| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: LavasoftTCPService.dll - Web Companion Komponente eingefangenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
23.07.2017, 11:57
| #1 |
 |  LavasoftTCPService.dll - Web Companion Komponente eingefangen Hallo, und vielen Dank für die Unterstützung bei den diversen Plagegeistern. Ich fürchte ich hab mir irgendwie eine Komponente des Lavasoft Web Companions eingefangen. Wie hab ich das bemerkt? Steam meckert mit immer beim Start die im Titel angegebene dll an und das diese aktualisiert werden muss. Ich vermute eher das sich was reingeschummelt hat  HiJackThis hat mir in der Log-Auswertung die Komponenten auch schon als schädlich angemeckert. Ich hab aber keinen Plan wie man die Komponenten sauber raus kriegt. Deswegen bitte ich Euch um Hilfe und Unterstützung. Hier die FRST Logfiles. FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2017
durchgeführt von Gn***** (Administrator) auf WG-260 (23-07-2017 12:31:25)
Gestartet von C:\Users\Gn*****\Downloads
Geladene Profile: Gn***** (Verfügbare Profile: Gn***** & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
() E:\HDD Health\HDDHealthService.exe
(Nero AG) E:\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() E:\MSI Afterburner\MSIAfterburner.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
() E:\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Safer-Networking Ltd.) E:\Spybot - Search & Destroy 2\SDTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Safer-Networking Ltd.) E:\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) E:\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Safer-Networking Ltd.) E:\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() E:\RivaTuner Statistics Server\RTSS.exe
() E:\RivaTuner Statistics Server\EncoderServer64.exe
() E:\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) E:\Mozilla Firefox\firefox.exe
(Mozilla Corporation) E:\Mozilla Firefox\firefox.exe
(Mozilla Corporation) E:\Mozilla Firefox\firefox.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamuseragent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\update.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\updrgui.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2016-12-02] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21]
(Intel Corporation)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-
3D323D69C677}\AiChargerPlus.exe [465536 2011-10-31] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-04-13] (Razer Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-13] (Avira Operations GmbH &
Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [918008 2017-07-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SDTray] => E:\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\Run: [CCleaner Monitoring] => E:\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy
\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\Run: [Spybot-S&D Cleaning] => E:\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-
Networking Ltd.)
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\Policies\Explorer: []
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: H - H:\AUTORUN.EXE
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {611a43f2-4ce1-11e2-b2c5-94dbc940e75f} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {660695fb-3f74-11e2-8d9d-94dbc940e75f} - J:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {7176c1a5-4047-11e2-a158-c86000e22cc1} - J:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {74e0857a-56a5-11e2-b1d9-94dbc940e75f} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {74e08595-56a5-11e2-b1d9-c86000e22cc1} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {74e085a7-56a5-11e2-b1d9-c86000e22cc1} - H:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {74e085bc-56a5-11e2-b1d9-c86000e22cc1} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {87994de8-3b45-11e3-9e56-c86000e22cc1} - I:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {90f4cafc-3e4a-11e2-9d19-94dbc940e75f} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {90f4cb0c-3e4a-11e2-9d19-94dbc940e75f} - J:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {90f4cb41-3e4a-11e2-9d19-c86000e22cc1} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {90f4cb83-3e4a-11e2-9d19-c86000e22cc1} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {97b2a9f8-58f0-11e2-ab2c-94dbc940e75f} - H:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {d64e0e01-407f-11e2-a01c-94dbc940e75f} - L:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {e392c4ec-a8bd-11e5-abb3-c86000e22cc1} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {f1871499-2a06-11e5-97ea-c86000e22cc1} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {f3950a4f-57ee-11e2-b622-c86000e22cc1} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft
Corporation)
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HDDHealth.lnk [2017-04-17]
ShortcutTarget: HDDHealth.lnk -> E:\HDD Health\hddhealth.exe (PANTERASoft)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag
handelt.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-11-19] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-11-19] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-11-19] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-11-19] (Lavasoft Limited)
Winsock: Catalog9 15 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-11-19] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-11-19] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-11-19] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-11-19] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-11-19] (Lavasoft Limited)
Winsock: Catalog9-x64 15 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-11-19] (Lavasoft Limited)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Internet Explorer:
==================
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-386634515-4225027544-3189603330-1000 -> DefaultScope {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q=
{searchTerms}
SearchScopes: HKU\S-1-5-21-386634515-4225027544-3189603330-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-04-21] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
[2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-21] (Oracle
Corporation)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2015-10-19] (pdfforge
GmbH)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live
\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2015-10-19]
(pdfforge GmbH)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Gn*****\AppData\Roaming\Mozilla\Firefox\Profiles\63ip853m.default [2017-07-23]
FF NewTab: Mozilla\Firefox\Profiles\63ip853m.default -> hxxp://www.google.de
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\63ip853m.default -> Google
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\63ip853m.default -> Ask.com
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\63ip853m.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\63ip853m.default -> hxxp://www.google.de
FF Keyword.URL: Mozilla\Firefox\Profiles\63ip853m.default -> hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=103&systemid=473&v=n9602-
155&apn_dtid=BND473&apn_ptnrs=AG1&apn_uid=8814603877224743&o=APN10640&q=
FF NetworkProxy: Mozilla\Firefox\Profiles\63ip853m.default -> type", 0
FF Extension: (Avira Browser Safety) - C:\Users\Gn*****\AppData\Roaming\Mozilla\Firefox\Profiles\63ip853m.default\Extensions\abs@avira.com.xpi [2017-07-17]
FF Extension: (MEGA) - C:\Users\Gn*****\AppData\Roaming\Mozilla\Firefox\Profiles\63ip853m.default\Extensions\firefox@mega.co.nz.xpi [2017-07-12]
FF Extension: (Adblock Plus) - C:\Users\Gn*****\AppData\Roaming\Mozilla\Firefox\Profiles\63ip853m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2017-06-07]
FF SearchPlugin: C:\Users\Gn*****\AppData\Roaming\Mozilla\Firefox\Profiles\63ip853m.default\searchplugins\google-lavasoft.xml [2015-11-21]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2015-11-19] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-15] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei]
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> F:\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[2012-01-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-04-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-04-01] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> E:\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2015-10-19] (pdfforge GmbH)
StartMenuInternet: FIREFOX.EXE - E:\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet
wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-07-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-07-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-07-13] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1524216 2017-07-13] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-02-02] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe [324608 2012-05-18] (ASUSTeK Computer Inc.) [Datei
ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [249312 2016-12-02] (DTS, Inc)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [399120 2017-04-18] (EasyAntiCheat Ltd)
S3 GalaxyClientService; E:\GOG Galaxy\GalaxyClientService.exe [284224 2016-11-22] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2016-11-22] (GOG.com)
R2 HDDHealth; E:\HDD Health\HDDHealthService.exe [17760 2013-03-08] () [Datei ist nicht signiert]
R2 HTCMonitorService; E:\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-04-02] (Nero AG)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160768 2011-05-27] (Intel Corporation) [Datei ist nicht
signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-04-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation)
S3 Origin Client Service; F:\Origin\OriginClientService.exe [2147216 2017-05-03] (Electronic Arts)
S2 Origin Web Helper Service; F:\Origin\OriginWebHelperService.exe [3116440 2017-05-03] (Electronic Arts)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [99616 2014-03-05] (Overwolf LTD)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Datei ist nicht signiert]
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2015-10-19] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2015-10-19] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2015-10-19] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2017-04-18] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
R2 SDScannerService; E:\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; E:\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; E:\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet
wird.)
