:37 - 00022312 _____ () c:\program files\real\realplayer\RPDS\Tools\ffmpeg\mediautil.dll
2015-11-28 11:37 - 2015-11-28 11:37 - 01520936 _____ () c:\program files\real\realplayer\RPDS\Tools\ffmpeg\avformat-55.dll
2015-11-28 11:37 - 2015-11-28 11:37 - 04274984 _____ () c:\program files\real\realplayer\RPDS\Tools\ffmpeg\avcodec-55.dll
2015-11-28 11:37 - 2015-11-28 11:37 - 00322856 _____ () c:\program files\real\realplayer\RPDS\Tools\ffmpeg\avutil-52.dll
2015-10-02 18:33 - 2012-10-25 15:19 - 00846848 _____ () C:\Program Files\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe
2015-10-02 18:33 - 2012-10-25 15:19 - 01401344 _____ () C:\Program Files\TP-LINK\TP-LINK-Konfigurationstool\nicLan.dll
2015-10-02 18:33 - 2012-12-04 15:22 - 00193024 _____ () C:\Program Files\TP-LINK\TP-LINK-Konfigurationstool\DC_WFF.dll
2015-10-02 18:33 - 2012-10-25 15:19 - 00293376 _____ () C:\Program Files\TP-LINK\TP-LINK-Konfigurationstool\WJRtl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:24FECE50 [398]
AlternateDataStreams: C:\ProgramData\TEMP:260575F1 [422]
AlternateDataStreams: C:\ProgramData\TEMP:35501BA4 [368]
AlternateDataStreams: C:\ProgramData\TEMP:45A64DE6 [183]
AlternateDataStreams: C:\ProgramData\TEMP:574F975B [184]
AlternateDataStreams: C:\ProgramData\TEMP:9BB8C675 [171]
AlternateDataStreams: C:\ProgramData\TEMP:A3B8F70C [128]
AlternateDataStreams: C:\ProgramData\TEMP:A4AF8D0D [169]
AlternateDataStreams: C:\ProgramData\TEMP:ADF211B1 [100]
AlternateDataStreams: C:\ProgramData\TEMP:B139DDF3 [173]
AlternateDataStreams: C:\ProgramData\TEMP:B8791731 [170]
AlternateDataStreams: C:\ProgramData\TEMP:BEE39E9B [190]
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]
AlternateDataStreams: C:\ProgramData\TEMP:E51234A9 [154]
AlternateDataStreams: C:\ProgramData\TEMP:FAB64002 [164]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.exe: => <===== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.scr: => <===== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.bat: => <===== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.com: => <===== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.cmd: => <===== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.reg: => <===== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2006-11-02 03:23 - 2006-09-18 14:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AOButler.exe - Verknüpfung.lnk => C:\Windows\pss\AOButler.exe - Verknüpfung.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Kornelia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^AOButler.lnk => C:\Windows\pss\AOButler.lnk.Startup
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Spiele Post => C:\Program Files\OXXOGames\GPlayer\GameCenterNotifier.exe
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{771781D7-42F2-4719-BCFC-468823CD634A}] => C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{F8F60273-BD4C-4058-B246-6F633BD6A891}] => LPort=1900
FirewallRules: [{20D276B1-3C90-4929-8A32-E4ACCBECC2C8}] => LPort=2869
FirewallRules: [{3355F104-DC9F-42F3-8E9D-3BF5DBF8FEB3}] => C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0BEA84F4-2656-475A-AE06-59E81719D75F}] => svchost.exe
FirewallRules: [{2BFBBFCF-8C85-480D-A055-0DB5677BDCDE}] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{5B4D0C77-79AF-4923-BDC1-B51891E48444}C:\program files\vidalia bundle\tor\tor.exe] => C:\program files\vidalia bundle\tor\tor.exe
FirewallRules: [UDP Query User{BC460BB0-BD68-48F3-BEB2-47578A7623D9}C:\program files\vidalia bundle\tor\tor.exe] => C:\program files\vidalia bundle\tor\tor.exe
FirewallRules: [{2339DF44-A7DD-4E22-A32A-32DCC95DC337}] => C:\program files\vidalia bundle\tor\tor.exe
FirewallRules: [{A59E1834-01D3-478B-90C5-6E1D4924AFDB}] => C:\program files\vidalia bundle\tor\tor.exe
FirewallRules: [{AEB0C184-B9E4-434C-B087-A14CA1DF867B}] => C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{08572AF5-8353-4B61-B8C0-24C618870A9E}] => C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{670FA4AF-6DA8-487A-91EE-B07143EB2170}] => C:\Users\Kornelia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8BD40ABE-22B5-4230-B66B-47D3BD3D0390}] => C:\Users\Kornelia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{55D99CB2-C725-42FC-847A-5909C961EAE8}] => C:\Users\Kornelia\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{85FDB52D-7A01-43A8-9009-6A168010138A}] => C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{8758F947-09B2-41DF-88EC-579BC9CA03E7}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{459568E9-83FC-4C8A-9663-91C2C9B6026F}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{92605963-E425-410C-BB6E-8F4EDEA0C349}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D48E3507-9052-45D0-9E44-24AC955777AA}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4ED3AA0F-7E02-449A-BAA4-34B72C42BF3C}C:\program files\freetime\formatfactory\formatfactory.exe] => C:\program files\freetime\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{A8E2B43C-F558-48C1-A629-118843C42FE8}C:\program files\freetime\formatfactory\formatfactory.exe] => C:\program files\freetime\formatfactory\formatfactory.exe
FirewallRules: [{84839E9D-9BF0-4CCD-A922-70507EA96606}] => c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{175EF583-D4BB-4455-BF80-3778A39EAEAC}] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{189936DE-97ED-4FCF-AFD9-FA1ABFB6C531}] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{D0577CA9-F454-408A-ACDF-7F280302E7BD}] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{95DF96B5-51A5-4BAD-8FE7-4BC3CF9AF3DF}] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{D81DFAC4-5EE4-4BF8-A94D-84503C9C6E7F}] => C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{88496792-6A83-4826-9392-C3A2DBF731BE}C:\program files\java\jre6\bin\javaw.exe] => C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{08F10482-4231-4238-9029-5220201C0B87}C:\program files\java\jre6\bin\javaw.exe] => C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{3199F9F6-FD40-4F4E-B578-F886A82D57DA}C:\users\kornelia\appdata\local\jdownloader 2.0\jdownloader2.exe] => C:\users\kornelia\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [UDP Query User{AE639368-64F0-4A58-B6CA-0EE42A599710}C:\users\kornelia\appdata\local\jdownloader 2.0\jdownloader2.exe] => C:\users\kornelia\appdata\local\jdownloader 2.0\jdownloader2.exe
==================== Wiederherstellungspunkte =========================
24-01-2017 15:04:25 Windows Update
27-01-2017 15:11:14 Avira System Speedup Optimierung
27-01-2017 16:04:18 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: atksgt
Description: atksgt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: atksgt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: sptd
Description: sptd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: sptd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/30/2017 05:45:22 PM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/30/2017 05:45:22 PM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/29/2017 08:47:50 PM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/29/2017 08:47:50 PM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/29/2017 02:50:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a4a7
Name des fehlerhaften Moduls: wmp.dll, Version: 12.0.7601.23517, Zeitstempel: 0x57adfdef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002f2a13
ID des fehlerhaften Prozesses: 0x15a4
Startzeit der fehlerhaften Anwendung: 0x01d27a35cd75a541
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\wmp.dll
Berichtskennung: e30ce1ad-e629-11e6-aa4c-001d607b2853
Error: (01/29/2017 02:43:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a4a7
Name des fehlerhaften Moduls: wmp.dll, Version: 12.0.7601.23517, Zeitstempel: 0x57adfdef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002f2a13
ID des fehlerhaften Prozesses: 0x1368
Startzeit der fehlerhaften Anwendung: 0x01d27a34d2826c97
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\wmp.dll
Berichtskennung: f5cc0ce1-e628-11e6-aa4c-001d607b2853
Error: (01/29/2017 02:36:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a4a7
Name des fehlerhaften Moduls: wmp.dll, Version: 12.0.7601.23517, Zeitstempel: 0x57adfdef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002f2a13
ID des fehlerhaften Prozesses: 0x15c8
Startzeit der fehlerhaften Anwendung: 0x01d27a3288bbadc4
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\wmp.dll
Berichtskennung: f726ff1b-e627-11e6-aa4c-001d607b2853
Error: (01/29/2017 02:18:46 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Kornelia-PC)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.
Error: (01/29/2017 02:18:46 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Kornelia-PC)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.
Error: (01/29/2017 02:18:46 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: Kornelia-PC)
Description: Das lokal gespeicherte Profil kann nicht geladen werden. Mögliche Fehlerursachen sind nicht ausreichende Sicherheitsrechte oder ein beschädigtes lokales Profil.
Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Systemfehler:
=============
Error: (01/30/2017 05:50:30 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.
Error: (01/30/2017 05:50:30 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/1733801205/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.
Error: (01/30/2017 05:50:30 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.
Error: (01/30/2017 05:50:30 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/1733801205/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.
Error: (01/30/2017 05:48:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
Error: (01/30/2017 05:45:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdatem)" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (01/30/2017 05:45:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdatem) erreicht.
Error: (01/30/2017 05:45:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update Service (gupdate1cacc58a1955820)" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (01/30/2017 05:45:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update Service (gupdate1cacc58a1955820) erreicht.
Error: (01/30/2017 05:45:15 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT-AUTORITÄT)
Description: 0x8000002a32\??\C:\Users\Kornelia\ntuser.dat
==================== Memory info ===========================
Processor: AMD Athlon(tm) X2 Dual Core Processor BE-2300
Prozentuale Nutzung des RAM: 79%
Installierter physikalischer RAM: 1918.49 MB
Verfügbarer physikalischer RAM: 396.49 MB
Summe virtueller Speicher: 3836.98 MB
Verfügbarer virtueller Speicher: 1740.49 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:242.77 GB) (Free:93.87 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive e: () (Fixed) (Total:207.36 GB) (Free:35.49 GB) NTFS
Drive g: (Black) (Fixed) (Total:465.76 GB) (Free:413.34 GB) NTFS
Drive i: (EXTERN 2 -Spiegel-) (Fixed) (Total:242.77 GB) (Free:143.09 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive m: (EXTERN 1 -DATEN-) (Fixed) (Total:1255.2 GB) (Free:437.65 GB) NTFS
Drive n: (EXTERN 3) (Fixed) (Total:100 GB) (Free:99.87 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C76EBDA3)
Partition 1: (Active) - (Size=242.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15.6 GB) - (Type=27)
Partition 3: (Not Active) - (Size=207.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 5C921633)
Partition 1: (Not Active) - (Size=1255.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=507.8 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 256E7802)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
|
|
30.01.2017, 20:59
| #11 | |
| /// TB-Ausbilder | WIndowa 7 Funde OpenCandy.Gen im abgesichternen Modus Servus, bitte beachten: Zitat:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind. Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter. |
|
30.01.2017, 21:13
| #12 |
| | WIndowa 7 Funde OpenCandy.Gen im abgesichternen ModusCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 29-01-2017
durchgeführt von Kornelia (Administrator) auf KORNELIA-PC (30-01-2017 21:06:50)
Gestartet von C:\Users\Kornelia\Desktop
Geladene Profile: Kornelia (Verfügbare Profile: Kornelia & Tabea)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\VPN\Avira.VpnService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
() C:\Users\Kornelia\AppData\Local\Amazon Music\Amazon Music Helper.exe
() C:\Windows\System32\PSIService.exe
() C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\dvd43\DVD43_Tray.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
() C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
() C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
(Intenium) C:\Program Files\DEUTSCHLAND SPIELT\Alamandi\TaskBarNotifier.exe
(Google) C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
() C:\Program Files\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4702208 2007-10-01] (Realtek Semiconductor)
HKLM\...\Run: [dvd43] => C:\Program Files\dvd43\dvd43_tray.exe [827904 2009-10-23] ()
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [AgentMonitor] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe [391040 2013-06-20] ()
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [286992 2015-11-28] (RealNetworks, Inc.)
HKLM\...\Run: [RealDownloader] => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [714992 2016-07-05] ()
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [917576 2016-12-16] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira System Speedup User Starter] => C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [25744 2017-01-11] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira System Speedup Tray] => C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [160936 2017-01-11] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM Group Policy restriction on software: C:\Program Files\Common Files\G DATA <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Common Files\Symantec Shared <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\G DATA <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Run: [Alamandi tray notifier] => C:\Program Files\DEUTSCHLAND SPIELT\Alamandi\TaskBarNotifier.exe [394992 2012-07-10] (Intenium)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Run: [Facebook Update] => C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-06-11] (Facebook Inc.)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Run: [Amazon Music] => C:\Users\Kornelia\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 1
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\MountPoints2: {dd31715e-6298-11df-b571-001d607b2853} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\MountPoints2: {fdc8adba-0935-11e2-a19e-001d607b2853} - G:\DPFMate.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Google Calendar Sync.lnk [2013-01-10]
ShortcutTarget: Google Calendar Sync.lnk -> C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2015-11-28]
ShortcutTarget: RealTimes.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk [2015-10-02]
ShortcutTarget: TP-LINK-Konfigurationstool.lnk -> C:\Program Files\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe ()
Startup: C:\Users\Konni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-30]
ShortcutTarget: zSpeedup.lnk -> C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG)
Startup: C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2014-03-04]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-30]
ShortcutTarget: zSpeedup.lnk -> C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG)
Startup: C:\Users\Tabea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-30]
ShortcutTarget: zSpeedup.lnk -> C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG)
GroupPolicy: Beschränkung ? <======= ACHTUNG
GroupPolicy\User: Beschränkung ? <======= ACHTUNG
GroupPolicyUsers\S-1-5-21-1736235967-2657770174-236075978-1002\User: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{23F9AFAB-2021-4A7D-9477-EBCFE8F59F7E}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9AD09A44-51EC-4D6E-9E93-74F49F171E7E}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art
URLSearchHook: HKU\S-1-5-21-1736235967-2657770174-236075978-1001 - (Kein Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - Keine Datei
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2015-11-04] (RealDownloader)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2012-02-15] (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-02-15] (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default [2017-01-30]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\20811wxw.default ->
FF Homepage: Mozilla\Firefox\Profiles\20811wxw.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\20811wxw.default -> ist aktiviert.
FF NetworkProxy: Mozilla\Firefox\Profiles\20811wxw.default -> type", 1
FF Extension: (Avira Browser Safety) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\abs@avira.com [2017-01-26]
FF Extension: (Avira Browser Safety) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\abs@avira.com.xpi [2017-01-08]
FF Extension: (FacebookBlocker) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\facebookBlocker@webgraph.com [2014-02-16] [ist nicht signiert]
FF Extension: (NO Google Analytics) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\jid1-JcGokIiQyjoBAQ@jetpack.xpi [2016-06-09]
FF Extension: (Official My JDownloader AddOn) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2017-01-07]
FF Extension: (Test Pilot) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\testpilot@labs.mozilla.com.xpi [2016-09-01]
FF Extension: (NoScript) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-01-20]
FF Extension: (Adblock Plus) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-16]
FF Extension: (Torbutton) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}.xpi [2012-10-11] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-07-05] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: (Mehr Leistung und Videoformate für dein HTML5 &video&) - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-12-27] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1165635.dll [2012-07-05] (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2012-02-15] (Sun Microsystems, Inc.)
FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=18.1.2.175 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2015-11-28] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-08] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-08] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll [2010-02-04] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=18.1.2.175 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2015-11-28] (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-05] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1736235967-2657770174-236075978-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kornelia\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012-02-15] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2014-04-27] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2014-04-27] (RealPlayer Cloud)
Chrome:
=======
CHR DefaultProfile: Default
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\50.0.2661.102\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll => Keine Datei
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\50.0.2661.102\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\50.0.2661.102\pdf.dll => Keine Datei
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default [2017-01-27]
CHR Extension: (Kein Name) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-16]
CHR Extension: (Kein Name) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-16]
CHR Extension: (RealDownloader) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-11-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-16]
CHR Extension: (Kein Name) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-04-07]
CHR Extension: (Kein Name) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-15]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - Chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [1089592 2016-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [476736 2016-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [476736 2016-12-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1490296 2016-12-16] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files\Avira\VPN\Avira.VpnService.exe [300344 2017-01-18] (Avira Operations GmbH & Co. KG)
S3 CGVPNCliSrvc; C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
S2 gupdate1cacc58a1955820; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-10-02] (Google Inc.)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-12-06] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3303888 2017-01-20] (Malwarebytes)
U2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [174656 2006-11-02] () [Datei ist nicht signiert]
R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [33088 2015-11-04] ()
R2 RealTimes Desktop Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [1095976 2015-11-28] (RealNetworks, Inc.)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [Datei ist nicht signiert]
R2 SpeedupService; C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [35304 2017-01-11] (Avira Operations GmbH & Co. KG)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 ACEDRV05; C:\Windows\system32\drivers\ACEDRV05.sys [97792 2010-03-10] (Protect Software GmbH) [Datei ist nicht signiert]
R2 ACEDRV08; C:\Windows\system32\drivers\ACEDRV08.sys [108768 2010-12-28] (Protect Software GmbH)
R2 acedrv10; C:\Windows\system32\drivers\acedrv10.sys [330144 2007-07-27] (Protect Software GmbH)
R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
R2 acehlp10; C:\Windows\system32\drivers\acehlp10.sys [251680 2007-07-27] (Protect Software GmbH)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278984 2010-04-05] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119208 2016-12-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140840 2016-12-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2016-09-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [60088 2016-09-27] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [30672 2016-12-16] (Avira Operations GmbH & Co. KG)
R3 dvd43llh; C:\Windows\System32\DRIVERS\dvd43llh.sys [18816 2010-06-09] (RIF) [Datei ist nicht signiert]
S3 eapihdrv; C:\Users\Kornelia\AppData\Local\Temp\ehdrv.sys [135760 2017-01-27] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [59976 2017-01-20] ()
S3 HCW713x; C:\Windows\System32\DRIVERS\HCW713x.sys [827776 2007-03-26] (Hauppauge Computer Works inc.)
R0 hotcore3; C:\Windows\System32\drivers\hotcore3.sys [39472 2008-02-14] (Paragon Software Group)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2010-04-05] ()
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [152512 2017-01-27] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [94656 2017-01-30] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [39360 2017-01-30] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [219584 2017-01-30] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [63264 2017-01-30] (Malwarebytes)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2007-02-27] ()
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc.)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-13] (NXP Semiconductors)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-04-30] (Logitech Inc.)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36624 2007-01-28] (Sonic Solutions) [Datei ist nicht signiert]
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [801896 2012-10-25] (Realtek Semiconductor Corporation )
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [722416 2010-10-22] (Duplex Secure Ltd.)