R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [64504 2017-06-20] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [185032 2017-06-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [149976 2017-06-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-02] (Avira Operations GmbH & Co. KG)
S3 DFX11_0; C:\Windows\System32\drivers\dfx11_0x64.sys [28008 2012-08-16] (Windows (R) Win 7 DDK provider)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [216576 2009-09-04] (Huawei Technologies Co., Ltd.)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [29672 2013-01-13] (REALiX(tm))
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [76840 2017-04-01] (NVIDIA Corporation)
R3 RTCore64; E:\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R2 WinRing0_1_2_0; C:\Users\Gn*****\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries25.gadget\WinRing0x64.sys [14544 2012-08-17] (OpenLibSys.org)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet
wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-23 12:31 - 2017-07-23 12:31 - 00026511 _____ C:\Users\Gn*****\Downloads\FRST.txt
2017-07-23 12:30 - 2017-07-23 12:31 - 00000000 ____D C:\FRST
2017-07-23 12:29 - 2017-07-23 12:29 - 02382336 _____ (Farbar) C:\Users\Gn*****\Downloads\FRST64.exe
2017-07-17 21:42 - 2017-07-17 21:42 - 00000000 ____D C:\Users\Gn*****\AppData\LocalLow\uTorrent
2017-07-16 15:00 - 2017-07-16 15:00 - 00000000 ____D C:\Users\Gn*****\Downloads\FRST
2017-07-13 20:57 - 2017-07-13 20:57 - 00195541 _____ C:\Users\Gn*****\Downloads\20170713_Vergleichsrechnung.pdf
2017-07-12 18:59 - 2017-06-30 06:15 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-07-12 18:59 - 2017-06-30 05:32 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 02319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 02222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 02058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-07-12 18:59 - 2017-06-30 04:40 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-07-12 18:59 - 2017-06-30 04:40 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-07-12 18:59 - 2017-06-30 04:39 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-07-12 18:59 - 2017-06-30 04:39 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-07-12 18:59 - 2017-06-30 04:38 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-07-12 18:59 - 2017-06-30 04:38 - 01363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-07-12 18:59 - 2017-06-30 04:38 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-07-12 18:59 - 2017-06-30 04:38 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-07-12 18:59 - 2017-06-30 04:38 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-07-12 18:59 - 2017-06-30 04:38 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-07-12 18:59 - 2017-06-30 04:38 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-07-12 18:59 - 2017-06-30 04:38 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-07-12 18:59 - 2017-06-30 04:27 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-07-12 18:59 - 2017-06-30 04:27 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-07-12 18:59 - 2017-06-30 04:26 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-07-12 18:59 - 2017-06-30 04:26 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-07-12 18:59 - 2017-06-29 08:27 - 25734656 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-07-12 18:59 - 2017-06-29 08:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-07-12 18:59 - 2017-06-29 08:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-07-12 18:59 - 2017-06-29 08:04 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-07-12 18:59 - 2017-06-29 08:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-07-12 18:59 - 2017-06-29 08:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-07-12 18:59 - 2017-06-29 08:02 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-07-12 18:59 - 2017-06-29 08:02 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-07-12 18:59 - 2017-06-29 08:02 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-07-12 18:59 - 2017-06-29 07:55 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-07-12 18:59 - 2017-06-29 07:54 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-07-12 18:59 - 2017-06-29 07:51 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-07-12 18:59 - 2017-06-29 07:50 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-07-12 18:59 - 2017-06-29 07:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-07-12 18:59 - 2017-06-29 07:50 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-07-12 18:59 - 2017-06-29 07:50 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-07-12 18:59 - 2017-06-29 07:44 - 05975552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-07-12 18:59 - 2017-06-29 07:43 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-07-12 18:59 - 2017-06-29 07:39 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-07-12 18:59 - 2017-06-29 07:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-07-12 18:59 - 2017-06-29 07:31 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-07-12 18:59 - 2017-06-29 07:31 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-07-12 18:59 - 2017-06-29 07:30 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-07-12 18:59 - 2017-06-29 07:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-07-12 18:59 - 2017-06-29 07:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-07-12 18:59 - 2017-06-29 07:23 - 20270592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-07-12 18:59 - 2017-06-29 07:23 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-07-12 18:59 - 2017-06-29 07:23 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-07-12 18:59 - 2017-06-29 07:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-07-12 18:59 - 2017-06-29 07:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-07-12 18:59 - 2017-06-29 07:22 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-07-12 18:59 - 2017-06-29 07:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-07-12 18:59 - 2017-06-29 07:22 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-07-12 18:59 - 2017-06-29 07:19 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-07-12 18:59 - 2017-06-29 07:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-07-12 18:59 - 2017-06-29 07:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-07-12 18:59 - 2017-06-29 07:14 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-07-12 18:59 - 2017-06-29 07:13 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-07-12 18:59 - 2017-06-29 07:13 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-07-12 18:59 - 2017-06-29 07:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-07-12 18:59 - 2017-06-29 07:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-07-12 18:59 - 2017-06-29 07:09 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-07-12 18:59 - 2017-06-29 07:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-07-12 18:59 - 2017-06-29 07:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-07-12 18:59 - 2017-06-29 07:07 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-07-12 18:59 - 2017-06-29 07:05 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-07-12 18:59 - 2017-06-29 07:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-07-12 18:59 - 2017-06-29 07:00 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-07-12 18:59 - 2017-06-29 07:00 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-07-12 18:59 - 2017-06-29 06:58 - 15253504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-07-12 18:59 - 2017-06-29 06:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-07-12 18:59 - 2017-06-29 06:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-07-12 18:59 - 2017-06-29 06:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-07-12 18:59 - 2017-06-29 06:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-07-12 18:59 - 2017-06-29 06:53 - 03240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-07-12 18:59 - 2017-06-29 06:52 - 04549632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-07-12 18:59 - 2017-06-29 06:48 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-07-12 18:59 - 2017-06-29 06:47 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-07-12 18:59 - 2017-06-29 06:46 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-07-12 18:59 - 2017-06-29 06:46 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-07-12 18:59 - 2017-06-29 06:43 - 13663744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-07-12 18:59 - 2017-06-29 06:41 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-07-12 18:59 - 2017-06-29 06:29 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-07-12 18:59 - 2017-06-29 06:28 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-07-12 18:59 - 2017-06-29 06:24 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-07-12 18:59 - 2017-06-29 06:23 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-07-12 18:59 - 2017-06-22 16:58 - 03223040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-07-12 18:59 - 2017-06-15 22:23 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-07-12 18:59 - 2017-06-13 00:54 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-07-12 18:59 - 2017-06-13 00:54 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-07-12 18:59 - 2017-06-13 00:54 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-07-12 18:59 - 2017-06-13 00:49 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 01363456 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2017-07-12 18:59 - 2017-06-13 00:49 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-07-12 18:59 - 2017-06-13 00:29 - 01227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2017-07-12 18:59 - 2017-06-13 00:29 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-07-12 18:59 - 2017-06-13 00:29 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2017-07-12 18:59 - 2017-06-13 00:29 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2017-07-12 18:59 - 2017-06-13 00:29 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-07-12 18:59 - 2017-06-13 00:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-07-12 18:59 - 2017-06-13 00:29 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-07-12 18:59 - 2017-06-13 00:29 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-07-12 18:59 - 2017-06-13 00:19 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-07-12 18:59 - 2017-06-13 00:14 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2017-07-12 18:59 - 2017-06-13 00:14 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2017-07-12 18:59 - 2017-06-13 00:14 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
2017-07-12 18:59 - 2017-06-13 00:12 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-07-12 18:59 - 2017-06-13 00:12 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-07-12 18:59 - 2017-06-13 00:12 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-07-12 18:59 - 2017-06-13 00:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-07-12 18:59 - 2017-06-13 00:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-07-12 18:59 - 2017-06-13 00:06 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2017-07-12 18:59 - 2017-06-13 00:06 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
2017-07-12 18:59 - 2017-06-13 00:06 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resmon.exe