R2 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5504 2012-06-03] () [Datei ist nicht signiert]
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2011-12-15] (The OpenVPN Project)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-30 21:06 - 2017-01-30 21:07 - 00028753 _____ C:\Users\Kornelia\Desktop\FRST.txt
2017-01-29 14:14 - 2017-01-29 14:14 - 00000000 ____D C:\Users\TEMP.Kornelia-PC\AppData\Local\Real
2017-01-29 14:12 - 2017-01-29 14:15 - 00000000 ____D C:\Users\TEMP.Kornelia-PC
2017-01-28 14:43 - 2017-01-28 14:43 - 00001254 _____ C:\Users\Kornelia\Desktop\MWB.txt
2017-01-28 13:31 - 2017-01-28 13:31 - 00109596 _____ C:\Users\Kornelia\Desktop\TDSSKiller.txt
2017-01-28 13:24 - 2017-01-28 13:31 - 00219282 _____ C:\TDSSKiller.3.1.0.12_28.01.2017_13.24.30_log.txt
2017-01-28 13:22 - 2017-01-28 13:22 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Kornelia\Desktop\tdsskiller.exe
2017-01-28 13:03 - 2017-01-30 17:52 - 01762816 _____ (Farbar) C:\Users\Kornelia\Desktop\FRST.exe
2017-01-28 01:39 - 2017-01-28 01:39 - 00263328 _____ C:\Users\Kornelia\Desktop\malwarebytes.txt
2017-01-27 23:56 - 2017-01-30 21:06 - 00000000 ____D C:\FRST
2017-01-27 16:27 - 2017-01-27 16:27 - 02870984 _____ (ESET) C:\Users\Kornelia\Desktop\esetsmartinstaller_deu.exe
2017-01-27 16:20 - 2017-01-27 16:20 - 00001898 _____ C:\Users\Kornelia\Desktop\sc-cleaner.txt
2017-01-27 16:12 - 2017-01-27 16:12 - 00015596 _____ C:\Users\Kornelia\Desktop\JRT.txt
2017-01-27 15:27 - 2017-01-27 15:41 - 00000000 ____D C:\AdwCleaner
2017-01-27 14:42 - 2017-01-27 14:42 - 00000000 ____D C:\Users\Kornelia\AppData\Local\AviraSpeedup
2017-01-27 14:35 - 2017-01-27 14:35 - 00000000 ____D C:\Users\Kornelia\AppData\Local\Avira
2017-01-27 13:56 - 2017-01-30 21:06 - 00063264 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-01-27 13:56 - 2017-01-30 17:48 - 00094656 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-01-27 13:56 - 2017-01-27 13:56 - 00152512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-01-27 13:55 - 2017-01-30 17:48 - 00039360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-01-27 13:55 - 2017-01-30 17:46 - 00219584 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-27 13:55 - 2017-01-27 13:55 - 00002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-27 13:55 - 2017-01-27 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-27 13:55 - 2017-01-20 07:47 - 00059976 _____ C:\Windows\system32\Drivers\mbae.sys
2017-01-27 13:54 - 2017-01-27 13:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-27 13:54 - 2017-01-27 13:54 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-27 00:03 - 2017-01-27 00:04 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2017-01-26 22:47 - 2017-01-26 22:47 - 00001134 _____ C:\Users\Kornelia\Desktop\Avira Antivirus starten.lnk
2017-01-26 21:06 - 2017-01-26 21:06 - 04581024 _____ (Avira Operations GmbH & Co. KG) C:\Users\Kornelia\Downloads\avira_de_fass0_588a51b66deb0__ws.exe
2017-01-26 19:57 - 2017-01-26 19:57 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\Avira
2017-01-26 17:28 - 2017-01-26 17:28 - 00000000 ____D C:\Users\Kornelia\Downloads\Notfall DVD 7.0 Free
2017-01-26 16:35 - 2017-01-26 17:04 - 1276319704 _____ C:\Users\Kornelia\Downloads\Notfall_DVD_7.0_Free.zip
2017-01-26 13:57 - 2017-01-26 13:57 - 00001101 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2017-01-26 13:57 - 2017-01-26 13:57 - 00000998 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2017-01-26 13:56 - 2017-01-30 17:48 - 00000000 ____D C:\Users\Public\Speedup Sessions
2017-01-26 13:52 - 2017-01-26 13:52 - 00001166 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-01-26 13:43 - 2017-01-26 13:49 - 04581024 _____ (Avira Operations GmbH & Co. KG) C:\Users\Kornelia\Downloads\avira_de_fass0_5889ec8b9e38c__ws.exe
2017-01-24 23:24 - 2017-01-24 23:24 - 00000936 _____ C:\Users\Kornelia\Desktop\duplicate.txt
2017-01-19 19:22 - 2017-01-19 21:20 - 00000000 ____D C:\Users\Kornelia\Desktop\Rekla Herd
2017-01-12 23:57 - 2017-01-12 23:58 - 00000000 ____D C:\Users\Kornelia\Desktop\SCHULE
2017-01-11 13:22 - 2017-01-05 18:46 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-11 13:22 - 2017-01-05 18:46 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-11 13:22 - 2017-01-05 18:43 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-11 13:22 - 2017-01-05 18:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-11 13:22 - 2017-01-05 18:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-11 13:22 - 2017-01-05 18:19 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-11 13:22 - 2017-01-05 18:19 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-11 13:22 - 2017-01-05 18:19 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-11 13:22 - 2017-01-05 18:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-11 13:22 - 2017-01-05 18:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-11 13:22 - 2017-01-05 18:19 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-10 16:32 - 2017-01-25 00:18 - 00040346 _____ C:\Users\Kornelia\Desktop\Dateiliste.xlsx
2017-01-08 21:33 - 2017-01-08 21:33 - 00000000 ____D C:\Users\Kornelia\AppData\Local\CEF
2017-01-07 22:31 - 2017-01-07 22:31 - 00002075 _____ C:\Users\Kornelia\Desktop\JDownloader 2.lnk
2017-01-07 22:31 - 2017-01-07 22:31 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2017-01-07 22:27 - 2017-01-27 15:13 - 00000000 ____D C:\Users\Kornelia\AppData\Local\JDownloader 2.0
2017-01-07 22:23 - 2017-01-07 22:23 - 00076504 _____ (AppWork GmbH) C:\Users\Kornelia\Downloads\WebInstaller.exe
2017-01-07 19:32 - 2017-01-30 18:16 - 00000000 ____D C:\Users\Kornelia\AppData\LocalLow\Mozilla
2017-01-07 19:20 - 2017-01-07 19:20 - 00243720 _____ C:\Users\Kornelia\Downloads\Firefox Setup Stub 50.1.0.exe
2017-01-07 17:29 - 2017-01-24 23:13 - 00000000 ____D C:\Users\Kornelia\Downloads\Downloader
2017-01-07 17:21 - 2017-01-07 17:23 - 26539720 _____ (AppWork GmbH) C:\Users\Kornelia\Downloads\JDownloaderSetup.exe
2017-01-07 16:50 - 2017-01-07 16:50 - 00000000 ____D C:\Users\Kornelia\Downloads\Info
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-30 21:04 - 2015-09-16 17:12 - 00000000 ____D C:\Users\Kornelia\Desktop\Neuer Ordner (2)
2017-01-30 20:43 - 2010-03-26 02:57 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2017-01-30 20:31 - 2013-03-01 15:36 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-30 19:23 - 2013-06-11 21:18 - 00000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001UA.job
2017-01-30 18:17 - 2011-07-05 09:29 - 00021264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-30 18:17 - 2011-07-05 09:29 - 00021264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-30 17:45 - 2011-07-05 09:31 - 00000000 ____D C:\Users\Kornelia
2017-01-30 17:45 - 2010-03-25 21:41 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2017-01-30 17:45 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-27 22:23 - 2013-06-11 21:18 - 00000918 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001Core.job
2017-01-27 15:43 - 2016-03-27 19:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-01-27 15:43 - 2012-04-30 09:26 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-01-27 15:40 - 2011-03-09 20:40 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2017-01-27 15:33 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\tracing
2017-01-27 15:13 - 2011-11-01 11:13 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\Vidalia
2017-01-27 15:13 - 2011-07-05 10:25 - 00000000 ____D C:\Windows\Panther
2017-01-27 15:13 - 2011-04-13 13:21 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\skypePM
2017-01-27 15:12 - 2010-10-31 18:18 - 00000000 ___RD C:\Users\Kornelia\Desktop\Tabea Spiele
2017-01-27 15:12 - 2007-10-12 08:47 - 00000000 ____D C:\Program Files\DivX
2017-01-27 14:43 - 2011-07-05 10:27 - 01629284 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-27 14:43 - 2009-07-14 09:47 - 00702942 _____ C:\Windows\system32\perfh007.dat
2017-01-27 14:43 - 2009-07-14 09:47 - 00150582 _____ C:\Windows\system32\perfc007.dat
2017-01-27 14:43 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2017-01-27 00:05 - 2010-12-16 14:57 - 00000000 ____D C:\Program Files\GMX
2017-01-26 23:52 - 2011-09-30 10:13 - 00000000 ____D C:\Users\Public\Documents\Tivola_prefs
2017-01-26 23:52 - 2011-02-23 18:14 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\Amazon
2017-01-26 23:52 - 2011-02-23 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
2017-01-26 23:52 - 2011-02-23 18:11 - 00000000 ____D C:\Program Files\Amazon
2017-01-26 23:52 - 2010-03-10 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tivola
2017-01-26 23:48 - 2011-03-09 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2017-01-26 23:48 - 2011-03-09 20:41 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\DVDVideoSoft
2017-01-26 23:48 - 2011-03-09 20:40 - 00000000 ____D C:\Program Files\DVDVideoSoft
2017-01-26 23:43 - 2016-10-23 15:39 - 00150152 _____ C:\Windows\ntbtlog.txt
2017-01-26 17:26 - 2016-10-24 10:00 - 00120432 _____ C:\Users\Kornelia\AppData\Local\GDIPFONTCACHEV1.DAT
2017-01-26 16:28 - 2016-10-21 23:01 - 00428280 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-26 13:57 - 2016-10-21 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-01-26 13:57 - 2012-12-22 20:23 - 00000000 ____D C:\Program Files\Avira
2017-01-26 13:57 - 2012-05-20 11:07 - 00000000 ____D C:\ProgramData\Avira
2017-01-26 13:52 - 2015-11-28 11:45 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-26 13:30 - 2011-04-05 15:08 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2017-01-25 13:21 - 2012-02-26 18:45 - 00000000 ____D C:\Users\Kornelia\Downloads\Heidi
2017-01-24 23:47 - 2011-04-05 14:45 - 00000000 ____D C:\ProgramData\Norton
2017-01-23 15:51 - 2012-01-17 15:04 - 00000000 ____D C:\Users\Kornelia\AppData\Local\Microsoft Help
2017-01-23 12:32 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2017-01-22 00:11 - 2016-08-14 14:22 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-19 21:19 - 2010-04-01 21:23 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\COREL
2017-01-19 21:13 - 2010-04-29 21:48 - 00000000 ____D C:\Users\Kornelia\Documents\My PSP Files
2017-01-19 21:13 - 2010-04-22 22:31 - 00001786 ___SH C:\Windows\system32\KGyGaAvL.sys
2017-01-11 23:30 - 2013-09-01 10:47 - 00000000 ____D C:\Windows\system32\MRT
2017-01-11 23:19 - 2011-08-09 13:50 - 133456224 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-10 19:31 - 2012-05-27 00:08 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-01-10 19:31 - 2011-09-06 09:10 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-01-10 19:31 - 2010-03-13 11:32 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-08 21:33 - 2010-03-12 09:41 - 00000000 ____D C:\Users\Kornelia\AppData\Local\Adobe
2017-01-07 19:31 - 2011-10-05 01:27 - 00001117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-01-07 19:31 - 2010-03-06 17:48 - 00001105 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2010-06-02 05:21 - 2010-06-02 05:21 - 1347354 _____ () C:\Program Files\Apr2005_d3dx9_25_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1078962 _____ () C:\Program Files\Apr2005_d3dx9_25_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1397830 _____ () C:\Program Files\Apr2006_d3dx9_30_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1115221 _____ () C:\Program Files\Apr2006_d3dx9_30_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0916430 _____ () C:\Program Files\Apr2006_MDX1_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 4162630 _____ () C:\Program Files\Apr2006_MDX1_x86_Archive.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0179133 _____ () C:\Program Files\Apr2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0133103 _____ () C:\Program Files\Apr2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087101 _____ () C:\Program Files\Apr2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046010 _____ () C:\Program Files\Apr2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0698612 _____ () C:\Program Files\APR2007_d3dx10_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0695865 _____ () C:\Program Files\APR2007_d3dx10_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1607358 _____ () C:\Program Files\APR2007_d3dx9_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1606039 _____ () C:\Program Files\APR2007_d3dx9_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0195766 _____ () C:\Program Files\APR2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0151225 _____ () C:\Program Files\APR2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0096817 _____ () C:\Program Files\APR2007_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0053302 _____ () C:\Program Files\APR2007_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1350542 _____ () C:\Program Files\Aug2005_d3dx9_27_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1077644 _____ () C:\Program Files\Aug2005_d3dx9_27_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0182903 _____ () C:\Program Files\AUG2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0137235 _____ () C:\Program Files\AUG2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087142 _____ () C:\Program Files\AUG2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046058 _____ () C:\Program Files\AUG2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0852286 _____ () C:\Program Files\AUG2007_d3dx10_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0796867 _____ () C:\Program Files\AUG2007_d3dx10_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1800160 _____ () C:\Program Files\AUG2007_d3dx9_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1708152 _____ () C:\Program Files\AUG2007_d3dx9_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0198096 _____ () C:\Program Files\AUG2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0153012 _____ () C:\Program Files\AUG2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0867612 _____ () C:\Program Files\Aug2008_d3dx10_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0849167 _____ () C:\Program Files\Aug2008_d3dx10_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1794084 _____ () C:\Program Files\Aug2008_d3dx9_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1464672 _____ () C:\Program Files\Aug2008_d3dx9_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0121772 _____ () C:\Program Files\Aug2008_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0092996 _____ () C:\Program Files\Aug2008_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271412 _____ () C:\Program Files\Aug2008_XAudio_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271038 _____ () C:\Program Files\Aug2008_XAudio_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0919044 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0900598 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3112111 _____ () C:\Program Files\Aug2009_d3dcsx_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3319740 _____ () C:\Program Files\Aug2009_d3dcsx_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0232635 _____ () C:\Program Files\Aug2009_d3dx10_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0192131 _____ () C:\Program Files\Aug2009_d3dx10_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0136301 _____ () C:\Program Files\Aug2009_d3dx11_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0105044 _____ () C:\Program Files\Aug2009_d3dx11_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0930116 _____ () C:\Program Files\Aug2009_d3dx9_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0728456 _____ () C:\Program Files\Aug2009_d3dx9_42_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122408 _____ () C:\Program Files\Aug2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093106 _____ () C:\Program Files\Aug2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273264 _____ () C:\Program Files\Aug2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272642 _____ () C:\Program Files\Aug2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1357976 _____ () C:\Program Files\Dec2005_d3dx9_28_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1079456 _____ () C:\Program Files\Dec2005_d3dx9_28_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0212807 _____ () C:\Program Files\DEC2006_d3dx10_00_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0191720 _____ () C:\Program Files\DEC2006_d3dx10_00_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1571154 _____ () C:\Program Files\DEC2006_d3dx9_32_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1574376 _____ () C:\Program Files\DEC2006_d3dx9_32_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0192475 _____ () C:\Program Files\DEC2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0145599 _____ () C:\Program Files\DEC2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0089944 _____ (Microsoft Corporation) C:\Program Files\DSETUP.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 1801048 _____ () C:\Program Files\dsetup32.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 0042410 _____ () C:\Program Files\dxdllreg_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0537432 _____ () C:\Program Files\DXSETUP.exe
2010-06-02 05:22 - 2010-06-02 05:22 - 0094011 _____ () C:\Program Files\dxupdate.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1247499 _____ () C:\Program Files\Feb2005_d3dx9_24_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1013225 _____ () C:\Program Files\Feb2005_d3dx9_24_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1362796 _____ () C:\Program Files\Feb2006_d3dx9_29_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1084720 _____ () C:\Program Files\Feb2006_d3dx9_29_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0178359 _____ () C:\Program Files\Feb2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0132409 _____ () C:\Program Files\Feb2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0194675 _____ () C:\Program Files\FEB2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0147983 _____ () C:\Program Files\FEB2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054678 _____ () C:\Program Files\Feb2010_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0020713 _____ () C:\Program Files\Feb2010_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122446 _____ () C:\Program Files\Feb2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093180 _____ () C:\Program Files\Feb2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0276960 _____ () C:\Program Files\Feb2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277191 _____ () C:\Program Files\Feb2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1336002 _____ () C:\Program Files\Jun2005_d3dx9_26_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1064925 _____ () C:\Program Files\Jun2005_d3dx9_26_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0180785 _____ () C:\Program Files\JUN2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0133671 _____ () C:\Program Files\JUN2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0699044 _____ () C:\Program Files\JUN2007_d3dx10_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0698472 _____ () C:\Program Files\JUN2007_d3dx10_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607774 _____ () C:\Program Files\JUN2007_d3dx9_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607286 _____ () C:\Program Files\JUN2007_d3dx9_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197122 _____ () C:\Program Files\JUN2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0152909 _____ () C:\Program Files\JUN2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0867828 _____ () C:\Program Files\JUN2008_d3dx10_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0849919 _____ () C:\Program Files\JUN2008_d3dx10_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1792608 _____ () C:\Program Files\JUN2008_d3dx9_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1463878 _____ () C:\Program Files\JUN2008_d3dx9_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055154 _____ () C:\Program Files\JUN2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021905 _____ () C:\Program Files\JUN2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121054 _____ () C:\Program Files\JUN2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093128 _____ () C:\Program Files\JUN2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269628 _____ () C:\Program Files\JUN2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269024 _____ () C:\Program Files\JUN2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0944460 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0931471 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0752783 _____ () C:\Program Files\Jun2010_d3dcsx_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0762188 _____ () C:\Program Files\Jun2010_d3dcsx_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0235955 _____ () C:\Program Files\Jun2010_d3dx10_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197283 _____ () C:\Program Files\Jun2010_d3dx10_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138205 _____ () C:\Program Files\Jun2010_d3dx11_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0109445 _____ () C:\Program Files\Jun2010_d3dx11_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0937246 _____ () C:\Program Files\Jun2010_d3dx9_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0768036 _____ () C:\Program Files\Jun2010_d3dx9_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0124596 _____ () C:\Program Files\Jun2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093686 _____ () C:\Program Files\Jun2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277338 _____ () C:\Program Files\Jun2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0278060 _____ () C:\Program Files\Jun2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0844884 _____ () C:\Program Files\Mar2008_d3dx10_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0818260 _____ () C:\Program Files\Mar2008_d3dx10_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1769862 _____ () C:\Program Files\Mar2008_d3dx9_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1443282 _____ () C:\Program Files\Mar2008_d3dx9_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055058 _____ () C:\Program Files\Mar2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021867 _____ () C:\Program Files\Mar2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122336 _____ () C:\Program Files\Mar2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093734 _____ () C:\Program Files\Mar2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0251194 _____ () C:\Program Files\Mar2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0226250 _____ () C:\Program Files\Mar2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1067160 _____ () C:\Program Files\Mar2009_d3dx10_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1040745 _____ () C:\Program Files\Mar2009_d3dx10_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1973702 _____ () C:\Program Files\Mar2009_d3dx9_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1612446 _____ () C:\Program Files\Mar2009_d3dx9_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054600 _____ () C:\Program Files\Mar2009_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021298 _____ () C:\Program Files\Mar2009_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121506 _____ () C:\Program Files\Mar2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092740 _____ () C:\Program Files\Mar2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0275044 _____ () C:\Program Files\Mar2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273018 _____ () C:\Program Files\Mar2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0864600 _____ () C:\Program Files\Nov2007_d3dx10_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0803884 _____ () C:\Program Files\Nov2007_d3dx10_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1802058 _____ () C:\Program Files\Nov2007_d3dx9_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1709360 _____ () C:\Program Files\Nov2007_d3dx9_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0046144 _____ () C:\Program Files\NOV2007_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0018496 _____ () C:\Program Files\NOV2007_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0196762 _____ () C:\Program Files\NOV2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0148264 _____ () C:\Program Files\NOV2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0994154 _____ () C:\Program Files\Nov2008_d3dx10_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0965421 _____ () C:\Program Files\Nov2008_d3dx10_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1906878 _____ () C:\Program Files\Nov2008_d3dx9_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1550796 _____ () C:\Program Files\Nov2008_d3dx9_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054522 _____ () C:\Program Files\Nov2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021851 _____ () C:\Program Files\Nov2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121794 _____ () C:\Program Files\Nov2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092684 _____ () C:\Program Files\Nov2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273960 _____ () C:\Program Files\Nov2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272611 _____ () C:\Program Files\Nov2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0086037 _____ () C:\Program Files\Oct2005_xinput_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0045359 _____ () C:\Program Files\Oct2005_xinput_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1412902 _____ () C:\Program Files\OCT2006_d3dx9_31_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1127217 _____ () C:\Program Files\OCT2006_d3dx9_31_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0182361 _____ () C:\Program Files\OCT2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138017 _____ () C:\Program Files\OCT2006_XACT_x86.cab
2010-10-22 14:05 - 2010-10-22 14:46 - 0000388 _____ () C:\Users\Kornelia\AppData\Roaming\burnaware.ini
2013-12-18 23:02 - 2013-12-19 00:05 - 0000679 _____ () C:\Users\Kornelia\AppData\Local\cookies.ini
2011-08-17 17:39 - 2015-07-28 17:08 - 0008192 _____ () C:\Users\Kornelia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-07-26 18:23 - 2011-07-26 18:23 - 0000000 _____ () C:\Users\Kornelia\AppData\Local\{38D64D27-A406-4959-8E9F-79A45D04043C}
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2011-07-05 09:26
==================== Ende vom FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 29-01-2017
durchgeführt von Kornelia (30-01-2017 21:08:48)
Gestartet von C:\Users\Kornelia\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2011-07-05 09:33:53)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1736235967-2657770174-236075978-500 - Administrator - Disabled)
Gast (S-1-5-21-1736235967-2657770174-236075978-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1736235967-2657770174-236075978-1005 - Limited - Enabled)
Konni (S-1-5-21-1736235967-2657770174-236075978-1003 - Administrator - Enabled)
Kornelia (S-1-5-21-1736235967-2657770174-236075978-1001 - Administrator - Enabled) => C:\Users\Kornelia
Tabea (S-1-5-21-1736235967-2657770174-236075978-1002 - Limited - Enabled) => C:\Users\Tabea
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
7-Zip 4.65 (HKLM\...\7-Zip) (Version: - )
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM\...\Digital Editions) (Version: - )
Adobe Flash Player 24 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Aladins Wunderlampe (HKLM\...\Aladins Wunderlampe_is1) (Version: - )
Alamandi (HKLM\...\Alamandi) (Version: 0.0.0.0 - INTENIUM GmbH)
Amazon Music (HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
Annabel (HKLM\...\Annabel) (Version: 1.0.0.0 - INTENIUM GmbH)
ATI Catalyst Install Manager (HKLM\...\{CC516453-9703-ABF9-201F-58A5EC567292}) (Version: 3.0.642.0 - ATI Technologies, Inc.)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM\...\Avira Phantom VPN) (Version: 2.4.3.30556 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM\...\Avira System Speedup_is1) (Version: 3.1.1.4250 - Avira Operations GmbH & Co. KG)
Azada ™: Ancient Magic (HKLM\...\BFG-Azada - Ancient Magic) (Version: - )
Azada: In Libro (HKLM\...\BFG-Azada - In Libro) (Version: - )
Azteca (HKLM\...\Azteca) (Version: 1.0.0.0 - INTENIUM GmbH)
Beetle Ju 2 (HKLM\...\Beetle Ju 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Bengal (HKLM\...\Bengal) (Version: 1.0.1.0 - INTENIUM GmbH)
Big Fish Games: Game Manager (HKLM\...\BFGC) (Version: 2.0.0.28 - )
Botanica - Reise ins Unbekannte (HKLM\...\BFG-Botanica - Reise ins Unbekannte) (Version: - )
calibre (HKLM\...\{BA356893-F9F4-4C84-B10B-6EB2FC3C3B90}) (Version: 1.5.0 - Kovid Goyal)
ccc-core-static (Version: 2007.0821.2146.36991 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.4003 - CDBurnerXP)
Chinese Checkers (HKLM\...\40-com.novelgames.flashgames.checkers) (Version: 1.8.0 - Novel Games Limited)
Chinese Checkers (Version: 1.8.0 - Novel Games Limited) Hidden
Corel Paint Shop Pro Photo XI (HKLM\...\{E1C7EF5E-3A7B-4ED4-A48B-F70F1B36EAB4}) (Version: 11.20.0000 - Corel Corporation)
Corel Snapfire DVD Maker (HKLM\...\{17E14D89-3A9F-4706-9F9B-C2DFC7ABE94B}) (Version: 1.20.0000 - Corel Corporation)
Corel Snapfire Plus (HKLM\...\{7ADE3A47-B425-45E9-8FF6-11BE2B775645}) (Version: 1.201.0000 - Corel Corporation)
CyberGhost VPN Patch 4.7.19 (HKLM\...\CyberGhost VPN_is1) (Version: - CyberGhost S.R.L.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Da Vincis Perlen Puzzle (HKLM\...\Da Vincis Perlen Puzzle) (Version: - )
Das Reich des Drachen (HKLM\...\Das Reich des Drachen) (Version: 1.0.0.0 - INTENIUM GmbH)
Das Vermächtnis - Der Baum des Lebens (1.00) (HKLM\...\Das Vermächtnis - Der Baum des Lebens_is1) (Version: - City Interactive)
Der Perfekte Weihnachtsbaum (HKLM\...\Der Perfekte Weihnachtsbaum) (Version: 1.0.0.0 - INTENIUM GmbH)
DEUTSCHLAND SPIELT GAME CENTER (HKLM\...\DSGPlayer) (Version: 1.2010.6.23 - INTENIUM GmbH)
Diamantenfee 2 (HKLM\...\Diamantenfee 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Diamond Drop 2 (HKLM\...\Diamond Drop 2) (Version: 1.0.0.0 - INTENIUM GmbH)
DIE GEHEIMNISSE DER SPIDERWICKS (HKLM\...\{DFA723CE-22B4-4E6B-92CF-176256ECF2DE}) (Version: 1.00.0000 - Sierra Entertainment)
Die Kluge Eule (HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Die Kluge Eule) (Version: - )
Die Wiege Olympias 2 (HKLM\...\Die Wiege Olympias 2) (Version: 1.0.0.0 - INTENIUM GmbH)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.3 - DivX, LLC)
Drawn: ® Flucht aus der Dunkelheit (HKLM\...\BFG-Drawn - Flucht aus der Dunkelheit) (Version: - )
Drawn: Der Turm ™ (HKLM\...\BFG-Drawn - Der Turm) (Version: - )
Dream Chronicles (HKLM\...\Dream Chronicles) (Version: - PlayFirst, Inc.)
Dream Chronicles ™ 2: The Eternal Maze (HKLM\...\BFG-Dream Chronicles 2 - The Eternal Maze) (Version: - )
DVD43 v4.6.0 (HKLM\...\DVD43_is1) (Version: - )
DVS Video Downloader Addon for Mozilla Firefox version 4.3.4.17 (HKLM\...\DVS Video Downloader Addon for Mozilla Firefox_is1) (Version: 4.3.4.17 - DVDVideoSoft Ltd.)
Emil und Pauline Auf dem Land (remove only) (HKLM\...\Emil und Pauline Auf dem Land) (Version: - )
Emil und Pauline In der Stadt (remove only) (HKLM\...\Emil und Pauline In der Stadt) (Version: - )
Enigmatis - Vermisst in Maple Creek (HKLM\...\Enigmatis - Vermisst in Maple Creek_is1) (Version: - rondomedia Marketing & Vertriebs GmbH)
Ewige Reise - Das neue Atlantis (HKLM\...\Ewige Reise - Das neue Atlantis) (Version: - )
Fabled Legends: Die Ruckkehr des Rattenfangers (HKLM\...\BFG-Fabled Legends - Die Rueckkehr des Rattenfaengers) (Version: - )
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FarmFrenzy (HKLM\...\FarmFrenzy) (Version: - )
Finstere Liebschaft - Immortal Lovers (HKLM\...\Finstere Liebschaft - Immortal Lovers) (Version: - )
foobar2000 v1.0.3 (HKLM\...\foobar2000) (Version: 1.0.3 - Peter Pawlowski)
Forest Legends - Der Ruf der Liebe (HKLM\...\Forest Legends - Der Ruf der Liebe) (Version: - )
FormatFactory 3.5.0.0 (HKLM\...\FormatFactory) (Version: 3.5.0.0 - Format Factory)
Free Studio version 2013 (HKLM\...\Free Studio_is1) (Version: 6.1.0.320 - DVDVideoSoft Ltd.)
Galileo Family Quiz - Spezial II (HKLM\...\Galileo Family Quiz - Spezial II) (Version: - SevenOne Intermedia)
Geheimakte 2 - Puritas Cordis (HKLM\...\{BE7347AD-2D93-4A74-8DBF-C1B073DAE509}) (Version: 1.00.0000 - Deep Silver)
Geheime Fälle: Die gestohlene Venus (HKLM\...\Geheime Fälle: Die gestohlene Venus) (Version: 1.0.0.0 - INTENIUM GmbH)
Geheimnis von Montezuma 2 (HKLM\...\Geheimnis von Montezuma 2) (Version: 1.0.0.0 - INTENIUM GmbH)
GMX SMS-Manager (HKLM\...\com.unitedinternet.ums.sms-mms-manager) (Version: 2.7.2.6 - 1 und 1 Internet AG)
GMX SMS-Manager (Version: 2.7.2 - 1 und 1 Internet AG) Hidden
Google Calendar Sync (HKLM\...\Google Calendar Sync) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Gravely Silent: Haus des Schreckens (HKLM\...\BFG-Gravely Silent - Haus des Schreckens) (Version: - )
Haunted Manor: Der Herr der Spiegel (HKLM\...\BFG-Haunted Manor - Der Herr der Spiegel) (Version: - )
Hauppauge MCE XP/Vista Software Encoder (2.0.25102) (HKLM\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.25102 - Hauppauge Computer Works, Inc.)
Heroes of Hellas (HKLM\...\{C0906D83-1FE0-4176-A940-45A348080987}) (Version: 1.00.0000 - Purplehills)
Hexentanz und Firlefanz (HKLM\...\Hexentanz und Firlefanz) (Version: - )
Hidden Expedition ® : Bermudadreieck (HKLM\...\BFG-Hidden Expedition - Bermudadreieck) (Version: - )
Hidden Mysteries Salem Secrets (HKLM\...\Hidden Mysteries Salem Secrets) (Version: 1.0 - astrogon Software)
Hidden Mysteries Vampire Secrets (HKLM\...\Hidden Mysteries Vampire Secrets) (Version: 1.0 - astragon Software)
Java(TM) 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JetBee FREE 5.1.2 (build 456) (HKLM\...\JetBee_is1) (Version: - )
Jewel Puzzle (HKLM\...\Jewel Puzzle) (Version: 1.0.0.0 - INTENIUM GmbH)
Kleiner Eisbär 2 (HKLM\...\Kleiner Eisbär 2) (Version: - )
Kuros (HKLM\...\Kuros) (Version: 1.0.0.0 - INTENIUM GmbH)
Lauras Stern (HKLM\...\Lauras Stern) (Version: - )
Letstrade (HKLM\...\{E0091C29-DEE8-4B24-BF65-8C35B5940D77}) (Version: 1.00.0000 - Buhl Data Service)
LightScribe System Software 1.17.90.1 (HKLM\...\{CB16F6D9-EBC9-4BC6-B917-7AF53E99C067}) (Version: 1.17.90.1 - LightScribe)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Manic Digger (HKLM\...\{119E2FCB-5CDD-4C24-BCB2-56A824E2BF0A}_is1) (Version: - )
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Midnight Mysteries Salem Witch Trials (HKLM\...\Midnight Mysteries Salem Witch Trials) (Version: 1.1.0.0 - MumboJumbo)
Mozilla Firefox 51.0.1 (x86 de) (HKLM\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Mozilla Thunderbird 45.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 45.6.0 (x86 de)) (Version: 45.6.0 - Mozilla)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery Case Files®: Dire Grove™ (HKLM\...\BFG-Mystery Case Files - Dire Grove) (Version: - )
Mystery Case Files: Madame Fate ® (HKLM\...\BFG-Mystery Case Files - Madame Fate) (Version: - )
Mystery Case Files: Rückkehr nach Ravenhearst Handbuch ™ (HKLM\...\BFG-Mystery Case Files - Rueckkehr nach Ravenhearst Handbuch) (Version: - )
Mystery Case Files: Rückkehr nach Ravenhearst ™ (HKLM\...\BFG-Mystery Case Files - Rueckkehr nach Ravenhearst) (Version: - )
Mystery Case Files: Ravenhearst ™ (HKLM\...\BFG-Mystery Case Files - Ravenhearst) (Version: - )
Mystery of Cleopatra (HKLM\...\Mystery of Cleopatra 1.0) (Version: 1.0 - Rondo Media)
Mystery Places - Das Geheimnis der Geistervilla (HKLM\...\Mystery Places - Das Geheimnis der Geistervilla_is1) (Version: - )
Mystery Tales - Insel der Träume (HKLM\...\{2C0AC9A4-3FA8-4B71-848E-9BB9D492BC2E}_is1) (Version: - cerasus.media GmbH)
Mystery Trackers: Raincliff (HKLM\...\BFG-Mystery Trackers - Raincliff) (Version: - )
Natalie Brooks (HKLM\...\Natalie Brooks) (Version: - )
Nero 7 Essentials (HKLM\...\{0DE739CA-9487-4E3E-8511-92EAF01F1031}) (Version: 7.03.0274 - Nero AG)
Nightfall Mysteries - Die Ashburg Verschwörung (HKLM\...\Nightfall Mysteries - Die Ashburg Verschwörung_is1) (Version: - rondomedia)
Pahelika: Secret Legends (HKLM\...\Pahelika: Secret Legends) (Version: - The Games Company Worldwide GmbH)
Paragon Hard Disk Manager 2008 Professional (HKLM\...\{E9E4BB29-FA98-401B-9EDE-9906906E33DE}) (Version: - Paragon Software Group)
PixiePack Codec Pack (HKLM\...\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}) (Version: 1.1.1200.0 - None)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Polipo 1.0.4.1 (HKLM\...\Polipo) (Version: - )
Prinzessin Isabella (HKLM\...\Prinzessin Isabella) (Version: 1.0.0.0 - INTENIUM GmbH)
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
ProtectDisc Helper Driver 10 (HKLM\...\ProtectDisc Driver 10) (Version: 10.0.0.3 - )
Radiotracker (HKLM\...\{1E863F44-2D2D-4BD7-B25B-EDA9FF622267}) (Version: 6.2.13700.0 - RapidSolution Software AG)
ratDVD 0.78.1444 (HKLM\...\ratDVD) (Version: 0.78.1444 - ratDVD)
Ravensburger tiptoi (HKLM\...\Ravensburger tiptoi) (Version: - )
RealDownloader (Version: 18.1.2.176 - RealNetworks, Inc.) Hidden
RealDownloader (Version: 18.1.4.144 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM\...\RealPlayer 18.1) (Version: 18.1.2 - RealNetworks)
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - )
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Rooms - Die Villa 1.0d (HKLM\...\Rooms - Die Villa) (Version: 1.0d - Halycon Media)
Samantha Swift and the Mystery From Atlantis (HKLM\...\Samantha Swift and the Mystery From Atlantis) (Version: 1.1.0.0 - MumboJumbo)
Sandra Fleming Chronicles – Crystal Skulls (HKLM\...\Sandra Fleming Chronicles – Crystal Skulls) (Version: 1.0.0.0 - INTENIUM GmbH)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Simajo (HKLM\...\Simajo) (Version: - )
Skins (Version: 2007.0821.2146.36991 - ATI) Hidden
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony Ericsson Update Engine (HKLM\...\Update Engine) (Version: 2.13.6.201305161305 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.188 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.188 - Sony)
Spirits of Mystery: Dunkler Fluch (HKLM\...\BFG-Spirits of Mystery - Dunkler Fluch) (Version: - )
Spur der Träume (HKLM\...\Spur der Träume) (Version: 1.0.0.0 - INTENIUM GmbH)
Sweet Home 3D version 3.3 (HKLM\...\Sweet Home 3D_is1) (Version: - eTeks)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Enchanted Kingdom: Elisa’s Adventure (HKLM\...\The Enchanted Kingdom: Elisa’s Adventure) (Version: 1.0.0.0 - INTENIUM GmbH)
The Fall Trilogy (HKLM\...\The Fall Trilogy_is1) (Version: - Morphicon)
The Fall Trilogy Chapter 2 (HKLM\...\The Fall Trilogy Chapter 2_is1) (Version: - Morphicon)
The Night of the Rabbit (HKLM\...\The Night of the Rabbit) (Version: 1.0 - Daedalic Entertainment)
The Sultans Labyrinth: Das Opfer des Königs (HKLM\...\BFG-The Sultans Labyrinth - Das Opfer des Koenigs) (Version: - ) <==== ACHTUNG
Tor 0.2.2.35 (HKLM\...\Tor) (Version: - )
TP-LINK 300Mbps Wireless USB Adapter Treiber (HKLM\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
TP-LINK-Konfigurationstool (HKLM\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Trödelschätze (HKLM\...\{AC368309-A247-42C0-9AAF-ABB2E067B79C}) (Version: 1.00.0000 - Valusoft)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Try Corel Snapfire muvee autoProducer add on (Version: 1.00.0000 - Ihr Firmenname) Hidden
Turtix (HKLM\...\Turtix) (Version: - )
Turtix 2 (HKLM\...\Turtix 2) (Version: - )
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Vernaeht und zugeflixt! Was stimmt denn hier nicht? (HKLM\...\Vernaeht und zugeflixt! Was stimmt denn hier nicht?) (Version: - )
Vidalia 0.2.15 (HKLM\...\Vidalia) (Version: - )
Video Downloader (Version: 1.2.0 - RealNetworks) Hidden
Vista Codec Package (HKLM\...\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}) (Version: 5.6.4 - Shark007)
VTech Download Agent Library (Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (HKLM\...\VTechDownloadManager) (Version: - VTech)
Wieso? Weshalb? Warum? - Unser Körper (HKLM\...\com.rd.www.desktop.DesktopBody) (Version: 1.0.0 - Ravensburger Digital GmbH)
Wieso? Weshalb? Warum? - Unser Körper (Version: 1.0.0 - Ravensburger Digital GmbH) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WordPerfect Office X3 (HKLM\...\_{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}) (Version: - Corel Corporation)
WordPerfect Office X3 (Version: 13.3 - Corel Corporation) Hidden
World Voyage (HKLM\...\World Voyage) (Version: 1.0.0.0 - INTENIUM GmbH)
XMedia Recode 2.3.0.4 (HKLM\...\XMedia Recode) (Version: 2.3.0.4 - Sebastian Dörfler)
XMind 2013 (v3.4.1) (HKLM\...\XMind_is1) (Version: 3.4.1.201401221918 - XMind Ltd.)