2017-07-12 18:59 - 2017-06-13 00:05 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-07-12 18:59 - 2017-06-10 17:59 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-07-12 18:59 - 2017-06-10 17:39 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-07-12 18:59 - 2017-06-09 17:33 - 01680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-07-12 18:59 - 2017-06-06 17:30 - 01867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-07-12 18:59 - 2017-06-06 17:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-07-12 18:59 - 2017-05-30 06:56 - 01895656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-07-12 18:59 - 2017-05-30 06:56 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-07-12 18:59 - 2017-05-30 06:56 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-07-12 18:59 - 2017-05-21 06:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-07-12 18:59 - 2017-05-21 06:06 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-07-12 18:59 - 2017-05-16 17:35 - 00986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-07-12 18:59 - 2017-05-16 17:35 - 00265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-07-12 18:59 - 2017-05-16 17:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-07-12 18:58 - 2017-05-03 17:34 - 00094952 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-07-12 18:58 - 2017-05-03 17:29 - 01206272 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-07-12 18:58 - 2017-05-03 15:05 - 01555968 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-07-12 18:58 - 2017-05-03 15:05 - 00620544 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-07-12 18:58 - 2017-05-03 15:05 - 00535552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-07-12 18:58 - 2017-05-03 15:05 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-07-12 18:58 - 2017-05-03 15:05 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-07-12 18:58 - 2017-05-03 15:05 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-07-12 18:58 - 2017-05-03 15:05 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-07-12 18:58 - 2017-03-23 04:06 - 01691136 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-07-08 13:29 - 2017-07-08 13:29 - 00268579 _____ C:\Users\Gn*****\Downloads\0408_ttc_18tfsi_118.pdf
2017-07-08 13:24 - 2017-07-08 13:24 - 00118330 _____ C:\Users\Gn*****\Downloads\step_50400_50700.pdf
2017-07-08 13:22 - 2017-07-08 13:22 - 01646397 _____ C:\Users\Gn*****\Downloads\ams0715_058_2.pdf
2017-07-08 13:20 - 2017-07-08 13:20 - 00171395 _____ C:\Users\Gn*****\Downloads\step_50200_50500.pdf
2017-07-08 12:21 - 2017-07-08 12:21 - 00129100 _____ C:\Users\Gn*****\Downloads\LM_AN_INFO_0104_D_Bremsenquietschen.pdf
2017-07-02 12:58 - 2017-07-02 12:58 - 00035802 _____ C:\Users\Gn*****\Downloads\Kontoauszug_700786587600_2017-07-01_0627.pdf
2017-07-02 12:57 - 2017-07-02 12:57 - 00021035 _____ C:\Users\Gn*****\Downloads\Abrechnung_700786587600_2017-07-01_1011.pdf
2017-07-01 17:09 - 2017-07-01 17:09 - 01167932 _____ C:\Users\Gn*****\Downloads\Kaufvertrag-WAUZZZ8V8GA088893.pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-23 12:29 - 2011-04-12 09:43 - 00702964 _____ C:\Windows\system32\perfh007.dat
2017-07-23 12:29 - 2011-04-12 09:43 - 00150604 _____ C:\Windows\system32\perfc007.dat
2017-07-23 12:29 - 2009-07-14 07:13 - 01629436 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-23 12:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-07-23 12:25 - 2016-09-04 21:36 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-23 12:21 - 2016-11-22 20:02 - 00000000 ____D C:\Users\Gn*****\AppData\LocalLow\Mozilla
2017-07-23 12:21 - 2013-10-22 23:42 - 00000000 ____D C:\Users\Gn*****\AppData\Local\HTC MediaHub
2017-07-23 12:20 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-23 01:13 - 2015-07-23 02:34 - 00002984 _____ C:\Windows\System32\Tasks\MSIAfterburner
2017-07-22 11:16 - 2009-07-14 06:45 - 00031872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-22 11:16 - 2009-07-14 06:45 - 00031872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-07-19 18:38 - 2015-07-26 19:45 - 00000000 ____D C:\Users\Gn*****\Downloads\hjt
2017-07-17 23:20 - 2013-10-16 21:05 - 00000000 ____D C:\Users\Gn*****\AppData\Roaming\uTorrent
2017-07-17 21:57 - 2014-12-02 20:05 - 00024064 _____ C:\Users\Gn*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-17 21:40 - 2012-08-21 20:15 - 00000000 ____D C:\Users\Gn*****\AppData\Roaming\vlc
2017-07-14 20:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2017-07-13 21:38 - 2013-04-25 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-07-13 19:27 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-07-13 19:27 - 2009-07-14 06:45 - 00466296 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-12 23:02 - 2014-12-09 21:30 - 00000000 ____D C:\Windows\system32\appraiser
2017-07-12 22:40 - 2015-11-01 16:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-07-12 19:01 - 2013-07-11 17:37 - 00000000 ____D C:\Windows\system32\MRT
2017-07-12 19:00 - 2012-08-16 23:34 - 135225752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-07-11 18:01 - 2013-11-28 22:27 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-01 21:01 - 2013-01-18 09:42 - 00000000 ____D C:\Windows\Minidump
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-12-02 20:05 - 2017-07-17 21:57 - 0024064 _____ () C:\Users\Gn*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-10-07 19:23 - 2015-04-25 12:31 - 1065984 _____ () C:\Users\Gn*****\AppData\Local\file__0.localstorage
2013-12-08 22:17 - 2013-12-08 22:17 - 0003072 _____ () C:\Users\Gn*****\AppData\Local\http_www.youtube.com_0.localstorage
2012-08-21 01:09 - 2016-11-06 16:15 - 0007610 _____ () C:\Users\Gn*****\AppData\Local\Resmon.ResmonCfg
2016-12-31 13:50 - 2016-12-31 13:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-08-18 01:45 - 2012-08-18 01:46 - 0000498 _____ () C:\ProgramData\Gpu.log
2012-09-08 13:28 - 2012-09-08 13:28 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2017-01-05 13:15 - 2017-04-15 15:08 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log
2017-01-05 13:15 - 2017-04-15 01:36 - 0005504 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
Einige Dateien in TEMP:
====================
2015-02-07 14:48 - 2015-02-07 14:48 - 0000000 ____D () C:\Users\Administrator.WG-260\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-07-22 11:44
==================== Ende von FRST.txt ============================
Vielen Dank im Voraus  |
|
23.07.2017, 11:58
| #2 |
| | LavasoftTCPService.dll - Web Companion Komponente eingefangen Hier die Addition.txt noch dazu:
__________________FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-07-2017
durchgeführt von Gn***** (23-07-2017 12:31:43)
Gestartet von C:\Users\Gn*****\Downloads
Windows 7 Professional Service Pack 1 (X64) (2012-08-16 20:57:26)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-386634515-4225027544-3189603330-500 - Administrator - Enabled) => C:\Users\Administrator.WG-260
Gast (S-1-5-21-386634515-4225027544-3189603330-501 - Limited - Disabled)
Gn***** (S-1-5-21-386634515-4225027544-3189603330-1000 - Administrator - Enabled) => C:\Users\Gn*****
HomeGroupUser$ (S-1-5-21-386634515-4225027544-3189603330-1003 - Limited - Enabled)
lan (S-1-5-21-386634515-4225027544-3189603330-1005 - Limited - Disabled)
Vybz (S-1-5-21-386634515-4225027544-3189603330-1004 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell
deinstalliert werden.)
µTorrent (HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.4.402.265 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.04.04 - ASUSTeK Computer Inc.)
Alien: Isolation (HKLM-x32\...\Steam App 214490) (Version: - Creative Assembly)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 381.65 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
Assetto Corsa (HKLM\...\Steam App 244210) (Version: - Kunos Simulazioni)
Assetto Corsa (HKLM-x32\...\Steam App 244210) (Version: - Kunos Simulazioni)
Autodesk Navisworks 2013 64 bit Exporter Plug-ins (HKLM\...\{DE7FFE23-D092-5379-B83C-0E27FF07E329}) (Version: 10.0.840.82 - Autodesk) Hidden
Autodesk Navisworks 2013 64 bit Exporter Plug-ins (HKLM\...\Autodesk Navisworks 2013 64 bit Exporter Plug-ins) (Version: 10.0.840.82 - Autodesk)
Autodesk Navisworks 2013 64-Bit-Exportmodul-Plugins Language Pack - Deutsch (HKLM\...\{907A3175-B78E-0407-A98B-0A97BDE8A59C}) (Version: 10.0.831.95 - Autodesk)
Hidden
Autodesk Navisworks 2013 64-Bit-Exportmodul-Plugins Language Pack - Deutsch (HKLM\...\Autodesk Navisworks 2013 64-Bit-Exportmodul-Plugins Language Pack -
Deutsch) (Version: 10.0.831.95 - Autodesk)
Automobilista (HKLM-x32\...\Steam App 431600) (Version: - Reiza Studios)
Automobilista Beta (HKLM-x32\...\Steam App 388990) (Version: - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.28.28 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{661C79C2-D156-419C-81CA-D1A2523B0841}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG) Hidden
Avira Connect (HKLM-x32\...\{dd9049b8-31d1-40bd-8c8c-97a7b087a78f}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG)
Batman: Arkham City™ (HKLM-x32\...\{57520FA0-A73E-4165-BCA2-D71000038301}) (Version: 1.0.0003.131 - WB Games) Hidden
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.49.52296 - Electronic Arts)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CAD Loader (HKLM-x32\...\CDLKit) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CrewChiefV4 (HKLM-x32\...\{18A1E8CC-8D11-4364-8BCA-459DB119AB0D}) (Version: 4.6.4.9 - Britton IT Ltd)
Dropbox (HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dying Light (HKLM-x32\...\Steam App 239140) (Version: - Techland)
For Honor (HKLM\...\Steam App 304390) (Version: - Ubisoft Montreal)
G4E (HKLM-x32\...\{A700F154-3C6E-9572-3E7B-B1730FDA27AD}) (Version: 1.8 - Netdiffusion Limited) Hidden
G4E (HKLM-x32\...\G4E) (Version: 1.8 - Netdiffusion Limited)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Homeworld (HKLM-x32\...\Homeworld) (Version: - )
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft
Corporation)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.64.0 - HTC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) Network Connections 19.5.303.0 (HKLM\...\PROSetDX) (Version: 19.5.303.0 - Intel)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Killing Floor 2 Digital Deluxe Edition MULTi2 1.0 (HKLM-x32\...\Killing Floor 2 Digital Deluxe Edition MULTi2 1.0) (Version: 1.0 - .x.X.RIDDICK.X.x.)
League of Legends (HKLM-x32\...\{517CC397-B22F-4593-8DCB-DE72CC541E9A}) (Version: 3.0.1 - Riot Games ) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Luxology modo 701_sp2 64-bit build 61434 (HKLM-x32\...\701_sp2_64) (Version: - )
MechWarrior Online (HKLM-x32\...\{F8511A0F-D91D-4E3D-A59C-3CA8FB8EAFE8}) (Version: 1.2.0.0 - Piranha Games Inc.) Hidden
MechWarrior Online (HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\{74d11f91-05cc-44f6-8e49-94fe7f33c79b}) (Version: 1.2.0.0 - Piranha Games Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft HPC Pack 2008 R2 MS-MPI Redistributable Pack (HKLM\...\{D3299935-57F7-403A-9D7B-0B8F9F56F44B}) (Version: 3.4.4169.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: -
Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: -
Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft
Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft
Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft
Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft
Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft
Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft
Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft
Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft
Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft
Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft
Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 -
Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language
Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 (HKLM-x32\...\{EDEA8AB7-7683-4ED2-AA19-E6C078064C0D}) (Version: 3.0.5305.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
modo 701 content (HKLM-x32\...\modo701_Content) (Version: - )
Mozilla Firefox 49.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 de)) (Version: 49.0.2 - Mozilla)
Mozilla Firefox 54.0.1 (x86 de) (HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2 - Mozilla)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 381.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 381.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.9.38188 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\{FB83467F-D8EB-43E6-8B3D-860B045C1C52}) (Version: 0.51.325 - Overwolf)
PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.26.25466 - pdfforge GmbH)
PDF Architect 4 Create Module (HKLM\...\{373FD974-6F3C-4946-99BA-B9E6E2608DE2}) (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (HKLM\...\{5FF218A5-86BC-420A-A44A-66EA7C234068}) (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (HKLM\...\{A8104CED-8954-4311-9894-FC1E0FDE3ACB}) (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.1 - pdfforge)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.4 - Power Software Ltd)
Project CARS (HKLM-x32\...\Steam App 234630) (Version: - Slightly Mad Studios)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RaceRoom Racing Experience (HKLM-x32\...\Steam App 211500) (Version: - Sector3 Studios)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.413 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8004 - Realtek Semiconductor Corp.)