Zuma's Revenge! (HKLM\...\Zuma's Revenge!1.0) (Version: 1.0 - AllSmartGames)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Kornelia\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Kornelia\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Kornelia\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837}\InprocServer32 -> kein Dateipfad
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {032A98DE-A547-4FB1-97B4-777E85FCE80F} - System32\Tasks\{51ECF608-A47D-464B-892E-9A3067C4CA0E} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {04338029-ABEF-4DB2-A56D-FF0641970A7A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001UA => C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-11] (Facebook Inc.)
Task: {08FA19ED-87A2-4BE4-B4F6-1170192766D0} - System32\Tasks\{1D76B916-65CA-47A7-9DD1-C614C8F74E56} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {0922A476-D472-4C6B-AF0D-283C447FF4F0} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {248BA49A-31FC-4CBC-AC12-0AD50B3730CD} - System32\Tasks\{2D2CF1E0-A39F-4435-B084-62C323AD4F56} => C:\Program Files\astragon Software\Hidden Mysteries Vampire Secrets\Hidden Mysteries - Vampire Secrets.exe [2010-09-03] ()
Task: {262EF14E-2D04-4238-8DD2-2B9AFBBAEC1F} - System32\Tasks\{D62DA859-B3A5-4A8C-8643-BC908C434082} => C:\Program Files\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {2B93871E-90A6-4BD6-B5B2-2B2CCE5A5740} - System32\Tasks\{C791566E-54A6-4DAF-8C0F-0153AA08A504} => pcalua.exe -a D:\Software\Nero\setupx.exe -d D:\Software\Nero
Task: {2D4FEC81-5640-445A-97C1-A780D1FD2CD8} - System32\Tasks\{3D22388D-753E-494E-8F61-D351F8E67C68} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {34B169BF-29C1-4D9E-ABAD-DD33D6A48488} - System32\Tasks\{AA3E9FEA-EE1C-4BD0-A6EE-0AB550AE278F} => pcalua.exe -a D:\autorun.exe -d D:\
Task: {3C30CE7A-A21F-4478-8DFD-AB4484B05538} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-10] (Adobe Systems Incorporated)
Task: {3F4F5314-363F-4D5F-AD46-3C6D3EAA7DDA} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {40B72FB4-CFE2-4347-A69C-6AA6A1291F0F} - System32\Tasks\{CC841AF3-7C05-4252-BDD9-2A3892CD4929} => Firefox.exe
Task: {474C30BF-0A7E-4DC2-9E6B-369B154E8229} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-02] (Google Inc.)
Task: {49897270-27FE-4B7E-A4F9-1B4F8AE27E3F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {49E28B95-9408-4715-97DA-1AB7339805C6} - System32\Tasks\{EA4F2F72-7C23-4AB9-8184-245B49DE749F} => C:\Program Files\DEUTSCHLAND SPIELT\BeetleJu2 VollVersion\BeetleJu2_og.exe [2010-11-23] (INTENIUM GmbH)
Task: {4C08C992-D45F-4D07-9702-9FF2FB1E7DA0} - System32\Tasks\{7D0AE273-2305-48F1-AF5C-46BFD622F47E} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {4E016ADD-5044-4D20-841E-C43FFE2861BD} - System32\Tasks\{F4A27F14-3152-470D-9565-039442275C50} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {4EC8D6F7-19A4-43EB-A744-BF2A0A15F56E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {50748F55-16EA-4C55-8547-7EC1D0947037} - System32\Tasks\RealDownloader Update Check => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [2016-07-05] ()
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {5AC92F98-B42E-4F21-9AA0-01AD0439642E} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {5B3F853B-FE70-4847-8631-186551D7012C} - System32\Tasks\{07CBC734-EBA5-454A-913B-EC737132222F} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {66D53617-940A-4E05-871F-28B9007E2CC3} - System32\Tasks\{9BFE3ECE-693E-45CE-A00E-7DC315188CEC} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {6B725544-E42B-4580-B4AE-E272703AF399} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {6C42F0C8-5E73-4DE6-A971-9CE99159C71D} - System32\Tasks\{71507EB2-BF35-48B0-8135-FCBC7D54BAEC} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {77D92D5C-1736-4593-BC70-36551C747A1A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {78201B2F-5E80-4168-B233-7212E7A89D0D} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18] (Sun Microsystems, Inc.)
Task: {7DD6E2A0-C6F1-4EFD-92B0-4A0D547C24C5} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {893B18BE-C091-4B27-9D76-82F0BCA99813} - System32\Tasks\{84074564-9C97-48A0-BBB3-89DAB27B7C9B} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {9240E8E9-1D41-40BA-B4DE-32542C7145DB} - System32\Tasks\{97E672C4-E6D1-4ED6-99D8-B122A1F86FC0} => pcalua.exe -a D:\DVPP\Setup.exe -d D:\DVPP
Task: {979D3F17-6619-45C5-B404-606838B44253} - System32\Tasks\{E4546B87-1D17-4B95-A0A5-37522F5D05EF} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {9C2F05E8-F861-43CF-987B-095EF430F405} - System32\Tasks\{F3AEE607-769D-4C8B-824B-88BEB035F102} => pcalua.exe -a C:\Spiele\Lillifee\setup.exe -d D:
Task: {B0993B05-978C-4A15-AA87-B18AB9A99EFD} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001Core => C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-11] (Facebook Inc.)
Task: {B37A6E42-727E-4E31-A77C-04022A464880} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2015-11-04] (RealNetworks, Inc.)
Task: {BFD53BF4-19B8-4502-92DD-7D926FFA8CA6} - System32\Tasks\{EC680A57-E7BC-4A66-8FBB-20A511FDFA89} => pcalua.exe -a D:\bin\EasyInst.exe -d D:\
Task: {C8250CB2-F11F-4A98-95BB-BA5E812E6A7E} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {DAAAE172-7743-4C96-B232-DCC0F5FC7607} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-02] (Google Inc.)
Task: {DBF5DE37-8E99-4B07-813D-41126EA90DB3} - System32\Tasks\{81430713-60CA-4B71-8FBB-D14DA0751514} => pcalua.exe -a D:\autorun.exe -d D:\
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {F0E42A33-0E8E-4BB2-80F9-8418E2340E57} - System32\Tasks\{287D07D5-E1D7-4882-9C98-35680FC50E9A} => C:\Program Files\astragon Software\Hidden Mysteries Vampire Secrets\Hidden Mysteries - Vampire Secrets.exe [2010-09-03] ()
Task: {F20691E7-0B1D-438A-ABD0-2D94FF823CEA} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {F526EC9D-6127-42C8-A3B4-E081029D3F7D} - System32\Tasks\{3DEE68DB-465B-46BB-87CD-D6BEE805EFD1} => C:\Program Files\Daedalic Entertainment\The Night of the Rabbit\rabbit.exe [2013-04-28] (Daedalic Entertainment GmbH)
Task: {FB0BD155-6754-4ECC-9711-162FE2741D51} - System32\Tasks\Amazon Music Helper => C:\Users\Kornelia\AppData\Local\Amazon Music\Amazon Music Helper.exe [2014-12-08] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001Core.job => C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001UA.job => C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-01-17 15:57 - 2014-12-08 07:27 - 06277952 _____ () C:\Users\Kornelia\AppData\Local\Amazon Music\Amazon Music Helper.exe
2006-11-02 11:40 - 2006-11-02 11:40 - 00174656 _____ () C:\Windows\system32\PSIService.exe
2015-11-04 15:20 - 2015-11-04 15:20 - 00033088 _____ () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
2015-11-04 15:20 - 2015-11-04 15:20 - 00037720 _____ () C:\Program Files\Real\UpdateService\DL2UpdatePlugin.dll
2015-11-04 15:19 - 2015-11-04 15:19 - 00039768 _____ () C:\Program Files\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2015-11-04 15:20 - 2015-11-04 15:20 - 00037728 _____ () C:\Program Files\Real\UpdateService\VideoDLUpdatePlugin.dll
2017-01-27 13:54 - 2017-01-20 07:47 - 01732896 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-01-27 13:55 - 2017-01-20 07:47 - 02097616 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2017-01-27 13:55 - 2017-01-20 07:47 - 01719760 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2010-06-09 18:10 - 2009-10-23 18:34 - 00827904 _____ () C:\Program Files\dvd43\DVD43_Tray.exe
2011-07-29 00:08 - 2011-07-29 00:08 - 01259376 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2011-07-29 00:09 - 2011-07-29 00:09 - 00096112 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2013-06-24 09:54 - 2013-06-20 08:58 - 00391040 _____ () C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
2013-06-24 09:54 - 2010-06-24 02:16 - 02150400 _____ () C:\Program Files\VTech\DownloadManager\System\QtCore4.dll
2013-06-24 09:54 - 2010-07-13 14:07 - 07826432 _____ () C:\Program Files\VTech\DownloadManager\System\QtGui4.dll
2013-06-24 09:54 - 2010-06-02 03:29 - 00934912 _____ () C:\Program Files\VTech\DownloadManager\System\QtNetwork4.dll
2013-06-24 09:54 - 2010-06-02 03:28 - 00335360 _____ () C:\Program Files\VTech\DownloadManager\System\QtXml4.dll
2013-06-24 09:54 - 2012-08-06 10:54 - 09843640 _____ () C:\Program Files\VTech\DownloadManager\System\QtWebKit4.dll
2013-06-24 09:54 - 2010-06-02 03:56 - 00232960 _____ () C:\Program Files\VTech\DownloadManager\System\phonon4.dll
2013-06-24 09:54 - 2010-06-02 03:54 - 02530816 _____ () C:\Program Files\VTech\DownloadManager\System\QtXmlPatterns4.dll
2013-06-24 09:54 - 2010-07-05 10:19 - 00116736 _____ () C:\Program Files\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2013-06-24 09:54 - 2010-11-11 10:24 - 00028160 _____ () C:\Program Files\VTech\DownloadManager\System\DACommCenter.dll
2013-06-24 09:54 - 2010-06-02 06:05 - 00025600 _____ () C:\Program Files\VTech\DownloadManager\System\imageformats\qgif4.dll
2013-06-24 09:54 - 2010-06-02 06:05 - 00119808 _____ () C:\Program Files\VTech\DownloadManager\System\imageformats\qjpeg4.dll
2016-07-05 17:18 - 2016-07-05 17:18 - 00714992 _____ () C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
2016-07-05 17:13 - 2016-07-05 17:13 - 01382048 _____ () C:\Program Files\RealNetworks\RealDownloader\cpprest100_1_2.dll
2015-11-28 11:37 - 2015-11-28 11:37 - 00653608 _____ () c:\program files\real\realplayer\RPDS\Lib\r1api.dll
2016-07-05 17:18 - 2016-07-05 17:18 - 00077552 _____ () C:\Program Files\RealNetworks\RealDownloader\dtvhooks.dll
2015-11-28 11:37 - 2015-11-28 11:37 - 00022312 _____ () c:\program files\real\realplayer\RPDS\Tools\ffmpeg\mediautil.dll
2015-11-28 11:37 - 2015-11-28 11:37 - 01520936 _____ () c:\program files\real\realplayer\RPDS\Tools\ffmpeg\avformat-55.dll
2015-11-28 11:37 - 2015-11-28 11:37 - 04274984 _____ () c:\program files\real\realplayer\RPDS\Tools\ffmpeg\avcodec-55.dll
2015-11-28 11:37 - 2015-11-28 11:37 - 00322856 _____ () c:\program files\real\realplayer\RPDS\Tools\ffmpeg\avutil-52.dll
2015-10-02 18:33 - 2012-10-25 15:19 - 00846848 _____ () C:\Program Files\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe
2015-10-02 18:33 - 2012-10-25 15:19 - 01401344 _____ () C:\Program Files\TP-LINK\TP-LINK-Konfigurationstool\nicLan.dll
2015-10-02 18:33 - 2012-12-04 15:22 - 00193024 _____ () C:\Program Files\TP-LINK\TP-LINK-Konfigurationstool\DC_WFF.dll
2015-10-02 18:33 - 2012-10-25 15:19 - 00293376 _____ () C:\Program Files\TP-LINK\TP-LINK-Konfigurationstool\WJRtl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:24FECE50 [398]
AlternateDataStreams: C:\ProgramData\TEMP:260575F1 [422]
AlternateDataStreams: C:\ProgramData\TEMP:35501BA4 [368]
AlternateDataStreams: C:\ProgramData\TEMP:45A64DE6 [183]
AlternateDataStreams: C:\ProgramData\TEMP:574F975B [184]
AlternateDataStreams: C:\ProgramData\TEMP:9BB8C675 [171]
AlternateDataStreams: C:\ProgramData\TEMP:A3B8F70C [128]
AlternateDataStreams: C:\ProgramData\TEMP:A4AF8D0D [169]
AlternateDataStreams: C:\ProgramData\TEMP:ADF211B1 [100]
AlternateDataStreams: C:\ProgramData\TEMP:B139DDF3 [173]
AlternateDataStreams: C:\ProgramData\TEMP:B8791731 [170]
AlternateDataStreams: C:\ProgramData\TEMP:BEE39E9B [190]
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]
AlternateDataStreams: C:\ProgramData\TEMP:E51234A9 [154]
AlternateDataStreams: C:\ProgramData\TEMP:FAB64002 [164]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.exe: => <===== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.scr: => <===== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.bat: => <===== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.com: => <===== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.cmd: => <===== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.reg: => <===== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2006-11-02 03:23 - 2006-09-18 14:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AOButler.exe - Verknüpfung.lnk => C:\Windows\pss\AOButler.exe - Verknüpfung.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Kornelia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^AOButler.lnk => C:\Windows\pss\AOButler.lnk.Startup
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Spiele Post => C:\Program Files\OXXOGames\GPlayer\GameCenterNotifier.exe
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{771781D7-42F2-4719-BCFC-468823CD634A}] => C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{F8F60273-BD4C-4058-B246-6F633BD6A891}] => LPort=1900
FirewallRules: [{20D276B1-3C90-4929-8A32-E4ACCBECC2C8}] => LPort=2869
FirewallRules: [{3355F104-DC9F-42F3-8E9D-3BF5DBF8FEB3}] => C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0BEA84F4-2656-475A-AE06-59E81719D75F}] => svchost.exe
FirewallRules: [{2BFBBFCF-8C85-480D-A055-0DB5677BDCDE}] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{5B4D0C77-79AF-4923-BDC1-B51891E48444}C:\program files\vidalia bundle\tor\tor.exe] => C:\program files\vidalia bundle\tor\tor.exe
FirewallRules: [UDP Query User{BC460BB0-BD68-48F3-BEB2-47578A7623D9}C:\program files\vidalia bundle\tor\tor.exe] => C:\program files\vidalia bundle\tor\tor.exe
FirewallRules: [{2339DF44-A7DD-4E22-A32A-32DCC95DC337}] => C:\program files\vidalia bundle\tor\tor.exe
FirewallRules: [{A59E1834-01D3-478B-90C5-6E1D4924AFDB}] => C:\program files\vidalia bundle\tor\tor.exe
FirewallRules: [{AEB0C184-B9E4-434C-B087-A14CA1DF867B}] => C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{08572AF5-8353-4B61-B8C0-24C618870A9E}] => C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{670FA4AF-6DA8-487A-91EE-B07143EB2170}] => C:\Users\Kornelia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8BD40ABE-22B5-4230-B66B-47D3BD3D0390}] => C:\Users\Kornelia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{55D99CB2-C725-42FC-847A-5909C961EAE8}] => C:\Users\Kornelia\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{85FDB52D-7A01-43A8-9009-6A168010138A}] => C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{8758F947-09B2-41DF-88EC-579BC9CA03E7}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{459568E9-83FC-4C8A-9663-91C2C9B6026F}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{92605963-E425-410C-BB6E-8F4EDEA0C349}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D48E3507-9052-45D0-9E44-24AC955777AA}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4ED3AA0F-7E02-449A-BAA4-34B72C42BF3C}C:\program files\freetime\formatfactory\formatfactory.exe] => C:\program files\freetime\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{A8E2B43C-F558-48C1-A629-118843C42FE8}C:\program files\freetime\formatfactory\formatfactory.exe] => C:\program files\freetime\formatfactory\formatfactory.exe
FirewallRules: [{84839E9D-9BF0-4CCD-A922-70507EA96606}] => c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{175EF583-D4BB-4455-BF80-3778A39EAEAC}] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{189936DE-97ED-4FCF-AFD9-FA1ABFB6C531}] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{D0577CA9-F454-408A-ACDF-7F280302E7BD}] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{95DF96B5-51A5-4BAD-8FE7-4BC3CF9AF3DF}] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{D81DFAC4-5EE4-4BF8-A94D-84503C9C6E7F}] => C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{88496792-6A83-4826-9392-C3A2DBF731BE}C:\program files\java\jre6\bin\javaw.exe] => C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{08F10482-4231-4238-9029-5220201C0B87}C:\program files\java\jre6\bin\javaw.exe] => C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{3199F9F6-FD40-4F4E-B578-F886A82D57DA}C:\users\kornelia\appdata\local\jdownloader 2.0\jdownloader2.exe] => C:\users\kornelia\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [UDP Query User{AE639368-64F0-4A58-B6CA-0EE42A599710}C:\users\kornelia\appdata\local\jdownloader 2.0\jdownloader2.exe] => C:\users\kornelia\appdata\local\jdownloader 2.0\jdownloader2.exe
==================== Wiederherstellungspunkte =========================
24-01-2017 15:04:25 Windows Update
27-01-2017 15:11:14 Avira System Speedup Optimierung
27-01-2017 16:04:18 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: atksgt
Description: atksgt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: atksgt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: sptd
Description: sptd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: sptd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/30/2017 07:02:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a4a7
Name des fehlerhaften Moduls: wmp.dll, Version: 12.0.7601.23517, Zeitstempel: 0x57adfdef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002f2a13
ID des fehlerhaften Prozesses: 0x1d50
Startzeit der fehlerhaften Anwendung: 0x01d27b220a87b452
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\wmp.dll
Berichtskennung: 4a87d4f7-e716-11e6-98c3-001d607b2853
Error: (01/30/2017 06:54:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a4a7
Name des fehlerhaften Moduls: wmp.dll, Version: 12.0.7601.23517, Zeitstempel: 0x57adfdef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002f2a13
ID des fehlerhaften Prozesses: 0x19bc
Startzeit der fehlerhaften Anwendung: 0x01d27b20a1bec3b8
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\wmp.dll
Berichtskennung: 3181c03b-e715-11e6-98c3-001d607b2853
Error: (01/30/2017 06:44:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a4a7
Name des fehlerhaften Moduls: wmp.dll, Version: 12.0.7601.23517, Zeitstempel: 0x57adfdef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002f2a13
ID des fehlerhaften Prozesses: 0x6b8
Startzeit der fehlerhaften Anwendung: 0x01d27b18b440fab7
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\wmp.dll
Berichtskennung: c32495fe-e713-11e6-98c3-001d607b2853
Error: (01/30/2017 05:45:22 PM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/30/2017 05:45:22 PM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/29/2017 08:47:50 PM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/29/2017 08:47:50 PM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/29/2017 02:50:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a4a7
Name des fehlerhaften Moduls: wmp.dll, Version: 12.0.7601.23517, Zeitstempel: 0x57adfdef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002f2a13
ID des fehlerhaften Prozesses: 0x15a4
Startzeit der fehlerhaften Anwendung: 0x01d27a35cd75a541
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\wmp.dll
Berichtskennung: e30ce1ad-e629-11e6-aa4c-001d607b2853
Error: (01/29/2017 02:43:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a4a7
Name des fehlerhaften Moduls: wmp.dll, Version: 12.0.7601.23517, Zeitstempel: 0x57adfdef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002f2a13
ID des fehlerhaften Prozesses: 0x1368
Startzeit der fehlerhaften Anwendung: 0x01d27a34d2826c97
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\wmp.dll
Berichtskennung: f5cc0ce1-e628-11e6-aa4c-001d607b2853
Error: (01/29/2017 02:36:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a4a7
Name des fehlerhaften Moduls: wmp.dll, Version: 12.0.7601.23517, Zeitstempel: 0x57adfdef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002f2a13
ID des fehlerhaften Prozesses: 0x15c8
Startzeit der fehlerhaften Anwendung: 0x01d27a3288bbadc4
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\wmp.dll
Berichtskennung: f726ff1b-e627-11e6-aa4c-001d607b2853
Systemfehler:
=============
Error: (01/30/2017 07:02:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (01/30/2017 06:55:33 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.
Error: (01/30/2017 06:55:33 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/1733801205/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.
Error: (01/30/2017 06:55:33 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.
Error: (01/30/2017 06:55:33 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/1733801205/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.
Error: (01/30/2017 06:54:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/30/2017 06:45:29 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.
Error: (01/30/2017 06:45:29 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/1733801205/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.
Error: (01/30/2017 06:45:29 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.
Error: (01/30/2017 06:45:29 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/1733801205/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.
==================== Memory info ===========================
Processor: AMD Athlon(tm) X2 Dual Core Processor BE-2300
Prozentuale Nutzung des RAM: 80%
Installierter physikalischer RAM: 1918.49 MB
Verfügbarer physikalischer RAM: 380.04 MB
Summe virtueller Speicher: 3836.98 MB
Verfügbarer virtueller Speicher: 1602.27 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:242.77 GB) (Free:93.87 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive e: () (Fixed) (Total:207.36 GB) (Free:35.49 GB) NTFS
Drive g: (Black) (Fixed) (Total:465.76 GB) (Free:413.34 GB) NTFS
Drive i: (EXTERN 2 -Spiegel-) (Fixed) (Total:242.77 GB) (Free:143.09 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive m: (EXTERN 1 -DATEN-) (Fixed) (Total:1255.2 GB) (Free:437.65 GB) NTFS
Drive n: (EXTERN 3) (Fixed) (Total:100 GB) (Free:99.87 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C76EBDA3)
Partition 1: (Active) - (Size=242.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15.6 GB) - (Type=27)
Partition 3: (Not Active) - (Size=207.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 5C921633)
Partition 1: (Not Active) - (Size=1255.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=507.8 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 256E7802)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
|
|
30.01.2017, 21:21
| #13 |
| /// TB-Ausbilder | WIndowa 7 Funde OpenCandy.Gen im abgesichternen Modus Servus, wir schauen nochmal kurz, ob noch was von AdwCleaner und MBAM gefunden wird: Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
31.01.2017, 11:00
| #14 |
| | WIndowa 7 Funde OpenCandy.Gen im abgesichternen ModusCode:
ATTFilter # AdwCleaner v6.043 - Bericht erstellt am 31/01/2017 um 09:34:02
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-01-30.3 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X86)
# Benutzername : Kornelia - KORNELIA-PC
# Gestartet von : C:\Users\Kornelia\Desktop\adwcleaner_6.043.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [12222 Bytes] - [27/01/2017 15:41:46]
C:\AdwCleaner\AdwCleaner[C2].txt - [1063 Bytes] - [31/01/2017 09:34:02]
C:\AdwCleaner\AdwCleaner[S0].txt - [14900 Bytes] - [27/01/2017 15:37:33]
C:\AdwCleaner\AdwCleaner[S1].txt - [1517 Bytes] - [31/01/2017 09:32:45]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1283 Bytes] ##########
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 31.01.17
Scan-Zeit: 09:47
Protokolldatei: mbam.txt
Administrator: Ja
-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.50
Version des Aktualisierungspakets: 1.0.1141
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Kornelia-PC\Kornelia
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 378806
Abgelaufene Zeit: 20 Min., 58 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Home Premium x86
Ran by Kornelia (Administrator) on 31.01.2017 at 10:18:26,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 8
Successfully deleted: C:\Users\Kornelia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6BS8D21F (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Kornelia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\846V9UK5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Kornelia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LA36Y56O (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Kornelia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZFJ0IE28 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6BS8D21F (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\846V9UK5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LA36Y56O (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZFJ0IE28 (Temporary Internet Files Folder)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.01.2017 at 10:22:55,33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 29-01-2017
durchgeführt von Kornelia (Administrator) auf KORNELIA-PC (31-01-2017 10:24:25)
Gestartet von C:\Users\Kornelia\Desktop
Geladene Profile: Kornelia & (Verfügbare Profile: Kornelia & Tabea)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\VPN\Avira.VpnService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
() C:\Windows\System32\PSIService.exe
() C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(mobile concepts GmbH) C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4702208 2007-10-01] (Realtek Semiconductor)
HKLM\...\Run: [dvd43] => C:\Program Files\dvd43\dvd43_tray.exe [827904 2009-10-23] ()
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [AgentMonitor] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe [391040 2013-06-20] ()
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [286992 2015-11-28] (RealNetworks, Inc.)
HKLM\...\Run: [RealDownloader] => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [714992 2016-07-05] ()
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [917576 2016-12-16] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira System Speedup User Starter] => C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [25744 2017-01-11] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira System Speedup Tray] => C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [160936 2017-01-11] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM Group Policy restriction on software: C:\Program Files\Common Files\G DATA <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Common Files\Symantec Shared <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\G DATA <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Run: [Alamandi tray notifier] => C:\Program Files\DEUTSCHLAND SPIELT\Alamandi\TaskBarNotifier.exe [394992 2012-07-10] (Intenium)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Run: [Facebook Update] => C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-06-11] (Facebook Inc.)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Run: [Amazon Music] => C:\Users\Kornelia\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [449760 2013-10-31] (Sony)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Run: [Spiele Post] => C:\Program Files\OXXOGames\GPlayer\GameCenterNotifier.exe
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 1
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\MountPoints2: {dd31715e-6298-11df-b571-001d607b2853} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\MountPoints2: {fdc8adba-0935-11e2-a19e-001d607b2853} - G:\DPFMate.exe
HKU\S-1-5-21-1736235967-2657770174-236075978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01312017094722724\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01312017094722724\...\Run: [Alamandi tray notifier] => C:\Program Files\DEUTSCHLAND SPIELT\Alamandi\TaskBarNotifier.exe [394992 2012-07-10] (Intenium)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01312017094722724\...\Run: [Facebook Update] => C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-06-11] (Facebook Inc.)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01312017094722724\...\Run: [Amazon Music] => C:\Users\Kornelia\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-1736235967-2657770174-236075978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01312017094722724\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [449760 2013-10-31] (Sony)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01312017094722724\...\Run: [Spiele Post] => C:\Program Files\OXXOGames\GPlayer\GameCenterNotifier.exe
HKU\S-1-5-21-1736235967-2657770174-236075978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01312017094722724\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-1736235967-2657770174-236075978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01312017094722724\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-21-1736235967-2657770174-236075978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01312017094722724\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 1
HKU\S-1-5-21-1736235967-2657770174-236075978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01312017094722724\...\MountPoints2: {dd31715e-6298-11df-b571-001d607b2853} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1736235967-2657770174-236075978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01312017094722724\...\MountPoints2: {fdc8adba-0935-11e2-a19e-001d607b2853} - G:\DPFMate.exe
HKU\S-1-5-21-1736235967-2657770174-236075978-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01312017093817961\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1736235967-2657770174-236075978-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01312017093817961\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1736235967-2657770174-236075978-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01312017093817961\...\MountPoints2: {663fc844-a6e0-11e0-b32f-806e6f6e6963} - D:\Autorun.exe
HKU\S-1-5-21-1736235967-2657770174-236075978-1003.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01312017093822329\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1736235967-2657770174-236075978-1003.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01312017093822329\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AOButler.exe - Verknüpfung.lnk [2012-05-05]
ShortcutTarget: AOButler.exe - Verknüpfung.lnk -> C:\Program Files\ArcorOnline\AOButler.exe (Keine Datei)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Google Calendar Sync.lnk [2013-01-10]
ShortcutTarget: Google Calendar Sync.lnk -> C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013-02-09]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (Keine Datei)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2015-11-28]
ShortcutTarget: RealTimes.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk [2015-10-02]
ShortcutTarget: TP-LINK-Konfigurationstool.lnk -> C:\Program Files\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe ()
Startup: C:\Users\Konni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-31]
ShortcutTarget: zSpeedup.lnk -> C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG)
Startup: C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AOButler.lnk [2012-06-03]
ShortcutTarget: AOButler.lnk -> C:\Program Files\ArcorOnline\AOButler.exe (Keine Datei)
Startup: C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2014-03-04]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-31]
ShortcutTarget: zSpeedup.lnk -> C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG)
Startup: C:\Users\Tabea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-31]
ShortcutTarget: zSpeedup.lnk -> C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{23F9AFAB-2021-4A7D-9477-EBCFE8F59F7E}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9AD09A44-51EC-4D6E-9E93-74F49F171E7E}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-1736235967-2657770174-236075978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01312017094722724\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-1736235967-2657770174-236075978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01312017094722724\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-1736235967-2657770174-236075978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01312017094722724\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art
URLSearchHook: HKU\S-1-5-21-1736235967-2657770174-236075978-1001 - (Kein Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - Keine Datei
URLSearchHook: HKU\S-1-5-21-1736235967-2657770174-236075978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01312017094722724 - (Kein Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - Keine Datei
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2015-11-04] (RealDownloader)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2012-02-15] (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-02-15] (Sun Microsystems, Inc.)
Toolbar: HKU\S-1-5-21-1736235967-2657770174-236075978-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01312017093817961 -> Kein Name - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - Keine Datei
Toolbar: HKU\S-1-5-21-1736235967-2657770174-236075978-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01312017093817961 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - Keine Datei
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default [2017-01-31]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\20811wxw.default ->
FF Homepage: Mozilla\Firefox\Profiles\20811wxw.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\20811wxw.default -> ist aktiviert.
FF NetworkProxy: Mozilla\Firefox\Profiles\20811wxw.default -> type", 1
FF Extension: (Avira Browser Safety) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\abs@avira.com [2017-01-26]
FF Extension: (Avira Browser Safety) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\abs@avira.com.xpi [2017-01-08]
FF Extension: (FacebookBlocker) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\facebookBlocker@webgraph.com [2014-02-16] [ist nicht signiert]
FF Extension: (NO Google Analytics) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\jid1-JcGokIiQyjoBAQ@jetpack.xpi [2016-06-09]
FF Extension: (Official My JDownloader AddOn) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2017-01-07]
FF Extension: (Test Pilot) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\testpilot@labs.mozilla.com.xpi [2016-09-01]
FF Extension: (NoScript) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-01-20]
FF Extension: (Adblock Plus) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-16]
FF Extension: (Torbutton) - C:\Users\Kornelia\AppData\Roaming\Mozilla\Firefox\Profiles\20811wxw.default\Extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}.xpi [2012-10-11] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-07-05] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: (Mehr Leistung und Videoformate für dein HTML5 &video&) - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-12-27] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1165635.dll [2012-07-05] (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2012-02-15] (Sun Microsystems, Inc.)
FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=18.1.2.175 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2015-11-28] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-08] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-08] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll [2010-02-04] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=18.1.2.175 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2015-11-28] (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-05] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1736235967-2657770174-236075978-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kornelia\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1736235967-2657770174-236075978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01312017094722724: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kornelia\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012-02-15] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2014-04-27] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2014-04-27] (RealPlayer Cloud)
Chrome:
=======
CHR DefaultProfile: Default
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\50.0.2661.102\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll => Keine Datei
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\50.0.2661.102\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\50.0.2661.102\pdf.dll => Keine Datei
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default [2017-01-27]
CHR Extension: (Kein Name) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-16]
CHR Extension: (Kein Name) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-16]
CHR Extension: (RealDownloader) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-11-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-16]
CHR Extension: (Kein Name) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-04-07]
CHR Extension: (Kein Name) - C:\Users\Kornelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-15]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - Chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [1089592 2016-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [476736 2016-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [476736 2016-12-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1490296 2016-12-16] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files\Avira\VPN\Avira.VpnService.exe [300344 2017-01-18] (Avira Operations GmbH & Co. KG)
R2 CGVPNCliSrvc; C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
S2 gupdate1cacc58a1955820; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-10-02] (Google Inc.)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-12-06] (Hewlett-Packard Company) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3303888 2017-01-20] (Malwarebytes)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [174656 2006-11-02] () [Datei ist nicht signiert]
R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [33088 2015-11-04] ()
R2 RealTimes Desktop Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [1095976 2015-11-28] (RealNetworks, Inc.)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [Datei ist nicht signiert]
R2 SpeedupService; C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [35304 2017-01-11] (Avira Operations GmbH & Co. KG)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 ACEDRV05; C:\Windows\system32\drivers\ACEDRV05.sys [97792 2010-03-10] (Protect Software GmbH) [Datei ist nicht signiert]
R2 ACEDRV08; C:\Windows\system32\drivers\ACEDRV08.sys [108768 2010-12-28] (Protect Software GmbH)
R2 acedrv10; C:\Windows\system32\drivers\acedrv10.sys [330144 2007-07-27] (Protect Software GmbH)
R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
R2 acehlp10; C:\Windows\system32\drivers\acehlp10.sys [251680 2007-07-27] (Protect Software GmbH)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278984 2010-04-05] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119208 2016-12-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140840 2016-12-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2016-09-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [60088 2016-09-27] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [30672 2016-12-16] (Avira Operations GmbH & Co. KG)
R3 dvd43llh; C:\Windows\System32\DRIVERS\dvd43llh.sys [18816 2010-06-09] (RIF) [Datei ist nicht signiert]
S3 eapihdrv; C:\Users\Kornelia\AppData\Local\Temp\ehdrv.sys [135760 2017-01-27] (ESET)
S3 HCW713x; C:\Windows\System32\DRIVERS\HCW713x.sys [827776 2007-03-26] (Hauppauge Computer Works inc.)
R0 hotcore3; C:\Windows\System32\drivers\hotcore3.sys [39472 2008-02-14] (Paragon Software Group)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2010-04-05] ()
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2007-02-27] ()
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc.)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-13] (NXP Semiconductors)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-04-30] (Logitech Inc.)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36624 2007-01-28] (Sonic Solutions) [Datei ist nicht signiert]
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [801896 2012-10-25] (Realtek Semiconductor Corporation )
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [722416 2010-10-22] (Duplex Secure Ltd.)