rFactor 2 (HKLM\...\Steam App 365960) (Version: - Studio 397)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TF2 lan edition (HKLM-x32\...\TF2 lan edition) (Version: - )
The Forest (HKLM-x32\...\Steam App 242760) (Version: - Endnight Games Ltd)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D})
(Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF})
(Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30})
(Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-
21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1})
(Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 25.0 - Ubisoft)
VBA (2627.01) (HKLM-x32\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (HKLM-x32\...\{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.0 - Sysprogs)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet
wird.)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gn*****\AppData
\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{01971695-16C8-4886-9742-ADC79A269444}\InprocServer32 -> C:\Windows
\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{07474513-7B58-45c7-B3E6-13A3669B1AFD}\InprocServer32 -> C:\Windows
\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => Keine
Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => Keine
Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => Keine
Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => Keine
Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> E:\Autodesk\AutoCAD
Mechanical 2012\acad.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{6E1B07CC-8C0F-46F1-B993-FA20D1C368C3}\InprocServer32 -> C:\Windows
\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => Keine
Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => Keine
Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => Keine
Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> E:\Autodesk\AutoCAD
Mechanical 2012\acad.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> E:\Autodesk\AutoCAD
Mechanical 2012\acad.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => Keine
Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> E:\Autodesk\AutoCAD
Mechanical 2012\acad.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{DEF63C56-2AB9-4284-A400-CDD81AED639E}\InprocServer32 -> C:\Windows
\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gn*****\AppData
\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gn*****\AppData
\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gn*****\AppData
\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gn*****\AppData
\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gn*****\AppData
\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gn*****\AppData
\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gn*****\AppData
\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gn*****\AppData
\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gn*****\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-
06-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gn*****\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-
06-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gn*****\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-
06-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gn*****\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-
06-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gn*****\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [2014
-06-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gn*****\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [2014
-06-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gn*****\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [2014
-06-24] (Dropbox, Inc.)
ContextMenuHandlers01: [PDFArchitect4_ManagerExt] -> {3AECFCB3-8472-48E9-BC7B-5A3CD945C886} => C:\Program Files\PDF Architect 4\creator-context-menu.dll [2015-
10-19] (pdfforge GmbH)
ContextMenuHandlers01: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => E:\PowerISO\PWRISOSH.DLL [2012-08-17] (Power Software Ltd)
ContextMenuHandlers01: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => E:\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers01: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => E:\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers01: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll
[2017-07-13] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers01: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => E:\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-06-03] (Sysprogs OU)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Keine Datei
ContextMenuHandlers04: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => E:\PowerISO\PWRISOSH.DLL [2012-08-17] (Power Software Ltd)
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-03-26] (Intel Corporation)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-04-01] (NVIDIA Corporation)
ContextMenuHandlers06: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => E:\PowerISO\PWRISOSH.DLL [2012-08-17] (Power Software Ltd)
ContextMenuHandlers06: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => E:\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers06: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => E:\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers06: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll
[2017-07-13] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Keine Datei
ContextMenuHandlers6_.DEFAULT: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} => -> Keine Datei
ContextMenuHandlers1_S-1-5-21-386634515-4225027544-3189603330-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gn*****\AppData\Roaming
\Dropbox\bin\DropboxExt64.24.dll [2014-06-24] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-386634515-4225027544-3189603330-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gn*****\AppData\Roaming
\Dropbox\bin\DropboxExt64.24.dll [2014-06-24] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-386634515-4225027544-3189603330-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gn*****\AppData\Roaming
\Dropbox\bin\DropboxExt64.24.dll [2014-06-24] (Dropbox, Inc.)
ContextMenuHandlers6_S-1-5-21-386634515-4225027544-3189603330-1000: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} => -> Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet
wird.)
Task: {02A23F7E-D115-4CFE-BC88-16FF6BF469E3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update
Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {0B5B5F2D-AF91-49D2-8D49-BE03692995A3} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation
\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {17FBE060-3E42-454A-B3B0-1C1CD6B79304} - System32\Tasks\SamsungMagician => E:\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {1DBA3E92-4A8B-4803-9E6C-6F7E9235E7A9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation
\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {202BFEC4-0F7B-4EBF-81A1-0B0AC99D4108} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => E:\Spybot - Search & Destroy
2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {26A32B09-291F-426F-981F-1ACA2DA5106E} - System32\Tasks\CCleanerSkipUAC => E:\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {426BC857-EB3C-44F2-B180-51C1FE1FF8B0} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
[2012-03-13] (ASUSTeK Computer Inc.)
Task: {53D10CDF-4AE2-4CF1-92A8-658F0CC589DA} - System32\Tasks\{87A7183B-CBA3-40C2-BDD1-CB7961B16DFA} => C:\Windows\system32\pcalua.exe -a C:\Users\Gn*****
\AppData\Local\Temp\jre-8u101-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ACHTUNG
Task: {54F2D8FD-3856-42E2-AD79-867BC90CF111} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update
Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {5856CF62-7BB4-4351-A9AD-471CA6F43DF5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-
04-25] (Adobe Systems Incorporated)
Task: {63CC8441-8BA9-4C10-83AB-D750CBEFF045} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => E:\Spybot - Search & Destroy
2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {776F4982-9A7D-4A9C-9BD8-D06D7EA74A40} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe
Task: {8A1D861D-DE98-43BF-8CE3-6A88BB52B204} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA
Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {8F917E2C-5814-4770-957D-BC991EFEECBD} - System32\Tasks\{D3CF6318-E097-4075-8E76-A04606C4ED57} => "e:\mozilla firefox\firefox.exe"
hxxp://ui.skype.com/ui/0/7.6.64.103/de/abandoninstall?page=tsProgressBar
Task: {98B7BA9B-70AD-4B49-B4AE-4B3886986159} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network
iControl\NetSvcHelp\NetSvcHelpEntry.exe [2012-05-02] (ASUSTeK Computer Inc.)