R2 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5504 2012-06-03] () [Datei ist nicht signiert]
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2011-12-15] (The OpenVPN Project)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-31 10:24 - 2017-01-31 10:25 - 00031949 _____ C:\Users\Kornelia\Desktop\FRST.txt
2017-01-31 10:22 - 2017-01-31 10:22 - 00001881 _____ C:\Users\Kornelia\Desktop\JRT.txt
2017-01-31 10:16 - 2017-01-31 10:16 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2017-01-31 10:09 - 2017-01-31 10:09 - 00001255 _____ C:\Users\Kornelia\Desktop\mbam.txt
2017-01-31 09:40 - 2017-01-31 09:40 - 00001365 _____ C:\Users\Kornelia\Desktop\AdwCleaner[C2].txt
2017-01-31 09:22 - 2017-01-31 09:22 - 04015056 _____ C:\Users\Kornelia\Desktop\adwcleaner_6.043.exe
2017-01-29 14:14 - 2017-01-29 14:14 - 00000000 ____D C:\Users\TEMP.Kornelia-PC\AppData\Local\Real
2017-01-29 14:12 - 2017-01-29 14:15 - 00000000 ____D C:\Users\TEMP.Kornelia-PC
2017-01-28 13:24 - 2017-01-28 13:31 - 00219282 _____ C:\TDSSKiller.3.1.0.12_28.01.2017_13.24.30_log.txt
2017-01-28 13:22 - 2017-01-28 13:22 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Kornelia\Desktop\tdsskiller.exe
2017-01-28 13:03 - 2017-01-30 17:52 - 01762816 _____ (Farbar) C:\Users\Kornelia\Desktop\FRST.exe
2017-01-27 23:56 - 2017-01-31 10:24 - 00000000 ____D C:\FRST
2017-01-27 16:27 - 2017-01-27 16:27 - 02870984 _____ (ESET) C:\Users\Kornelia\Desktop\esetsmartinstaller_deu.exe
2017-01-27 15:58 - 2017-01-27 15:58 - 01663040 _____ (Malwarebytes) C:\Users\Kornelia\Desktop\JRT.exe
2017-01-27 15:27 - 2017-01-31 09:34 - 00000000 ____D C:\AdwCleaner
2017-01-27 14:42 - 2017-01-27 14:42 - 00000000 ____D C:\Users\Kornelia\AppData\Local\AviraSpeedup
2017-01-27 14:35 - 2017-01-27 14:35 - 00000000 ____D C:\Users\Kornelia\AppData\Local\Avira
2017-01-27 13:56 - 2017-01-31 09:39 - 00094656 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-01-27 13:56 - 2017-01-31 09:39 - 00063264 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-01-27 13:56 - 2017-01-27 13:56 - 00152512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-01-27 13:55 - 2017-01-31 09:39 - 00039360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-01-27 13:55 - 2017-01-31 09:38 - 00219584 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-27 13:55 - 2017-01-27 13:55 - 00002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-27 13:55 - 2017-01-27 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-27 13:55 - 2017-01-20 07:47 - 00059976 _____ C:\Windows\system32\Drivers\mbae.sys
2017-01-27 13:54 - 2017-01-27 13:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-27 13:54 - 2017-01-27 13:54 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-27 00:03 - 2017-01-27 00:04 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2017-01-26 22:47 - 2017-01-26 22:47 - 00001134 _____ C:\Users\Kornelia\Desktop\Avira Antivirus starten.lnk
2017-01-26 21:06 - 2017-01-26 21:06 - 04581024 _____ (Avira Operations GmbH & Co. KG) C:\Users\Kornelia\Downloads\avira_de_fass0_588a51b66deb0__ws.exe
2017-01-26 19:57 - 2017-01-26 19:57 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\Avira
2017-01-26 17:28 - 2017-01-26 17:28 - 00000000 ____D C:\Users\Kornelia\Downloads\Notfall DVD 7.0 Free
2017-01-26 16:35 - 2017-01-26 17:04 - 1276319704 _____ C:\Users\Kornelia\Downloads\Notfall_DVD_7.0_Free.zip
2017-01-26 13:57 - 2017-01-26 13:57 - 00001101 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2017-01-26 13:57 - 2017-01-26 13:57 - 00000998 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2017-01-26 13:56 - 2017-01-31 09:39 - 00000000 ____D C:\Users\Public\Speedup Sessions
2017-01-26 13:52 - 2017-01-26 13:52 - 00001166 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-01-26 13:43 - 2017-01-26 13:49 - 04581024 _____ (Avira Operations GmbH & Co. KG) C:\Users\Kornelia\Downloads\avira_de_fass0_5889ec8b9e38c__ws.exe
2017-01-24 23:24 - 2017-01-24 23:24 - 00000936 _____ C:\Users\Kornelia\Desktop\duplicate.txt
2017-01-19 19:22 - 2017-01-19 21:20 - 00000000 ____D C:\Users\Kornelia\Desktop\Rekla Herd
2017-01-12 23:57 - 2017-01-12 23:58 - 00000000 ____D C:\Users\Kornelia\Desktop\SCHULE
2017-01-11 13:22 - 2017-01-05 18:46 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-11 13:22 - 2017-01-05 18:46 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-11 13:22 - 2017-01-05 18:43 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-11 13:22 - 2017-01-05 18:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-11 13:22 - 2017-01-05 18:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-11 13:22 - 2017-01-05 18:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-11 13:22 - 2017-01-05 18:19 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-11 13:22 - 2017-01-05 18:19 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-11 13:22 - 2017-01-05 18:19 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-11 13:22 - 2017-01-05 18:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-11 13:22 - 2017-01-05 18:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-11 13:22 - 2017-01-05 18:19 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-10 16:32 - 2017-01-25 00:18 - 00040346 _____ C:\Users\Kornelia\Desktop\Dateiliste.xlsx
2017-01-08 21:33 - 2017-01-08 21:33 - 00000000 ____D C:\Users\Kornelia\AppData\Local\CEF
2017-01-07 22:31 - 2017-01-07 22:31 - 00002075 _____ C:\Users\Kornelia\Desktop\JDownloader 2.lnk
2017-01-07 22:31 - 2017-01-07 22:31 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2017-01-07 22:27 - 2017-01-27 15:13 - 00000000 ____D C:\Users\Kornelia\AppData\Local\JDownloader 2.0
2017-01-07 22:23 - 2017-01-07 22:23 - 00076504 _____ (AppWork GmbH) C:\Users\Kornelia\Downloads\WebInstaller.exe
2017-01-07 19:32 - 2017-01-31 10:14 - 00000000 ____D C:\Users\Kornelia\AppData\LocalLow\Mozilla
2017-01-07 19:20 - 2017-01-07 19:20 - 00243720 _____ C:\Users\Kornelia\Downloads\Firefox Setup Stub 50.1.0.exe
2017-01-07 17:29 - 2017-01-24 23:13 - 00000000 ____D C:\Users\Kornelia\Downloads\Downloader
2017-01-07 17:21 - 2017-01-07 17:23 - 26539720 _____ (AppWork GmbH) C:\Users\Kornelia\Downloads\JDownloaderSetup.exe
2017-01-07 16:50 - 2017-01-07 16:50 - 00000000 ____D C:\Users\Kornelia\Downloads\Info
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-31 10:23 - 2013-06-11 21:18 - 00000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001UA.job
2017-01-31 10:19 - 2010-03-25 21:41 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2017-01-31 09:52 - 2011-07-05 09:29 - 00021264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-31 09:52 - 2011-07-05 09:29 - 00021264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-31 09:43 - 2010-03-26 02:57 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2017-01-31 09:37 - 2011-07-05 09:31 - 00000000 ____D C:\Users\Kornelia
2017-01-31 09:37 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-31 09:33 - 2011-07-05 10:34 - 00000008 __RSH C:\Users\Kornelia\ntuser.pol
2017-01-31 09:33 - 2011-07-05 10:33 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-01-31 09:31 - 2013-03-01 15:36 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-31 09:12 - 2015-09-16 17:12 - 00000000 ____D C:\Users\Kornelia\Desktop\Neuer Ordner (2)
2017-01-31 08:58 - 2013-03-14 15:50 - 00000000 ____D C:\Windows\pss
2017-01-27 22:23 - 2013-06-11 21:18 - 00000918 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001Core.job
2017-01-27 15:43 - 2016-03-27 19:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-01-27 15:43 - 2012-04-30 09:26 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-01-27 15:40 - 2011-03-09 20:40 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2017-01-27 15:33 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\tracing
2017-01-27 15:13 - 2011-11-01 11:13 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\Vidalia
2017-01-27 15:13 - 2011-07-05 10:25 - 00000000 ____D C:\Windows\Panther
2017-01-27 15:13 - 2011-04-13 13:21 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\skypePM
2017-01-27 15:12 - 2010-10-31 18:18 - 00000000 ___RD C:\Users\Kornelia\Desktop\Tabea Spiele
2017-01-27 15:12 - 2007-10-12 08:47 - 00000000 ____D C:\Program Files\DivX
2017-01-27 14:43 - 2011-07-05 10:27 - 01629284 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-27 14:43 - 2009-07-14 09:47 - 00702942 _____ C:\Windows\system32\perfh007.dat
2017-01-27 14:43 - 2009-07-14 09:47 - 00150582 _____ C:\Windows\system32\perfc007.dat
2017-01-27 14:43 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2017-01-27 00:05 - 2010-12-16 14:57 - 00000000 ____D C:\Program Files\GMX
2017-01-26 23:52 - 2011-09-30 10:13 - 00000000 ____D C:\Users\Public\Documents\Tivola_prefs
2017-01-26 23:52 - 2011-02-23 18:14 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\Amazon
2017-01-26 23:52 - 2011-02-23 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
2017-01-26 23:52 - 2011-02-23 18:11 - 00000000 ____D C:\Program Files\Amazon
2017-01-26 23:52 - 2010-03-10 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tivola
2017-01-26 23:48 - 2011-03-09 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2017-01-26 23:48 - 2011-03-09 20:41 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\DVDVideoSoft
2017-01-26 23:48 - 2011-03-09 20:40 - 00000000 ____D C:\Program Files\DVDVideoSoft
2017-01-26 23:43 - 2016-10-23 15:39 - 00150152 _____ C:\Windows\ntbtlog.txt
2017-01-26 17:26 - 2016-10-24 10:00 - 00120432 _____ C:\Users\Kornelia\AppData\Local\GDIPFONTCACHEV1.DAT
2017-01-26 16:28 - 2016-10-21 23:01 - 00428280 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-26 13:57 - 2016-10-21 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-01-26 13:57 - 2012-12-22 20:23 - 00000000 ____D C:\Program Files\Avira
2017-01-26 13:57 - 2012-05-20 11:07 - 00000000 ____D C:\ProgramData\Avira
2017-01-26 13:52 - 2015-11-28 11:45 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-26 13:30 - 2011-04-05 15:08 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2017-01-25 13:21 - 2012-02-26 18:45 - 00000000 ____D C:\Users\Kornelia\Downloads\Heidi
2017-01-24 23:47 - 2011-04-05 14:45 - 00000000 ____D C:\ProgramData\Norton
2017-01-23 15:51 - 2012-01-17 15:04 - 00000000 ____D C:\Users\Kornelia\AppData\Local\Microsoft Help
2017-01-23 12:32 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2017-01-22 00:11 - 2016-08-14 14:22 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-19 21:19 - 2010-04-01 21:23 - 00000000 ____D C:\Users\Kornelia\AppData\Roaming\COREL
2017-01-19 21:13 - 2010-04-29 21:48 - 00000000 ____D C:\Users\Kornelia\Documents\My PSP Files
2017-01-19 21:13 - 2010-04-22 22:31 - 00001786 ___SH C:\Windows\system32\KGyGaAvL.sys
2017-01-11 23:30 - 2013-09-01 10:47 - 00000000 ____D C:\Windows\system32\MRT
2017-01-11 23:19 - 2011-08-09 13:50 - 133456224 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-10 19:31 - 2012-05-27 00:08 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-01-10 19:31 - 2011-09-06 09:10 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-01-10 19:31 - 2010-03-13 11:32 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-08 21:33 - 2010-03-12 09:41 - 00000000 ____D C:\Users\Kornelia\AppData\Local\Adobe
2017-01-07 19:31 - 2011-10-05 01:27 - 00001117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-01-07 19:31 - 2010-03-06 17:48 - 00001105 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2010-06-02 05:21 - 2010-06-02 05:21 - 1347354 _____ () C:\Program Files\Apr2005_d3dx9_25_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1078962 _____ () C:\Program Files\Apr2005_d3dx9_25_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1397830 _____ () C:\Program Files\Apr2006_d3dx9_30_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1115221 _____ () C:\Program Files\Apr2006_d3dx9_30_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0916430 _____ () C:\Program Files\Apr2006_MDX1_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 4162630 _____ () C:\Program Files\Apr2006_MDX1_x86_Archive.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0179133 _____ () C:\Program Files\Apr2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0133103 _____ () C:\Program Files\Apr2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087101 _____ () C:\Program Files\Apr2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046010 _____ () C:\Program Files\Apr2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0698612 _____ () C:\Program Files\APR2007_d3dx10_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0695865 _____ () C:\Program Files\APR2007_d3dx10_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1607358 _____ () C:\Program Files\APR2007_d3dx9_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1606039 _____ () C:\Program Files\APR2007_d3dx9_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0195766 _____ () C:\Program Files\APR2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0151225 _____ () C:\Program Files\APR2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0096817 _____ () C:\Program Files\APR2007_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0053302 _____ () C:\Program Files\APR2007_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1350542 _____ () C:\Program Files\Aug2005_d3dx9_27_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1077644 _____ () C:\Program Files\Aug2005_d3dx9_27_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0182903 _____ () C:\Program Files\AUG2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0137235 _____ () C:\Program Files\AUG2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087142 _____ () C:\Program Files\AUG2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046058 _____ () C:\Program Files\AUG2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0852286 _____ () C:\Program Files\AUG2007_d3dx10_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0796867 _____ () C:\Program Files\AUG2007_d3dx10_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1800160 _____ () C:\Program Files\AUG2007_d3dx9_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1708152 _____ () C:\Program Files\AUG2007_d3dx9_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0198096 _____ () C:\Program Files\AUG2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0153012 _____ () C:\Program Files\AUG2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0867612 _____ () C:\Program Files\Aug2008_d3dx10_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0849167 _____ () C:\Program Files\Aug2008_d3dx10_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1794084 _____ () C:\Program Files\Aug2008_d3dx9_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1464672 _____ () C:\Program Files\Aug2008_d3dx9_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0121772 _____ () C:\Program Files\Aug2008_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0092996 _____ () C:\Program Files\Aug2008_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271412 _____ () C:\Program Files\Aug2008_XAudio_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271038 _____ () C:\Program Files\Aug2008_XAudio_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0919044 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0900598 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3112111 _____ () C:\Program Files\Aug2009_d3dcsx_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3319740 _____ () C:\Program Files\Aug2009_d3dcsx_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0232635 _____ () C:\Program Files\Aug2009_d3dx10_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0192131 _____ () C:\Program Files\Aug2009_d3dx10_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0136301 _____ () C:\Program Files\Aug2009_d3dx11_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0105044 _____ () C:\Program Files\Aug2009_d3dx11_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0930116 _____ () C:\Program Files\Aug2009_d3dx9_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0728456 _____ () C:\Program Files\Aug2009_d3dx9_42_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122408 _____ () C:\Program Files\Aug2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093106 _____ () C:\Program Files\Aug2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273264 _____ () C:\Program Files\Aug2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272642 _____ () C:\Program Files\Aug2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1357976 _____ () C:\Program Files\Dec2005_d3dx9_28_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1079456 _____ () C:\Program Files\Dec2005_d3dx9_28_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0212807 _____ () C:\Program Files\DEC2006_d3dx10_00_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0191720 _____ () C:\Program Files\DEC2006_d3dx10_00_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1571154 _____ () C:\Program Files\DEC2006_d3dx9_32_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1574376 _____ () C:\Program Files\DEC2006_d3dx9_32_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0192475 _____ () C:\Program Files\DEC2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0145599 _____ () C:\Program Files\DEC2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0089944 _____ (Microsoft Corporation) C:\Program Files\DSETUP.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 1801048 _____ () C:\Program Files\dsetup32.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 0042410 _____ () C:\Program Files\dxdllreg_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0537432 _____ () C:\Program Files\DXSETUP.exe
2010-06-02 05:22 - 2010-06-02 05:22 - 0094011 _____ () C:\Program Files\dxupdate.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1247499 _____ () C:\Program Files\Feb2005_d3dx9_24_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1013225 _____ () C:\Program Files\Feb2005_d3dx9_24_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1362796 _____ () C:\Program Files\Feb2006_d3dx9_29_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1084720 _____ () C:\Program Files\Feb2006_d3dx9_29_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0178359 _____ () C:\Program Files\Feb2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0132409 _____ () C:\Program Files\Feb2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0194675 _____ () C:\Program Files\FEB2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0147983 _____ () C:\Program Files\FEB2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054678 _____ () C:\Program Files\Feb2010_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0020713 _____ () C:\Program Files\Feb2010_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122446 _____ () C:\Program Files\Feb2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093180 _____ () C:\Program Files\Feb2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0276960 _____ () C:\Program Files\Feb2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277191 _____ () C:\Program Files\Feb2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1336002 _____ () C:\Program Files\Jun2005_d3dx9_26_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1064925 _____ () C:\Program Files\Jun2005_d3dx9_26_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0180785 _____ () C:\Program Files\JUN2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0133671 _____ () C:\Program Files\JUN2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0699044 _____ () C:\Program Files\JUN2007_d3dx10_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0698472 _____ () C:\Program Files\JUN2007_d3dx10_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607774 _____ () C:\Program Files\JUN2007_d3dx9_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607286 _____ () C:\Program Files\JUN2007_d3dx9_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197122 _____ () C:\Program Files\JUN2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0152909 _____ () C:\Program Files\JUN2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0867828 _____ () C:\Program Files\JUN2008_d3dx10_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0849919 _____ () C:\Program Files\JUN2008_d3dx10_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1792608 _____ () C:\Program Files\JUN2008_d3dx9_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1463878 _____ () C:\Program Files\JUN2008_d3dx9_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055154 _____ () C:\Program Files\JUN2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021905 _____ () C:\Program Files\JUN2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121054 _____ () C:\Program Files\JUN2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093128 _____ () C:\Program Files\JUN2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269628 _____ () C:\Program Files\JUN2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269024 _____ () C:\Program Files\JUN2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0944460 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0931471 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0752783 _____ () C:\Program Files\Jun2010_d3dcsx_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0762188 _____ () C:\Program Files\Jun2010_d3dcsx_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0235955 _____ () C:\Program Files\Jun2010_d3dx10_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197283 _____ () C:\Program Files\Jun2010_d3dx10_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138205 _____ () C:\Program Files\Jun2010_d3dx11_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0109445 _____ () C:\Program Files\Jun2010_d3dx11_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0937246 _____ () C:\Program Files\Jun2010_d3dx9_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0768036 _____ () C:\Program Files\Jun2010_d3dx9_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0124596 _____ () C:\Program Files\Jun2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093686 _____ () C:\Program Files\Jun2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277338 _____ () C:\Program Files\Jun2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0278060 _____ () C:\Program Files\Jun2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0844884 _____ () C:\Program Files\Mar2008_d3dx10_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0818260 _____ () C:\Program Files\Mar2008_d3dx10_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1769862 _____ () C:\Program Files\Mar2008_d3dx9_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1443282 _____ () C:\Program Files\Mar2008_d3dx9_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055058 _____ () C:\Program Files\Mar2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021867 _____ () C:\Program Files\Mar2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122336 _____ () C:\Program Files\Mar2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093734 _____ () C:\Program Files\Mar2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0251194 _____ () C:\Program Files\Mar2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0226250 _____ () C:\Program Files\Mar2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1067160 _____ () C:\Program Files\Mar2009_d3dx10_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1040745 _____ () C:\Program Files\Mar2009_d3dx10_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1973702 _____ () C:\Program Files\Mar2009_d3dx9_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1612446 _____ () C:\Program Files\Mar2009_d3dx9_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054600 _____ () C:\Program Files\Mar2009_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021298 _____ () C:\Program Files\Mar2009_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121506 _____ () C:\Program Files\Mar2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092740 _____ () C:\Program Files\Mar2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0275044 _____ () C:\Program Files\Mar2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273018 _____ () C:\Program Files\Mar2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0864600 _____ () C:\Program Files\Nov2007_d3dx10_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0803884 _____ () C:\Program Files\Nov2007_d3dx10_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1802058 _____ () C:\Program Files\Nov2007_d3dx9_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1709360 _____ () C:\Program Files\Nov2007_d3dx9_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0046144 _____ () C:\Program Files\NOV2007_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0018496 _____ () C:\Program Files\NOV2007_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0196762 _____ () C:\Program Files\NOV2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0148264 _____ () C:\Program Files\NOV2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0994154 _____ () C:\Program Files\Nov2008_d3dx10_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0965421 _____ () C:\Program Files\Nov2008_d3dx10_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1906878 _____ () C:\Program Files\Nov2008_d3dx9_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1550796 _____ () C:\Program Files\Nov2008_d3dx9_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054522 _____ () C:\Program Files\Nov2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021851 _____ () C:\Program Files\Nov2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121794 _____ () C:\Program Files\Nov2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092684 _____ () C:\Program Files\Nov2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273960 _____ () C:\Program Files\Nov2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272611 _____ () C:\Program Files\Nov2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0086037 _____ () C:\Program Files\Oct2005_xinput_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0045359 _____ () C:\Program Files\Oct2005_xinput_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1412902 _____ () C:\Program Files\OCT2006_d3dx9_31_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1127217 _____ () C:\Program Files\OCT2006_d3dx9_31_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0182361 _____ () C:\Program Files\OCT2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138017 _____ () C:\Program Files\OCT2006_XACT_x86.cab
2010-10-22 14:05 - 2010-10-22 14:46 - 0000388 _____ () C:\Users\Kornelia\AppData\Roaming\burnaware.ini
2013-12-18 23:02 - 2013-12-19 00:05 - 0000679 _____ () C:\Users\Kornelia\AppData\Local\cookies.ini
2011-08-17 17:39 - 2015-07-28 17:08 - 0008192 _____ () C:\Users\Kornelia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-07-26 18:23 - 2011-07-26 18:23 - 0000000 _____ () C:\Users\Kornelia\AppData\Local\{38D64D27-A406-4959-8E9F-79A45D04043C}
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2011-07-05 09:26
==================== Ende vom FRST.txt ============================
Geändert von Mineko (31.01.2017 um 10:13 Uhr) Grund: Hinzufügen mbam Scan |
|
31.01.2017, 11:01
| #15 |
| | WIndowa 7 Funde OpenCandy.Gen im abgesichternen ModusCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 29-01-2017
durchgeführt von Kornelia (31-01-2017 10:26:32)
Gestartet von C:\Users\Kornelia\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2011-07-05 09:33:53)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1736235967-2657770174-236075978-500 - Administrator - Disabled)
Gast (S-1-5-21-1736235967-2657770174-236075978-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1736235967-2657770174-236075978-1005 - Limited - Enabled)
Konni (S-1-5-21-1736235967-2657770174-236075978-1003 - Administrator - Enabled)
Kornelia (S-1-5-21-1736235967-2657770174-236075978-1001 - Administrator - Enabled) => C:\Users\Kornelia
Tabea (S-1-5-21-1736235967-2657770174-236075978-1002 - Limited - Enabled) => C:\Users\Tabea
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-1736235967-2657770174-236075978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01312017094722724\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
7-Zip 4.65 (HKLM\...\7-Zip) (Version: - )
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM\...\Digital Editions) (Version: - )
Adobe Flash Player 24 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Aladins Wunderlampe (HKLM\...\Aladins Wunderlampe_is1) (Version: - )
Alamandi (HKLM\...\Alamandi) (Version: 0.0.0.0 - INTENIUM GmbH)
Amazon Music (HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-1736235967-2657770174-236075978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01312017094722724\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
Annabel (HKLM\...\Annabel) (Version: 1.0.0.0 - INTENIUM GmbH)
ATI Catalyst Install Manager (HKLM\...\{CC516453-9703-ABF9-201F-58A5EC567292}) (Version: 3.0.642.0 - ATI Technologies, Inc.)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM\...\Avira Phantom VPN) (Version: 2.4.3.30556 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM\...\Avira System Speedup_is1) (Version: 3.1.1.4250 - Avira Operations GmbH & Co. KG)
Azada ™: Ancient Magic (HKLM\...\BFG-Azada - Ancient Magic) (Version: - )
Azada: In Libro (HKLM\...\BFG-Azada - In Libro) (Version: - )
Azteca (HKLM\...\Azteca) (Version: 1.0.0.0 - INTENIUM GmbH)
Beetle Ju 2 (HKLM\...\Beetle Ju 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Bengal (HKLM\...\Bengal) (Version: 1.0.1.0 - INTENIUM GmbH)
Big Fish Games: Game Manager (HKLM\...\BFGC) (Version: 2.0.0.28 - )
Botanica - Reise ins Unbekannte (HKLM\...\BFG-Botanica - Reise ins Unbekannte) (Version: - )
calibre (HKLM\...\{BA356893-F9F4-4C84-B10B-6EB2FC3C3B90}) (Version: 1.5.0 - Kovid Goyal)
ccc-core-static (Version: 2007.0821.2146.36991 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.4003 - CDBurnerXP)
Chinese Checkers (HKLM\...\40-com.novelgames.flashgames.checkers) (Version: 1.8.0 - Novel Games Limited)
Chinese Checkers (Version: 1.8.0 - Novel Games Limited) Hidden
Corel Paint Shop Pro Photo XI (HKLM\...\{E1C7EF5E-3A7B-4ED4-A48B-F70F1B36EAB4}) (Version: 11.20.0000 - Corel Corporation)
Corel Snapfire DVD Maker (HKLM\...\{17E14D89-3A9F-4706-9F9B-C2DFC7ABE94B}) (Version: 1.20.0000 - Corel Corporation)
Corel Snapfire Plus (HKLM\...\{7ADE3A47-B425-45E9-8FF6-11BE2B775645}) (Version: 1.201.0000 - Corel Corporation)
CyberGhost VPN Patch 4.7.19 (HKLM\...\CyberGhost VPN_is1) (Version: - CyberGhost S.R.L.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Da Vincis Perlen Puzzle (HKLM\...\Da Vincis Perlen Puzzle) (Version: - )
Das Reich des Drachen (HKLM\...\Das Reich des Drachen) (Version: 1.0.0.0 - INTENIUM GmbH)
Das Vermächtnis - Der Baum des Lebens (1.00) (HKLM\...\Das Vermächtnis - Der Baum des Lebens_is1) (Version: - City Interactive)
Der Perfekte Weihnachtsbaum (HKLM\...\Der Perfekte Weihnachtsbaum) (Version: 1.0.0.0 - INTENIUM GmbH)
DEUTSCHLAND SPIELT GAME CENTER (HKLM\...\DSGPlayer) (Version: 1.2010.6.23 - INTENIUM GmbH)
Diamantenfee 2 (HKLM\...\Diamantenfee 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Diamond Drop 2 (HKLM\...\Diamond Drop 2) (Version: 1.0.0.0 - INTENIUM GmbH)
DIE GEHEIMNISSE DER SPIDERWICKS (HKLM\...\{DFA723CE-22B4-4E6B-92CF-176256ECF2DE}) (Version: 1.00.0000 - Sierra Entertainment)
Die Kluge Eule (HKU\S-1-5-21-1736235967-2657770174-236075978-1001\...\Die Kluge Eule) (Version: - )
Die Kluge Eule (HKU\S-1-5-21-1736235967-2657770174-236075978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01312017094722724\...\Die Kluge Eule) (Version: - )
Die Wiege Olympias 2 (HKLM\...\Die Wiege Olympias 2) (Version: 1.0.0.0 - INTENIUM GmbH)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.3 - DivX, LLC)
Drawn: ® Flucht aus der Dunkelheit (HKLM\...\BFG-Drawn - Flucht aus der Dunkelheit) (Version: - )
Drawn: Der Turm ™ (HKLM\...\BFG-Drawn - Der Turm) (Version: - )
Dream Chronicles (HKLM\...\Dream Chronicles) (Version: - PlayFirst, Inc.)
Dream Chronicles ™ 2: The Eternal Maze (HKLM\...\BFG-Dream Chronicles 2 - The Eternal Maze) (Version: - )
DVD43 v4.6.0 (HKLM\...\DVD43_is1) (Version: - )
DVS Video Downloader Addon for Mozilla Firefox version 4.3.4.17 (HKLM\...\DVS Video Downloader Addon for Mozilla Firefox_is1) (Version: 4.3.4.17 - DVDVideoSoft Ltd.)
Emil und Pauline Auf dem Land (remove only) (HKLM\...\Emil und Pauline Auf dem Land) (Version: - )
Emil und Pauline In der Stadt (remove only) (HKLM\...\Emil und Pauline In der Stadt) (Version: - )
Enigmatis - Vermisst in Maple Creek (HKLM\...\Enigmatis - Vermisst in Maple Creek_is1) (Version: - rondomedia Marketing & Vertriebs GmbH)
Ewige Reise - Das neue Atlantis (HKLM\...\Ewige Reise - Das neue Atlantis) (Version: - )
Fabled Legends: Die Ruckkehr des Rattenfangers (HKLM\...\BFG-Fabled Legends - Die Rueckkehr des Rattenfaengers) (Version: - )
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FarmFrenzy (HKLM\...\FarmFrenzy) (Version: - )
Finstere Liebschaft - Immortal Lovers (HKLM\...\Finstere Liebschaft - Immortal Lovers) (Version: - )
foobar2000 v1.0.3 (HKLM\...\foobar2000) (Version: 1.0.3 - Peter Pawlowski)
Forest Legends - Der Ruf der Liebe (HKLM\...\Forest Legends - Der Ruf der Liebe) (Version: - )
FormatFactory 3.5.0.0 (HKLM\...\FormatFactory) (Version: 3.5.0.0 - Format Factory)
Free Studio version 2013 (HKLM\...\Free Studio_is1) (Version: 6.1.0.320 - DVDVideoSoft Ltd.)
Galileo Family Quiz - Spezial II (HKLM\...\Galileo Family Quiz - Spezial II) (Version: - SevenOne Intermedia)
Geheimakte 2 - Puritas Cordis (HKLM\...\{BE7347AD-2D93-4A74-8DBF-C1B073DAE509}) (Version: 1.00.0000 - Deep Silver)
Geheime Fälle: Die gestohlene Venus (HKLM\...\Geheime Fälle: Die gestohlene Venus) (Version: 1.0.0.0 - INTENIUM GmbH)
Geheimnis von Montezuma 2 (HKLM\...\Geheimnis von Montezuma 2) (Version: 1.0.0.0 - INTENIUM GmbH)
GMX SMS-Manager (HKLM\...\com.unitedinternet.ums.sms-mms-manager) (Version: 2.7.2.6 - 1 und 1 Internet AG)
GMX SMS-Manager (Version: 2.7.2 - 1 und 1 Internet AG) Hidden
Google Calendar Sync (HKLM\...\Google Calendar Sync) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Gravely Silent: Haus des Schreckens (HKLM\...\BFG-Gravely Silent - Haus des Schreckens) (Version: - )
Haunted Manor: Der Herr der Spiegel (HKLM\...\BFG-Haunted Manor - Der Herr der Spiegel) (Version: - )
Hauppauge MCE XP/Vista Software Encoder (2.0.25102) (HKLM\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.25102 - Hauppauge Computer Works, Inc.)
Heroes of Hellas (HKLM\...\{C0906D83-1FE0-4176-A940-45A348080987}) (Version: 1.00.0000 - Purplehills)
Hexentanz und Firlefanz (HKLM\...\Hexentanz und Firlefanz) (Version: - )
Hidden Expedition ® : Bermudadreieck (HKLM\...\BFG-Hidden Expedition - Bermudadreieck) (Version: - )
Hidden Mysteries Salem Secrets (HKLM\...\Hidden Mysteries Salem Secrets) (Version: 1.0 - astrogon Software)
Hidden Mysteries Vampire Secrets (HKLM\...\Hidden Mysteries Vampire Secrets) (Version: 1.0 - astragon Software)
Java(TM) 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JetBee FREE 5.1.2 (build 456) (HKLM\...\JetBee_is1) (Version: - )
Jewel Puzzle (HKLM\...\Jewel Puzzle) (Version: 1.0.0.0 - INTENIUM GmbH)
Kleiner Eisbär 2 (HKLM\...\Kleiner Eisbär 2) (Version: - )
Kuros (HKLM\...\Kuros) (Version: 1.0.0.0 - INTENIUM GmbH)
Lauras Stern (HKLM\...\Lauras Stern) (Version: - )
Letstrade (HKLM\...\{E0091C29-DEE8-4B24-BF65-8C35B5940D77}) (Version: 1.00.0000 - Buhl Data Service)
LightScribe System Software 1.17.90.1 (HKLM\...\{CB16F6D9-EBC9-4BC6-B917-7AF53E99C067}) (Version: 1.17.90.1 - LightScribe)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Manic Digger (HKLM\...\{119E2FCB-5CDD-4C24-BCB2-56A824E2BF0A}_is1) (Version: - )
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Midnight Mysteries Salem Witch Trials (HKLM\...\Midnight Mysteries Salem Witch Trials) (Version: 1.1.0.0 - MumboJumbo)
Mozilla Firefox 51.0.1 (x86 de) (HKLM\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Mozilla Thunderbird 45.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 45.6.0 (x86 de)) (Version: 45.6.0 - Mozilla)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery Case Files®: Dire Grove™ (HKLM\...\BFG-Mystery Case Files - Dire Grove) (Version: - )
Mystery Case Files: Madame Fate ® (HKLM\...\BFG-Mystery Case Files - Madame Fate) (Version: - )
Mystery Case Files: Rückkehr nach Ravenhearst Handbuch ™ (HKLM\...\BFG-Mystery Case Files - Rueckkehr nach Ravenhearst Handbuch) (Version: - )
Mystery Case Files: Rückkehr nach Ravenhearst ™ (HKLM\...\BFG-Mystery Case Files - Rueckkehr nach Ravenhearst) (Version: - )
Mystery Case Files: Ravenhearst ™ (HKLM\...\BFG-Mystery Case Files - Ravenhearst) (Version: - )
Mystery of Cleopatra (HKLM\...\Mystery of Cleopatra 1.0) (Version: 1.0 - Rondo Media)
Mystery Places - Das Geheimnis der Geistervilla (HKLM\...\Mystery Places - Das Geheimnis der Geistervilla_is1) (Version: - )
Mystery Tales - Insel der Träume (HKLM\...\{2C0AC9A4-3FA8-4B71-848E-9BB9D492BC2E}_is1) (Version: - cerasus.media GmbH)
Mystery Trackers: Raincliff (HKLM\...\BFG-Mystery Trackers - Raincliff) (Version: - )
Natalie Brooks (HKLM\...\Natalie Brooks) (Version: - )
Nero 7 Essentials (HKLM\...\{0DE739CA-9487-4E3E-8511-92EAF01F1031}) (Version: 7.03.0274 - Nero AG)
Nightfall Mysteries - Die Ashburg Verschwörung (HKLM\...\Nightfall Mysteries - Die Ashburg Verschwörung_is1) (Version: - rondomedia)
Pahelika: Secret Legends (HKLM\...\Pahelika: Secret Legends) (Version: - The Games Company Worldwide GmbH)
Paragon Hard Disk Manager 2008 Professional (HKLM\...\{E9E4BB29-FA98-401B-9EDE-9906906E33DE}) (Version: - Paragon Software Group)
PixiePack Codec Pack (HKLM\...\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}) (Version: 1.1.1200.0 - None)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Polipo 1.0.4.1 (HKLM\...\Polipo) (Version: - )
Prinzessin Isabella (HKLM\...\Prinzessin Isabella) (Version: 1.0.0.0 - INTENIUM GmbH)
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
ProtectDisc Helper Driver 10 (HKLM\...\ProtectDisc Driver 10) (Version: 10.0.0.3 - )
Radiotracker (HKLM\...\{1E863F44-2D2D-4BD7-B25B-EDA9FF622267}) (Version: 6.2.13700.0 - RapidSolution Software AG)
ratDVD 0.78.1444 (HKLM\...\ratDVD) (Version: 0.78.1444 - ratDVD)
Ravensburger tiptoi (HKLM\...\Ravensburger tiptoi) (Version: - )
RealDownloader (Version: 18.1.2.176 - RealNetworks, Inc.) Hidden
RealDownloader (Version: 18.1.4.144 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM\...\RealPlayer 18.1) (Version: 18.1.2 - RealNetworks)
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - )
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Rooms - Die Villa 1.0d (HKLM\...\Rooms - Die Villa) (Version: 1.0d - Halycon Media)
Samantha Swift and the Mystery From Atlantis (HKLM\...\Samantha Swift and the Mystery From Atlantis) (Version: 1.1.0.0 - MumboJumbo)
Sandra Fleming Chronicles – Crystal Skulls (HKLM\...\Sandra Fleming Chronicles – Crystal Skulls) (Version: 1.0.0.0 - INTENIUM GmbH)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Simajo (HKLM\...\Simajo) (Version: - )
Skins (Version: 2007.0821.2146.36991 - ATI) Hidden
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony Ericsson Update Engine (HKLM\...\Update Engine) (Version: 2.13.6.201305161305 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.188 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.188 - Sony)
Spirits of Mystery: Dunkler Fluch (HKLM\...\BFG-Spirits of Mystery - Dunkler Fluch) (Version: - )
Spur der Träume (HKLM\...\Spur der Träume) (Version: 1.0.0.0 - INTENIUM GmbH)
Sweet Home 3D version 3.3 (HKLM\...\Sweet Home 3D_is1) (Version: - eTeks)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Enchanted Kingdom: Elisa’s Adventure (HKLM\...\The Enchanted Kingdom: Elisa’s Adventure) (Version: 1.0.0.0 - INTENIUM GmbH)
The Fall Trilogy (HKLM\...\The Fall Trilogy_is1) (Version: - Morphicon)
The Fall Trilogy Chapter 2 (HKLM\...\The Fall Trilogy Chapter 2_is1) (Version: - Morphicon)
The Night of the Rabbit (HKLM\...\The Night of the Rabbit) (Version: 1.0 - Daedalic Entertainment)
The Sultans Labyrinth: Das Opfer des Königs (HKLM\...\BFG-The Sultans Labyrinth - Das Opfer des Koenigs) (Version: - ) <==== ACHTUNG
Tor 0.2.2.35 (HKLM\...\Tor) (Version: - )
TP-LINK 300Mbps Wireless USB Adapter Treiber (HKLM\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
TP-LINK-Konfigurationstool (HKLM\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Trödelschätze (HKLM\...\{AC368309-A247-42C0-9AAF-ABB2E067B79C}) (Version: 1.00.0000 - Valusoft)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Try Corel Snapfire muvee autoProducer add on (Version: 1.00.0000 - Ihr Firmenname) Hidden
Turtix (HKLM\...\Turtix) (Version: - )
Turtix 2 (HKLM\...\Turtix 2) (Version: - )
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Vernaeht und zugeflixt! Was stimmt denn hier nicht? (HKLM\...\Vernaeht und zugeflixt! Was stimmt denn hier nicht?) (Version: - )
Vidalia 0.2.15 (HKLM\...\Vidalia) (Version: - )
Video Downloader (Version: 1.2.0 - RealNetworks) Hidden
Vista Codec Package (HKLM\...\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}) (Version: 5.6.4 - Shark007)
VTech Download Agent Library (Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (HKLM\...\VTechDownloadManager) (Version: - VTech)
Wieso? Weshalb? Warum? - Unser Körper (HKLM\...\com.rd.www.desktop.DesktopBody) (Version: 1.0.0 - Ravensburger Digital GmbH)
Wieso? Weshalb? Warum? - Unser Körper (Version: 1.0.0 - Ravensburger Digital GmbH) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WordPerfect Office X3 (HKLM\...\_{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}) (Version: - Corel Corporation)
WordPerfect Office X3 (Version: 13.3 - Corel Corporation) Hidden
World Voyage (HKLM\...\World Voyage) (Version: 1.0.0.0 - INTENIUM GmbH)
XMedia Recode 2.3.0.4 (HKLM\...\XMedia Recode) (Version: 2.3.0.4 - Sebastian Dörfler)
XMind 2013 (v3.4.1) (HKLM\...\XMind_is1) (Version: 3.4.1.201401221918 - XMind Ltd.)