Task: {B312C95A-90DC-4052-84C7-29A135B33115} - System32\Tasks\{C25B44FD-4EE0-4298-B2F8-CA4C94F57F13} => C:\Windows\system32\pcalua.exe -a C:\Users\Gn*****
\Downloads\Huawei_WindowsDriver(3.05.00.00)\DriverSetup.exe -d C:\Users\Gn*****\Downloads\Huawei_WindowsDriver(3.05.00.00)
Task: {C452C5D5-20BD-4F9B-A5AE-704232B894F0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => E:\Spybot - Search & Destroy
2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {C5B7E1C6-97E8-42B7-8602-8397093BDE41} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA
Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {C87A6F46-97A8-44EC-8498-8CB574DBF263} - System32\Tasks\{1AD5778D-B9CF-49F4-BCA4-988C5081CA3A} => C:\Windows\system32\pcalua.exe -a "H:\Killing Floor
2\Uninstall.exe"
Task: {CC79EB5E-7682-45E3-86D6-71E6C10AAC88} - System32\Tasks\MSIAfterburner => E:\MSI Afterburner\MSIAfterburner.exe [2014-12-06] ()
Task: {D3FD010F-BAB8-409C-807B-99BA9E787B4A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files
(x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {F43EA08C-1AD1-4552-84E4-075436ADDD0B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA
Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {FD5794BA-C746-4B05-958A-AACFB7F41192} - System32\Tasks\{3520D453-BC23-4BB5-BF74-5BE957B9B13E} => C:\Windows\system32\pcalua.exe -a C:\Users\Gn*****
\AppData\Local\Temp\jre-8u77-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-08-22 12:54 - 2012-06-01 17:42 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2017-04-17 22:13 - 2013-03-08 09:54 - 00017760 _____ () E:\HDD Health\HDDHealthService.exe
2016-09-11 17:12 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-10-12 21:02 - 2014-11-09 13:37 - 00402432 _____ () E:\RivaTuner Statistics Server\RTSSHooks64.dll
2015-10-12 21:01 - 2014-12-06 09:03 - 00565760 _____ () E:\MSI Afterburner\MSIAfterburner.exe
2015-11-24 17:12 - 2015-11-24 17:12 - 00821240 _____ () E:\HTC\HTC Sync Manager\HTC Sync\adb.exe
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2017-04-18 00:44 - 2017-04-18 01:07 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-09-25 00:20 - 2016-09-25 00:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-10-12 21:02 - 2014-11-09 13:37 - 00197632 _____ () E:\RivaTuner Statistics Server\RTSS.exe
2015-10-12 21:02 - 2014-11-09 13:37 - 00031232 _____ () E:\RivaTuner Statistics Server\EncoderServer64.exe
2015-10-12 21:02 - 2014-11-09 13:37 - 00088576 _____ () E:\RivaTuner Statistics Server\RTSSHooksLoader64.exe
2017-05-14 12:45 - 2017-05-03 22:20 - 00034424 _____ () C:\Program Files\NVIDIA Corporation\nvstreamsrv\boost_system-vc120-mt-1_58.dll
2017-05-14 12:45 - 2017-05-03 22:20 - 00920184 _____ () C:\Program Files\NVIDIA Corporation\nvstreamsrv\boost_regex-vc120-mt-1_58.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-22 12:54 - 2017-07-23 12:20 - 00029696 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2012-08-22 12:54 - 2010-06-29 10:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-05-27 13:42 - 2014-05-27 13:42 - 00031080 _____ () E:\HTC\HTC Sync Manager\DbAccess.dll
2015-11-24 17:02 - 2015-11-24 17:02 - 00604288 _____ () E:\HTC\HTC Sync Manager\sqlite3.dll
2014-05-27 13:43 - 2014-05-27 13:43 - 00059752 _____ () E:\HTC\HTC Sync Manager\NAdvLog.dll
2014-05-27 13:42 - 2014-05-27 13:42 - 00036216 _____ () E:\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-05-27 13:43 - 2014-05-27 13:43 - 00080248 _____ () E:\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-05-27 13:44 - 2014-05-27 13:44 - 00129376 _____ () E:\HTC\HTC Sync Manager\zlib1.dll
2014-05-27 13:45 - 2014-05-27 13:45 - 00223592 _____ () E:\HTC\HTC Sync Manager\DevConnMon.dll
2016-09-11 17:12 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-10-12 21:02 - 2014-11-09 13:37 - 00356864 _____ () E:\RivaTuner Statistics Server\RTSSHooks.dll
2015-10-12 21:01 - 2014-12-06 09:01 - 00071680 _____ () E:\MSI Afterburner\RTMUI.dll
2015-10-12 21:01 - 2014-12-06 09:01 - 00056832 _____ () E:\MSI Afterburner\RTFC.dll
2015-10-12 21:01 - 2014-12-06 09:02 - 00217600 _____ () E:\MSI Afterburner\RTCore.dll
2015-10-12 21:01 - 2014-12-06 09:01 - 00353792 _____ () E:\MSI Afterburner\RTUI.dll
2015-10-12 21:01 - 2014-12-06 09:02 - 00649216 _____ () E:\MSI Afterburner\RTHAL.dll
2017-01-16 13:40 - 2017-01-16 13:40 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2016-11-10 19:15 - 2014-05-13 13:04 - 00109400 _____ () E:\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-11-10 19:15 - 2014-05-13 13:04 - 00416600 _____ () E:\Spybot - Search & Destroy 2\DEC150.bpl
2016-11-10 19:15 - 2014-05-13 13:04 - 00167768 _____ () E:\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2012-08-22 12:54 - 2011-07-12 19:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2012-08-22 12:54 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2012-08-22 12:55 - 2011-09-26 19:36 - 00869376 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
2012-08-22 12:54 - 2012-03-21 12:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2012-08-22 12:56 - 2012-07-03 10:58 - 01124352 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
2012-08-22 12:54 - 2012-05-25 10:33 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2012-08-22 12:54 - 2012-05-28 21:27 - 01622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2012-08-22 12:54 - 2011-09-19 20:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2012-08-22 12:54 - 2011-07-21 09:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2012-08-22 12:54 - 2011-10-14 20:03 - 00885248 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2012-08-18 01:41 - 2010-08-23 04:17 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2012-08-22 12:54 - 2010-10-05 08:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2012-08-22 12:54 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2016-11-10 19:15 - 2012-08-23 11:38 - 00574840 _____ () E:\Spybot - Search & Destroy 2\sqlite3.dll
2016-11-10 19:15 - 2012-04-03 18:06 - 00565640 _____ () E:\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-10-12 21:02 - 2014-11-09 13:37 - 00056832 _____ () E:\RivaTuner Statistics Server\RTFC.dll
2015-10-12 21:02 - 2014-11-09 13:37 - 00353792 _____ () E:\RivaTuner Statistics Server\RTUI.dll
2015-10-12 21:02 - 2014-11-09 13:37 - 00071680 _____ () E:\RivaTuner Statistics Server\RTMUI.dll
2012-08-22 12:56 - 2012-07-02 14:57 - 00151552 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\gep.dll
2012-08-22 12:56 - 2012-05-10 16:38 - 00786432 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\func.dll
2012-08-22 12:56 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\pngio.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData:gs5sys [2560]
AlternateDataStreams: C:\Users\All Users:gs5sys [2560]
AlternateDataStreams: C:\Users\Gn*****:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939 [116]
AlternateDataStreams: C:\ProgramData\Templates:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Vorlagen:gs5sys [2560]
AlternateDataStreams: C:\Users\Gn*****\Anwendungsdaten:gs5sys [2048]
AlternateDataStreams: C:\Users\Gn*****\Cookies:gs5sys [2048]
AlternateDataStreams: C:\Users\Gn*****\Lokale Einstellungen:gs5sys [2560]
AlternateDataStreams: C:\Users\Gn*****\Vorlagen:gs5sys [2560]
AlternateDataStreams: C:\Users\Gn*****\AppData\Local:gs5sys [2560]
AlternateDataStreams: C:\Users\Gn*****\AppData\Roaming:gs5sys [2048]
AlternateDataStreams: C:\Users\Gn*****\AppData\Local\Anwendungsdaten:gs5sys [2560]
AlternateDataStreams: C:\Users\Gn*****\AppData\Local\Verlauf:gs5sys [2048]
AlternateDataStreams: C:\Users\Gn*****\Documents\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [2560]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7916 mehr Seiten.
IE trusted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\123simsen.com -> www.123simsen.com
Da befinden sich 7916 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2017-03-22 01:54 - 00453364 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15560 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gn*****\AppData\Roaming\Microsoft\Windows\Themes
\TranscodedWallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: mi-raysat_3dsmax2013_64 => 2
MSCONFIG\startupfolder: C:^Users^Gn*****^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Magician.lnk => C:\Windows\pss\Samsung
Magician.lnk.Startup
MSCONFIG\startupreg: ADSK DLMSession => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Gn*****\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASUS WiFi GO! FileTransfer Execute => C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CCleaner Monitoring => "E:\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: iTunesHelper => "F:\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PWRISOVM.EXE => E:\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: QuickTime Task => "E:\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
MSCONFIG\startupreg: Steam => "F:\Steam\steam.exe" -silent
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet
wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{016F80FE-C302-4F29-BC5E-9451C52D80F9}] => (Allow) LPort=2869
FirewallRules: [{E6E22D10-5198-4041-85EE-197578FAEC11}] => (Allow) LPort=1900
FirewallRules: [{FBB67428-966A-4562-93B9-7BA422253549}] => (Allow) E:\Microsoft Office\Office12\outlook.exe
FirewallRules: [TCP Query User{4298D2A8-F37F-499A-B4C6-B7679B7A5B0E}C:\program files (x86)\asus\ai suite ii\ai suite ii.exe] => (Allow) C:\program files
(x86)\asus\ai suite ii\ai suite ii.exe
FirewallRules: [UDP Query User{0CADB4BC-B892-46CD-A323-E3BF8CD5E8A9}C:\program files (x86)\asus\ai suite ii\ai suite ii.exe] => (Allow) C:\program files
(x86)\asus\ai suite ii\ai suite ii.exe
FirewallRules: [{80EBF83D-A15D-4835-8235-B3731DD2A976}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{56A330DA-7BE4-4551-982A-B56D0643625D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{FA144840-2272-44C9-AC45-CAE0225138F0}] => (Allow) LPort=2869
FirewallRules: [{DD27145A-EB3C-4CA1-8DEF-AC1084922D7C}] => (Allow) LPort=1900
FirewallRules: [{24294484-424B-4CD2-8B80-88B311825858}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{DB602AA0-5713-4ACF-8D56-99FDE20E29C1}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{909811AA-FE21-4E87-9618-F16014DC91C0}] => (Allow) C:\Users\Gn*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{405C3E08-0FBD-4133-A640-8AFA2B09BB8F}] => (Allow) C:\Users\Gn*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5B15CC1B-2576-498E-A5C3-CF627E634C19}] => (Allow) C:\Users\Gn*****\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5A8D62C7-36C1-49F5-806E-450C41355897}] => (Allow) C:\Users\Gn*****\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6A119D62-B3B6-4779-976F-07FF9E237692}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{C49904E1-714B-47D1-973C-B9ECC834F412}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{31A860DC-9264-44FE-9322-8B35E9565612}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8616A330-54E7-4B6B-8130-F6242D41EB90}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C2556F9E-27D8-4AE6-AF66-9A57257AC537}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9F19DA25-3C03-4B25-A852-5C98BEC86783}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{05E08E86-32FA-4312-97CF-F8E4BB60302A}] => (Allow) E:\Luxology\modo\701_sp2\modo.exe
FirewallRules: [{EC50B753-A9F3-4183-81E0-C164174A19FB}] => (Allow) E:\Luxology\modo\701_sp2\modo.exe
FirewallRules: [TCP Query User{776530B4-6523-4632-ABEC-E91CBA919747}E:\luxology\modo\701_sp2\modo.exe] => (Block) E:\luxology\modo\701_sp2\modo.exe
FirewallRules: [UDP Query User{2E243218-E465-45FC-B4D8-0D0B43E296AA}E:\luxology\modo\701_sp2\modo.exe] => (Block) E:\luxology\modo\701_sp2\modo.exe
FirewallRules: [TCP Query User{F5A79786-421D-437B-BD41-3688E55AB50A}F:\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) F:\steam\steamapps\common
\assettocorsa\acs.exe
FirewallRules: [UDP Query User{57D1538B-101C-4E2E-8864-B8BE7EE79C0F}F:\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) F:\steam\steamapps\common
\assettocorsa\acs.exe
FirewallRules: [{A4CAD7B4-1AD9-4FC0-83FE-0AA2BC366AED}] => (Allow) F:\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [{DBB0E75D-C8FF-4AB7-8EA4-8B8229CF99A8}] => (Allow) F:\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [{606FEF5A-AF81-4C84-9D3A-CD1220A79A80}] => (Allow) F:\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [{C0E5F6E2-9D3F-4AAB-927F-12D9B336E6EF}] => (Allow) F:\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [{F1005D1E-3171-46EF-A0A4-D8B4896357B3}] => (Allow) F:\iTunes\iTunes.exe
FirewallRules: [TCP Query User{E02B6371-7604-4DFF-911D-FC33501A6C96}F:\steam\steamapps\common\assettocorsa\acshowroom.exe] => (Allow) F:\steam\steamapps\common
\assettocorsa\acshowroom.exe
FirewallRules: [UDP Query User{795E19FC-D956-426C-83BD-86D55304C9B0}F:\steam\steamapps\common\assettocorsa\acshowroom.exe] => (Allow) F:\steam\steamapps\common
\assettocorsa\acshowroom.exe
FirewallRules: [{0C68527A-EC3B-4409-87AC-781416318F67}] => (Allow) F:\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [{C67B50D8-B6E0-46E8-A0C2-21BD320E741F}] => (Allow) F:\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [TCP Query User{DE9B9F31-1692-4B50-8A2C-459711F0E259}E:\vlc\vlc.exe] => (Allow) E:\vlc\vlc.exe
FirewallRules: [UDP Query User{EA1C13D4-308B-4F3E-A0C6-02E9E7294F37}E:\vlc\vlc.exe] => (Allow) E:\vlc\vlc.exe
FirewallRules: [TCP Query User{5635B7C6-7874-4ABE-968B-8C5E4E710F5D}G:\sierra\homeworld\homeworld.exe] => (Allow) G:\sierra\homeworld\homeworld.exe
FirewallRules: [UDP Query User{E288270F-7B3E-4204-9E63-0A4E0F903E4C}G:\sierra\homeworld\homeworld.exe] => (Allow) G:\sierra\homeworld\homeworld.exe
FirewallRules: [{C42053BD-2DE2-4170-AE1F-3C2EF62B884F}] => (Allow) F:\Steam\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{989BC131-1F8B-4227-A3CB-0687A9C2F761}] => (Allow) F:\Steam\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [TCP Query User{55193628-2554-43DE-9273-53CF64B531E5}E:\mozilla firefox\firefox.exe] => (Block) E:\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{1590720A-98BD-423E-806E-F548DC04BA1E}E:\mozilla firefox\firefox.exe] => (Block) E:\mozilla firefox\firefox.exe
FirewallRules: [{96C790E9-E1DB-4F32-90BC-BD37D5FC718D}] => (Allow) F:\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{930CEC4F-3F02-4464-AA91-D28E591E5D5B}] => (Allow) F:\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{11EB5CBF-4D12-4764-8C14-3706D521C06F}] => (Allow) F:\Steam\SteamApps\common\pCars\pCARS64.exe
FirewallRules: [{1EA4F9F8-1B82-4D80-A441-573AC24E9969}] => (Allow) F:\Steam\SteamApps\common\pCars\pCARS64.exe
FirewallRules: [{94A15276-EA91-45EF-87BE-753A5FFDDC91}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{533D84F9-97B8-41E4-A32A-52643EF3808A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{62BFF4F8-AD4A-4BFA-8F5F-C7380BD7553C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E8BCD9BE-EA99-49A9-9F9B-0BD0A660DA19}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{4E713FDF-0487-409D-898C-5E6E16742354}G:\cod 5\codwawmp.exe] => (Block) G:\cod 5\codwawmp.exe
FirewallRules: [UDP Query User{771081E5-E5FA-4A74-965C-2BFCF99D842E}G:\cod 5\codwawmp.exe] => (Block) G:\cod 5\codwawmp.exe
FirewallRules: [TCP Query User{17B13A5F-9F07-4093-A5FF-FBAFAA7FFD6B}G:\tf2\tf2 lan edition\hl2.exe] => (Block) G:\tf2\tf2 lan edition\hl2.exe
FirewallRules: [UDP Query User{8D8FE4CC-DDC6-4F14-B50A-24720600599A}G:\tf2\tf2 lan edition\hl2.exe] => (Block) G:\tf2\tf2 lan edition\hl2.exe
FirewallRules: [{45BE3D13-0056-4D15-83A6-934E2CCFCF16}] => (Allow) E:\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{121D2407-3FC2-4C66-BFF6-001D8195A716}] => (Allow) E:\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [TCP Query User{3F3C1BF5-D053-4BFD-999A-0606729366CB}F:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) F:\minecraft\runtime\jre-
x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{D371ADF8-F3C7-465F-9A96-F828752D2CE5}F:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) F:\minecraft\runtime\jre-
x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{F522DEF9-9261-496D-BB99-44192EF2D5B3}H:\warcraft iii\war3.exe] => (Allow) H:\warcraft iii\war3.exe
FirewallRules: [UDP Query User{02C5255A-3A9A-4E89-90B0-414C40FF9D21}H:\warcraft iii\war3.exe] => (Allow) H:\warcraft iii\war3.exe
FirewallRules: [TCP Query User{C5FF3445-0A08-47B6-BE2E-DFE40B2A9A5C}H:\left 4 dead 2\left4dead2.exe] => (Block) H:\left 4 dead 2\left4dead2.exe
FirewallRules: [UDP Query User{BAFBDB79-7895-41C8-B6ED-B87D38C430E4}H:\left 4 dead 2\left4dead2.exe] => (Block) H:\left 4 dead 2\left4dead2.exe
FirewallRules: [TCP Query User{9DEB3C3C-65FB-4C9B-81F4-C04296D27175}H:\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Allow) H:\tom clancy's
rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [UDP Query User{A62F7852-9A8D-4831-86A2-710C037C778D}H:\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Allow) H:\tom clancy's
rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [{129BE3BB-BED6-4C5C-995E-3538A88CF2FC}] => (Allow) F:\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{C7C13F38-D992-45C9-B16B-422969673B2C}] => (Allow) F:\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{F1430781-0C61-479D-A7DE-C6478CFEF83C}] => (Allow) F:\Steam\SteamApps\common\AMSBeta\AMS.exe
FirewallRules: [{7706DF69-D09B-450E-8953-921F97FA7F71}] => (Allow) F:\Steam\SteamApps\common\AMSBeta\AMS.exe
FirewallRules: [{B8E4EFEA-C3E3-4DFF-A8BE-13EC7427DE7F}] => (Allow) F:\Steam\SteamApps\common\AMSBeta\AMS Dedicated.exe
FirewallRules: [{D8DC94E3-01FC-4AB6-90F7-58F4FF9873F2}] => (Allow) F:\Steam\SteamApps\common\AMSBeta\AMS Dedicated.exe
FirewallRules: [{4DB47EF5-8FEB-4EB9-A390-30A9787D760D}] => (Allow) F:\Steam\SteamApps\common\AMSBeta\AMS Config.exe
FirewallRules: [{0F97988E-46B7-493E-90F1-52134C8382FD}] => (Allow) F:\Steam\SteamApps\common\AMSBeta\AMS Config.exe
FirewallRules: [{E1743A0C-CB7F-4CE7-816C-80A4B9D0A75E}] => (Allow) F:\Steam\SteamApps\common\Automobilista\AMS.exe