Zuma's Revenge! (HKLM\...\Zuma's Revenge!1.0) (Version: 1.0 - AllSmartGames)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Kornelia\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Kornelia\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Kornelia\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1736235967-2657770174-236075978-1001_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837}\InprocServer32 -> kein Dateipfad
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {032A98DE-A547-4FB1-97B4-777E85FCE80F} - System32\Tasks\{51ECF608-A47D-464B-892E-9A3067C4CA0E} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {04338029-ABEF-4DB2-A56D-FF0641970A7A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001UA => C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-11] (Facebook Inc.)
Task: {08FA19ED-87A2-4BE4-B4F6-1170192766D0} - System32\Tasks\{1D76B916-65CA-47A7-9DD1-C614C8F74E56} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {0922A476-D472-4C6B-AF0D-283C447FF4F0} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {248BA49A-31FC-4CBC-AC12-0AD50B3730CD} - System32\Tasks\{2D2CF1E0-A39F-4435-B084-62C323AD4F56} => C:\Program Files\astragon Software\Hidden Mysteries Vampire Secrets\Hidden Mysteries - Vampire Secrets.exe [2010-09-03] ()
Task: {262EF14E-2D04-4238-8DD2-2B9AFBBAEC1F} - System32\Tasks\{D62DA859-B3A5-4A8C-8643-BC908C434082} => C:\Program Files\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {2B93871E-90A6-4BD6-B5B2-2B2CCE5A5740} - System32\Tasks\{C791566E-54A6-4DAF-8C0F-0153AA08A504} => pcalua.exe -a D:\Software\Nero\setupx.exe -d D:\Software\Nero
Task: {2D4FEC81-5640-445A-97C1-A780D1FD2CD8} - System32\Tasks\{3D22388D-753E-494E-8F61-D351F8E67C68} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {34B169BF-29C1-4D9E-ABAD-DD33D6A48488} - System32\Tasks\{AA3E9FEA-EE1C-4BD0-A6EE-0AB550AE278F} => pcalua.exe -a D:\autorun.exe -d D:\
Task: {3C30CE7A-A21F-4478-8DFD-AB4484B05538} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-10] (Adobe Systems Incorporated)
Task: {3F4F5314-363F-4D5F-AD46-3C6D3EAA7DDA} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {40B72FB4-CFE2-4347-A69C-6AA6A1291F0F} - System32\Tasks\{CC841AF3-7C05-4252-BDD9-2A3892CD4929} => Firefox.exe
Task: {474C30BF-0A7E-4DC2-9E6B-369B154E8229} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-02] (Google Inc.)
Task: {49897270-27FE-4B7E-A4F9-1B4F8AE27E3F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {49E28B95-9408-4715-97DA-1AB7339805C6} - System32\Tasks\{EA4F2F72-7C23-4AB9-8184-245B49DE749F} => C:\Program Files\DEUTSCHLAND SPIELT\BeetleJu2 VollVersion\BeetleJu2_og.exe [2010-11-23] (INTENIUM GmbH)
Task: {4C08C992-D45F-4D07-9702-9FF2FB1E7DA0} - System32\Tasks\{7D0AE273-2305-48F1-AF5C-46BFD622F47E} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {4E016ADD-5044-4D20-841E-C43FFE2861BD} - System32\Tasks\{F4A27F14-3152-470D-9565-039442275C50} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {4EC8D6F7-19A4-43EB-A744-BF2A0A15F56E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {50748F55-16EA-4C55-8547-7EC1D0947037} - System32\Tasks\RealDownloader Update Check => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [2016-07-05] ()
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {5AC92F98-B42E-4F21-9AA0-01AD0439642E} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {5B3F853B-FE70-4847-8631-186551D7012C} - System32\Tasks\{07CBC734-EBA5-454A-913B-EC737132222F} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {66D53617-940A-4E05-871F-28B9007E2CC3} - System32\Tasks\{9BFE3ECE-693E-45CE-A00E-7DC315188CEC} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {6B725544-E42B-4580-B4AE-E272703AF399} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {6C42F0C8-5E73-4DE6-A971-9CE99159C71D} - System32\Tasks\{71507EB2-BF35-48B0-8135-FCBC7D54BAEC} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {77D92D5C-1736-4593-BC70-36551C747A1A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {78201B2F-5E80-4168-B233-7212E7A89D0D} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18] (Sun Microsystems, Inc.)
Task: {7DD6E2A0-C6F1-4EFD-92B0-4A0D547C24C5} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {893B18BE-C091-4B27-9D76-82F0BCA99813} - System32\Tasks\{84074564-9C97-48A0-BBB3-89DAB27B7C9B} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {9240E8E9-1D41-40BA-B4DE-32542C7145DB} - System32\Tasks\{97E672C4-E6D1-4ED6-99D8-B122A1F86FC0} => pcalua.exe -a D:\DVPP\Setup.exe -d D:\DVPP
Task: {979D3F17-6619-45C5-B404-606838B44253} - System32\Tasks\{E4546B87-1D17-4B95-A0A5-37522F5D05EF} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {9C2F05E8-F861-43CF-987B-095EF430F405} - System32\Tasks\{F3AEE607-769D-4C8B-824B-88BEB035F102} => pcalua.exe -a C:\Spiele\Lillifee\setup.exe -d D:
Task: {B0993B05-978C-4A15-AA87-B18AB9A99EFD} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001Core => C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-11] (Facebook Inc.)
Task: {B37A6E42-727E-4E31-A77C-04022A464880} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2015-11-04] (RealNetworks, Inc.)
Task: {BFD53BF4-19B8-4502-92DD-7D926FFA8CA6} - System32\Tasks\{EC680A57-E7BC-4A66-8FBB-20A511FDFA89} => pcalua.exe -a D:\bin\EasyInst.exe -d D:\
Task: {C8250CB2-F11F-4A98-95BB-BA5E812E6A7E} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {DAAAE172-7743-4C96-B232-DCC0F5FC7607} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-02] (Google Inc.)
Task: {DBF5DE37-8E99-4B07-813D-41126EA90DB3} - System32\Tasks\{81430713-60CA-4B71-8FBB-D14DA0751514} => pcalua.exe -a D:\autorun.exe -d D:\
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {F0E42A33-0E8E-4BB2-80F9-8418E2340E57} - System32\Tasks\{287D07D5-E1D7-4882-9C98-35680FC50E9A} => C:\Program Files\astragon Software\Hidden Mysteries Vampire Secrets\Hidden Mysteries - Vampire Secrets.exe [2010-09-03] ()
Task: {F20691E7-0B1D-438A-ABD0-2D94FF823CEA} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1736235967-2657770174-236075978-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {F526EC9D-6127-42C8-A3B4-E081029D3F7D} - System32\Tasks\{3DEE68DB-465B-46BB-87CD-D6BEE805EFD1} => C:\Program Files\Daedalic Entertainment\The Night of the Rabbit\rabbit.exe [2013-04-28] (Daedalic Entertainment GmbH)
Task: {FB0BD155-6754-4ECC-9711-162FE2741D51} - System32\Tasks\Amazon Music Helper => C:\Users\Kornelia\AppData\Local\Amazon Music\Amazon Music Helper.exe [2014-12-08] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001Core.job => C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1736235967-2657770174-236075978-1001UA.job => C:\Users\Kornelia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2006-11-02 11:40 - 2006-11-02 11:40 - 00174656 _____ () C:\Windows\system32\PSIService.exe
2015-11-04 15:20 - 2015-11-04 15:20 - 00033088 _____ () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
2015-11-04 15:20 - 2015-11-04 15:20 - 00037720 _____ () C:\Program Files\Real\UpdateService\DL2UpdatePlugin.dll
2015-11-04 15:19 - 2015-11-04 15:19 - 00039768 _____ () C:\Program Files\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2015-11-04 15:20 - 2015-11-04 15:20 - 00037728 _____ () C:\Program Files\Real\UpdateService\VideoDLUpdatePlugin.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:24FECE50 [398]
AlternateDataStreams: C:\ProgramData\TEMP:260575F1 [422]
AlternateDataStreams: C:\ProgramData\TEMP:35501BA4 [368]
AlternateDataStreams: C:\ProgramData\TEMP:45A64DE6 [183]
AlternateDataStreams: C:\ProgramData\TEMP:574F975B [184]
AlternateDataStreams: C:\ProgramData\TEMP:9BB8C675 [171]
AlternateDataStreams: C:\ProgramData\TEMP:A3B8F70C [128]
AlternateDataStreams: C:\ProgramData\TEMP:A4AF8D0D [169]
AlternateDataStreams: C:\ProgramData\TEMP:ADF211B1 [100]
AlternateDataStreams: C:\ProgramData\TEMP:B139DDF3 [173]
AlternateDataStreams: C:\ProgramData\TEMP:B8791731 [170]
AlternateDataStreams: C:\ProgramData\TEMP:BEE39E9B [190]
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]
AlternateDataStreams: C:\ProgramData\TEMP:E51234A9 [154]
AlternateDataStreams: C:\ProgramData\TEMP:FAB64002 [164]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.exe: => <===== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.scr: => <===== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.bat: => <===== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.com: => <===== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.cmd: => <===== ACHTUNG
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Software\Classes\.reg: => <===== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2006-11-02 03:23 - 2006-09-18 14:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1736235967-2657770174-236075978-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1736235967-2657770174-236075978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01312017094722724\Control Panel\Desktop\\Wallpaper -> C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1736235967-2657770174-236075978-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01312017093817961\Control Panel\Desktop\\Wallpaper -> C:\Users\Tabea\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1736235967-2657770174-236075978-1003.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01312017093822329\Control Panel\Desktop\\Wallpaper -> C:\Users\Konni\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{771781D7-42F2-4719-BCFC-468823CD634A}] => C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{F8F60273-BD4C-4058-B246-6F633BD6A891}] => LPort=1900
FirewallRules: [{20D276B1-3C90-4929-8A32-E4ACCBECC2C8}] => LPort=2869
FirewallRules: [{3355F104-DC9F-42F3-8E9D-3BF5DBF8FEB3}] => C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0BEA84F4-2656-475A-AE06-59E81719D75F}] => svchost.exe
FirewallRules: [{2BFBBFCF-8C85-480D-A055-0DB5677BDCDE}] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{5B4D0C77-79AF-4923-BDC1-B51891E48444}C:\program files\vidalia bundle\tor\tor.exe] => C:\program files\vidalia bundle\tor\tor.exe
FirewallRules: [UDP Query User{BC460BB0-BD68-48F3-BEB2-47578A7623D9}C:\program files\vidalia bundle\tor\tor.exe] => C:\program files\vidalia bundle\tor\tor.exe
FirewallRules: [{2339DF44-A7DD-4E22-A32A-32DCC95DC337}] => C:\program files\vidalia bundle\tor\tor.exe
FirewallRules: [{A59E1834-01D3-478B-90C5-6E1D4924AFDB}] => C:\program files\vidalia bundle\tor\tor.exe
FirewallRules: [{AEB0C184-B9E4-434C-B087-A14CA1DF867B}] => C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{08572AF5-8353-4B61-B8C0-24C618870A9E}] => C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{670FA4AF-6DA8-487A-91EE-B07143EB2170}] => C:\Users\Kornelia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8BD40ABE-22B5-4230-B66B-47D3BD3D0390}] => C:\Users\Kornelia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{55D99CB2-C725-42FC-847A-5909C961EAE8}] => C:\Users\Kornelia\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{85FDB52D-7A01-43A8-9009-6A168010138A}] => C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{8758F947-09B2-41DF-88EC-579BC9CA03E7}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{459568E9-83FC-4C8A-9663-91C2C9B6026F}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{92605963-E425-410C-BB6E-8F4EDEA0C349}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D48E3507-9052-45D0-9E44-24AC955777AA}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4ED3AA0F-7E02-449A-BAA4-34B72C42BF3C}C:\program files\freetime\formatfactory\formatfactory.exe] => C:\program files\freetime\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{A8E2B43C-F558-48C1-A629-118843C42FE8}C:\program files\freetime\formatfactory\formatfactory.exe] => C:\program files\freetime\formatfactory\formatfactory.exe
FirewallRules: [{84839E9D-9BF0-4CCD-A922-70507EA96606}] => c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{175EF583-D4BB-4455-BF80-3778A39EAEAC}] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{189936DE-97ED-4FCF-AFD9-FA1ABFB6C531}] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{D0577CA9-F454-408A-ACDF-7F280302E7BD}] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{95DF96B5-51A5-4BAD-8FE7-4BC3CF9AF3DF}] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{D81DFAC4-5EE4-4BF8-A94D-84503C9C6E7F}] => C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{88496792-6A83-4826-9392-C3A2DBF731BE}C:\program files\java\jre6\bin\javaw.exe] => C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{08F10482-4231-4238-9029-5220201C0B87}C:\program files\java\jre6\bin\javaw.exe] => C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{3199F9F6-FD40-4F4E-B578-F886A82D57DA}C:\users\kornelia\appdata\local\jdownloader 2.0\jdownloader2.exe] => C:\users\kornelia\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [UDP Query User{AE639368-64F0-4A58-B6CA-0EE42A599710}C:\users\kornelia\appdata\local\jdownloader 2.0\jdownloader2.exe] => C:\users\kornelia\appdata\local\jdownloader 2.0\jdownloader2.exe
==================== Wiederherstellungspunkte =========================
24-01-2017 15:04:25 Windows Update
27-01-2017 15:11:14 Avira System Speedup Optimierung
27-01-2017 16:04:18 JRT Pre-Junkware Removal
31-01-2017 10:18:32 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: atksgt
Description: atksgt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: atksgt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: sptd
Description: sptd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: sptd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/31/2017 10:26:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a4a7
Name des fehlerhaften Moduls: wmp.dll, Version: 12.0.7601.23517, Zeitstempel: 0x57adfdef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002f2a13
ID des fehlerhaften Prozesses: 0xec0
Startzeit der fehlerhaften Anwendung: 0x01d27b9dbdf6dc0e
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\wmp.dll
Berichtskennung: 516ee2c7-e797-11e6-8b50-001d607b2853
Error: (01/31/2017 10:18:32 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-1736235967-2657770174-236075978-1003.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {825d267e-3731-43bf-9430-d8f483269a9a}
Error: (01/30/2017 07:02:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a4a7
Name des fehlerhaften Moduls: wmp.dll, Version: 12.0.7601.23517, Zeitstempel: 0x57adfdef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002f2a13
ID des fehlerhaften Prozesses: 0x1d50
Startzeit der fehlerhaften Anwendung: 0x01d27b220a87b452
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\wmp.dll
Berichtskennung: 4a87d4f7-e716-11e6-98c3-001d607b2853
Error: (01/30/2017 06:54:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a4a7
Name des fehlerhaften Moduls: wmp.dll, Version: 12.0.7601.23517, Zeitstempel: 0x57adfdef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002f2a13
ID des fehlerhaften Prozesses: 0x19bc
Startzeit der fehlerhaften Anwendung: 0x01d27b20a1bec3b8
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\wmp.dll
Berichtskennung: 3181c03b-e715-11e6-98c3-001d607b2853
Error: (01/30/2017 06:44:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a4a7
Name des fehlerhaften Moduls: wmp.dll, Version: 12.0.7601.23517, Zeitstempel: 0x57adfdef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002f2a13
ID des fehlerhaften Prozesses: 0x6b8
Startzeit der fehlerhaften Anwendung: 0x01d27b18b440fab7
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\wmp.dll
Berichtskennung: c32495fe-e713-11e6-98c3-001d607b2853
Error: (01/30/2017 05:45:22 PM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/30/2017 05:45:22 PM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/29/2017 08:47:50 PM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/29/2017 08:47:50 PM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/29/2017 02:50:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a4a7
Name des fehlerhaften Moduls: wmp.dll, Version: 12.0.7601.23517, Zeitstempel: 0x57adfdef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002f2a13
ID des fehlerhaften Prozesses: 0x15a4
Startzeit der fehlerhaften Anwendung: 0x01d27a35cd75a541
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\wmp.dll
Berichtskennung: e30ce1ad-e629-11e6-aa4c-001d607b2853
Systemfehler:
=============
Error: (01/31/2017 10:27:15 AM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.
Error: (01/31/2017 10:27:15 AM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/1733801205/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.
Error: (01/31/2017 10:27:15 AM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.
Error: (01/31/2017 10:27:15 AM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/1733801205/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.
Error: (01/31/2017 10:26:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/31/2017 09:46:16 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (01/31/2017 09:42:28 AM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.
Error: (01/31/2017 09:42:28 AM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/1733801205/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.
Error: (01/31/2017 09:42:28 AM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.
Error: (01/31/2017 09:42:28 AM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/1733801205/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.
==================== Memory info ===========================
Processor: AMD Athlon(tm) X2 Dual Core Processor BE-2300
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 1918.49 MB
Verfügbarer physikalischer RAM: 960.62 MB
Summe virtueller Speicher: 3836.98 MB
Verfügbarer virtueller Speicher: 2418.91 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:242.77 GB) (Free:93.6 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive e: () (Fixed) (Total:207.36 GB) (Free:35.49 GB) NTFS
Drive g: (Black) (Fixed) (Total:465.76 GB) (Free:413.34 GB) NTFS
Drive i: (EXTERN 2 -Spiegel-) (Fixed) (Total:242.77 GB) (Free:143.09 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive m: (EXTERN 1 -DATEN-) (Fixed) (Total:1255.2 GB) (Free:437.65 GB) NTFS
Drive n: (EXTERN 3) (Fixed) (Total:100 GB) (Free:99.87 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C76EBDA3)
Partition 1: (Active) - (Size=242.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15.6 GB) - (Type=27)
Partition 3: (Not Active) - (Size=207.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 5C921633)
Partition 1: (Not Active) - (Size=1255.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=507.8 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 256E7802)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
|
|
| Themen zu WIndowa 7 Funde OpenCandy.Gen im abgesichternen Modus |
| agent, aktuelle, anleitung, appdata, avira, cache, code, converter, datensicherung, eset, firefox, free, handy, install, mozilla, nicht mehr, problem, realplayer, roaming, scan, starten, update, updates, wechseldatenträger, win |
Linear-Darstellung