FirewallRules: [{3CF37731-1818-4031-BD0F-6F64736A21F9}] => (Allow) F:\Steam\SteamApps\common\Automobilista\AMS.exe
FirewallRules: [{CB33D222-7289-4128-8E0D-DB258C83B8C7}] => (Allow) F:\Steam\SteamApps\common\Automobilista\AMS Config.exe
FirewallRules: [{2BFFF923-192C-49BB-8FE7-21DCF8FE3C4E}] => (Allow) F:\Steam\SteamApps\common\Automobilista\AMS Config.exe
FirewallRules: [{8098B2BF-E1DE-451B-AAC6-2AE931F27FF0}] => (Allow) F:\Steam\SteamApps\common\Automobilista\AMS Dedicated.exe
FirewallRules: [{62A1C4AB-1B29-499B-89F8-EF388D76ECDE}] => (Allow) F:\Steam\SteamApps\common\Automobilista\AMS Dedicated.exe
FirewallRules: [{05FBB345-4311-4633-83C7-95E45A4C5F32}] => (Allow) E:\Mozilla Firefox\firefox.exe
FirewallRules: [{5DF2A42E-E5A2-49D5-B547-7CE2904CE823}] => (Allow) E:\Mozilla Firefox\firefox.exe
FirewallRules: [{2889A2C1-6CBC-4752-8F0F-37BE0888BB5D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A01E5043-B03E-42F2-AE1B-4D651CB3276A}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6ED83AE2-CF5B-4491-9B59-9629ED5C6606}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{41AA060D-C933-401E-820B-2535BDCEF019}] => (Allow) H:\Steam\steamapps\common\rFactor 2\Launcher\Launch rFactor.exe
FirewallRules: [{89132D40-225A-444E-AAFA-5D428745FC4F}] => (Allow) H:\Steam\steamapps\common\rFactor 2\Launcher\Launch rFactor.exe
FirewallRules: [TCP Query User{E1DB7630-CB5A-41C2-BC20-2A1A6F43C8E2}F:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) F:\minecraft\runtime\jre-
x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8ADDF18D-583D-4E4D-8518-13A26CD8723A}F:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) F:\minecraft\runtime\jre-
x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{0C588CEA-0D94-4080-B0D3-81F33BB366FE}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files\java
\jre1.8.0_111\bin\javaw.exe
FirewallRules: [UDP Query User{A9BE1B03-CD7D-4E53-BCA8-0EC6E1F85EF2}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files\java
\jre1.8.0_111\bin\javaw.exe
FirewallRules: [TCP Query User{C50CAAE7-CD38-421C-A11C-1D7A316B6086}H:\grim dawn\grim dawn.exe] => (Allow) H:\grim dawn\grim dawn.exe
FirewallRules: [UDP Query User{171CEBA3-D364-40F2-B623-21A7223E0FC4}H:\grim dawn\grim dawn.exe] => (Allow) H:\grim dawn\grim dawn.exe
FirewallRules: [TCP Query User{9F4D9389-5728-492C-95DA-D9101BCB55DC}H:\arma iii\arma3.exe] => (Allow) H:\arma iii\arma3.exe
FirewallRules: [UDP Query User{25D0F19C-939A-4E67-BCE8-583010D06AE9}H:\arma iii\arma3.exe] => (Allow) H:\arma iii\arma3.exe
FirewallRules: [TCP Query User{1D48DCB4-77D1-4DF1-9EC9-166F8306EB23}H:\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Block) H:\tom clancy's
rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [UDP Query User{399B1562-E1E3-4561-926A-190183636942}H:\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Block) H:\tom clancy's
rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [TCP Query User{F3FD1533-720A-4FAD-8AAA-BD5E85EC2025}H:\killingfloor 1\system\killingfloor.exe] => (Allow) H:\killingfloor 1\system
\killingfloor.exe
FirewallRules: [UDP Query User{7D04470C-CF1A-4DB5-BBF6-3CAE99616F8C}H:\killingfloor 1\system\killingfloor.exe] => (Allow) H:\killingfloor 1\system
\killingfloor.exe
FirewallRules: [TCP Query User{A95577B3-2D86-48D3-ABAB-A5F9E670FB02}H:\arma iii\arma3.exe] => (Allow) H:\arma iii\arma3.exe
FirewallRules: [UDP Query User{B318CBBC-9C3D-4252-AF3A-6546348ECA6F}H:\arma iii\arma3.exe] => (Allow) H:\arma iii\arma3.exe
FirewallRules: [TCP Query User{A5A1310A-D9C0-4342-A951-8EF3A2739DF1}G:\tf2\tf2 lan edition\hl2.exe] => (Allow) G:\tf2\tf2 lan edition\hl2.exe
FirewallRules: [UDP Query User{1551C3FD-DD88-49EF-9FD8-63B976A77982}G:\tf2\tf2 lan edition\hl2.exe] => (Allow) G:\tf2\tf2 lan edition\hl2.exe
FirewallRules: [TCP Query User{EDECED75-6AA3-4D79-8F71-40F855939053}H:\grim dawn\grim dawn.exe] => (Allow) H:\grim dawn\grim dawn.exe
FirewallRules: [UDP Query User{4616A99A-FE22-4824-8ED4-DE9441C6760A}H:\grim dawn\grim dawn.exe] => (Allow) H:\grim dawn\grim dawn.exe
FirewallRules: [TCP Query User{BF6E3206-E828-4972-B115-8797016230EB}G:\cod 5\codwawmp.exe] => (Allow) G:\cod 5\codwawmp.exe
FirewallRules: [UDP Query User{533EDC38-0EE5-4952-A1C8-F54CCBAE9A70}G:\cod 5\codwawmp.exe] => (Allow) G:\cod 5\codwawmp.exe
FirewallRules: [TCP Query User{1672E9FC-A92A-4557-9275-733583316AAD}H:\killing floor 2\binaries\win64\kfgame.exe] => (Allow) H:\killing floor 2\binaries
\win64\kfgame.exe
FirewallRules: [UDP Query User{5439EF92-1817-4554-A312-BFE385D192B0}H:\killing floor 2\binaries\win64\kfgame.exe] => (Allow) H:\killing floor 2\binaries
\win64\kfgame.exe
FirewallRules: [{175844F9-1D95-45A7-8E9C-27B011CDDE38}] => (Allow) H:\Steam\steamapps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [{C817703A-B3C1-493E-9173-3B162B30A819}] => (Allow) H:\Steam\steamapps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [TCP Query User{0FB27A19-6D1F-4EA3-859D-B3FFB7F531D9}H:\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) H:\steam\steamapps\common
\assettocorsa\acs.exe
FirewallRules: [UDP Query User{F59BF70E-316B-4304-B05B-4BBD16D70F81}H:\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) H:\steam\steamapps\common
\assettocorsa\acs.exe
FirewallRules: [{45F8F6F3-38E7-4AF6-933A-CE32ACA20F67}] => (Allow) H:\Steam\steamapps\common\For Honor\forhonor.exe
FirewallRules: [{7899DB83-533E-4046-9A54-E19060E18881}] => (Allow) H:\Steam\steamapps\common\For Honor\forhonor.exe
FirewallRules: [{7DBB8CAF-0D77-429A-BFF3-CED817171D43}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{590F34E7-3A5F-44BF-8EF4-71E88B27142F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{907528BB-37C5-48B5-A18C-327138C619A8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E65F440A-F4DD-4FAE-ADF8-0FF9AB77F532}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6FC0C7B5-7255-4AEA-A91B-4E053461954E}] => (Allow) L:\SteamLibrary\steamapps\common\For Honor\forhonor.exe
FirewallRules: [{95A57ACB-BAC3-49A2-B3F8-55976EBA8B1A}] => (Allow) L:\SteamLibrary\steamapps\common\For Honor\forhonor.exe
FirewallRules: [{C6D0B454-542C-4B61-9A96-653B3709DCCE}] => (Allow) L:\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [{C8C2ADE0-C480-45DD-AD72-16B2D8C017DE}] => (Allow) L:\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [{22B725F4-0257-4385-BEEA-D9A4D93F42B9}] => (Allow) L:\SteamLibrary\steamapps\common\rFactor 2\Launcher\Launch rFactor.exe
FirewallRules: [{3DB608E6-7E26-4F2E-8EFB-9AA083C42ADD}] => (Allow) L:\SteamLibrary\steamapps\common\rFactor 2\Launcher\Launch rFactor.exe
FirewallRules: [{378C2C08-7B08-4267-9330-6B2B3D4233E6}] => (Allow) F:\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{FA8AFE8A-D8C4-49A3-8B85-8CE0F51A7F16}] => (Allow) F:\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{C98B13C1-811E-464B-B1C7-7AC4661EF64F}] => (Allow) F:\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{D21EDF57-0C04-492D-99EE-FA4D9F48C6C7}] => (Allow) F:\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [TCP Query User{E010852E-1A03-4101-BE76-9639B03EF393}L:\steamlibrary\steamapps\common\rfactor 2\bin64\rfactor2.exe] => (Allow) L:\steamlibrary
\steamapps\common\rfactor 2\bin64\rfactor2.exe
FirewallRules: [UDP Query User{713AE10E-A629-4C0E-A2DD-431E3CC918F7}L:\steamlibrary\steamapps\common\rfactor 2\bin64\rfactor2.exe] => (Allow) L:\steamlibrary
\steamapps\common\rfactor 2\bin64\rfactor2.exe
FirewallRules: [{1836A596-3F4F-49FC-A6C8-032B2C7439AD}] => (Allow) F:\Steam\SteamApps\common\rFactor 2\Launcher\Launch rFactor.exe
FirewallRules: [{2DF1CABB-722E-4C01-BC24-B17710121DDB}] => (Allow) F:\Steam\SteamApps\common\rFactor 2\Launcher\Launch rFactor.exe
FirewallRules: [TCP Query User{9BE2E7AE-8C84-442A-9317-33B7595F8327}F:\steam\steamapps\common\rfactor 2\bin64\rfactor2.exe] => (Allow) F:\steam\steamapps\common
\rfactor 2\bin64\rfactor2.exe
FirewallRules: [UDP Query User{90315690-86BF-4E98-8CF0-07CF99787E2F}F:\steam\steamapps\common\rfactor 2\bin64\rfactor2.exe] => (Allow) F:\steam\steamapps\common
\rfactor 2\bin64\rfactor2.exe
FirewallRules: [{ED8BD539-3195-486E-8C25-B7F880E86140}] => (Allow) F:\Steam\SteamApps\common\AMSBeta\SeasonTool\SeasonTool.exe
FirewallRules: [{62073AD5-EA48-4CBD-B1FA-5A361CDC6FE9}] => (Allow) F:\Steam\SteamApps\common\AMSBeta\SeasonTool\SeasonTool.exe
FirewallRules: [{450F5957-281F-4EB5-927E-DCBDA3621024}] => (Allow) F:\Steam\SteamApps\common\Automobilista\SeasonTool\SeasonTool.exe
FirewallRules: [{A822ECA3-14DC-456C-9D77-F2574D3CAE87}] => (Allow) F:\Steam\SteamApps\common\Automobilista\SeasonTool\SeasonTool.exe
FirewallRules: [TCP Query User{3EC583F6-A91D-469E-9BB0-A5EED3137E57}L:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) L:\steamlibrary\steamapps
\common\assettocorsa\acs.exe
FirewallRules: [UDP Query User{E62596F4-FD2C-4A19-B7AA-26348B6E4459}L:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) L:\steamlibrary\steamapps
\common\assettocorsa\acs.exe
FirewallRules: [{28AD0A46-13E8-44F9-BEDE-11A3D9A08993}] => (Allow) F:\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{703A5FCC-AE0F-4810-89E6-2226EA54CDBB}] => (Allow) F:\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{D78F562B-96F1-489A-8571-DDD85B6E2B4F}] => (Allow) F:\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{F9A3625A-CF45-4E7B-946C-483AC22B00F4}] => (Allow) F:\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
StandardProfile\AuthorizedApplications: [E:\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [E:\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [E:\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [E:\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
18-07-2017 18:42:41 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Microsoft Loopbackadapter
Description: Microsoft Loopbackadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: msloop
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/23/2017 12:31:37 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "e:\CCleaner\CCleaner.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Error: (07/23/2017 12:23:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname WG-260.local already in use; will try WG-284.local instead
Error: (07/23/2017 12:23:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 1; will deregister 4 WG-260.local. Addr 192.168.178.10
Error: (07/23/2017 12:23:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.10:5353 16 WG-260.local. AAAA 2003:00EE:E3C6:D800:397E:8CDB:D3E6:4322
Error: (07/23/2017 12:23:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 WG-260.local. AAAA FE80:0000:0000:0000:397E:8CDB:D3E6:4322
Error: (07/23/2017 12:23:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.10:5353 16 WG-260.local. AAAA 2003:00EE:E3C6:D800:397E:8CDB:D3E6:4322
Error: (07/23/2017 12:23:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Ignoring response received before we even began probing: 4 WG-260.local. Addr 192.168.178.10
Error: (07/23/2017 12:23:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ResolveSimultaneousProbe: 0000000001748930 Our Record 1 won: 84E8A98E 16 WG-260.local. AAAA FE80:0000:0000:0000:397E:8CDB:D3E6:4322
Error: (07/23/2017 12:23:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ResolveSimultaneousProbe: 0000000001748930 Pkt Record: 20C0A8B4 16 WG-260.local. AAAA 2003:00EE:E3C6:D800:397E:8CDB:D3E6:4322
Error: (07/23/2017 12:23:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ResolveSimultaneousProbe: 0000000001748930 Our Record 1 lost: 0035BA50 4 WG-260.local. Addr 192.168.178.10
Systemfehler:
=============
Error: (07/23/2017 12:21:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (07/23/2017 12:21:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (07/23/2017 12:20:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-19) für Benutzer NT-AUTORITÄT\LOKALER DIENST von Adresse LocalHost
(unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{22279AF5-03AE-4CAF-989D-2530918B2F1C}
und APPID
{0773CCD6-59A2-4D26-B235-19247767E645}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (07/23/2017 12:20:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-19) für Benutzer NT-AUTORITÄT\LOKALER DIENST von Adresse LocalHost
(unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{22279AF5-03AE-4CAF-989D-2530918B2F1C}
und APPID
{0773CCD6-59A2-4D26-B235-19247767E645}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (07/22/2017 11:03:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (07/22/2017 11:03:18 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (07/22/2017 11:02:46 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-19) für Benutzer NT-AUTORITÄT\LOKALER DIENST von Adresse LocalHost
(unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{22279AF5-03AE-4CAF-989D-2530918B2F1C}
und APPID
{0773CCD6-59A2-4D26-B235-19247767E645}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (07/22/2017 11:02:46 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-19) für Benutzer NT-AUTORITÄT\LOKALER DIENST von Adresse LocalHost
(unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{22279AF5-03AE-4CAF-989D-2530918B2F1C}
und APPID
{0773CCD6-59A2-4D26-B235-19247767E645}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (07/21/2017 06:19:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (07/21/2017 06:19:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
CodeIntegrity:
===================================
Date: 2017-07-23 12:29:23.661
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener
Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-07-23 12:20:54.563
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener
Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-07-22 11:02:54.004
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener
Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-07-21 18:19:34.837
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener
Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-07-20 18:25:56.073
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener
Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-07-19 18:53:00.356
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener
Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-07-19 18:24:21.482
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener
Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-07-19 18:01:20.174
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener
Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-07-18 18:37:20.895
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener
Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-07-17 23:19:01.261
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener
Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 24%
Installierter physikalischer RAM: 16339.18 MB
Verfügbarer physikalischer RAM: 12332.33 MB
Summe virtueller Speicher: 18385.36 MB
Verfügbarer virtueller Speicher: 13948.41 MB
==================== Laufwerke ================================
Drive c: (Windows 7) (Fixed) (Total:107.24 GB) (Free:53.15 GB) NTFS
Drive e: (Programme) (Fixed) (Total:97.66 GB) (Free:62.16 GB) NTFS
Drive f: (FunPlace) (Fixed) (Total:341.8 GB) (Free:75.92 GB) NTFS
Drive g: (Diverse) (Fixed) (Total:492.06 GB) (Free:154.52 GB) NTFS
Drive k: (Diverse) (Fixed) (Total:128.9 GB) (Free:91.14 GB) NTFS
Drive l: (StorageNew) (Fixed) (Total:103.98 GB) (Free:24.8 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 8E44248D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=107.2 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F1FA884D)
Partition 1: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=341.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=492.1 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 232.9 GB) (Disk ID: 0ADD0ADD)
Partition 1: (Not Active) - (Size=128.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=104 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
23.07.2017, 13:51
| #3 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | LavasoftTCPService.dll - Web Companion Komponente eingefangenZitat:
Gewerblich genutzter Rechner oder gibt es einen anderen dafür, dass auf deinen (privaten?) PC solche Programme drauf sind?
__________________ |
|
23.07.2017, 14:05
| #4 |
| | LavasoftTCPService.dll - Web Companion Komponente eingefangen Nein der ist nicht gewerblich genutzt, ist mein privater Rechner. Die CAD Software Komponenten sind noch aus meinem letzten Job und müssten Überreste sein von der Autodesk Product Design Suite. Bei gewerblich genutzten Autodesk Programmen gibt es die Möglichkeit Lizenzen für den privaten Gebrauch zu beantragen. Das hatte ich damals auf dem Rechner um auch zuhause was machen zu können. Lizenzen laufen aber immer nach 12 Monaten aus. Die Navisworks Komponente ist damals bei der Deinstallation fehlgeschlagen. Genauso die Office Enterprise Suite ist noch von damals. Windows 7 Professional hab ich so gekauft als OEM Version. Beste Grüße |
|
23.07.2017, 14:37
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | LavasoftTCPService.dll - Web Companion Komponente eingefangen Dann versteh ich aber immer noch nicht, warum der alte Arbeitgeber dir auf privatem Kram seine Bürosoftware installieren musste... Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
23.07.2017, 16:39
| #6 | |
| | LavasoftTCPService.dll - Web Companion Komponente eingefangenZitat:
 Mbar Logfile nach erstem Scan: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2017.07.23.03
rootkit: v2017.05.27.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18738
Gnartsch :: WG-260 [administrator]
23.07.2017 16:54:47
mbar-log-2017-07-23 (16-54-47).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 372990
Time elapsed: 13 minute(s), 13 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 2
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\TBDELTA.EXETOOLBAR783881609.EXE (RiskWare.IFEOHijack) -> Delete on reboot. [e7c80564f9b0a78f412a28edf10fd030]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\TBDELTA.EXETOOLBAR783881609.EXE (RiskWare.IFEOHijack) -> Delete on reboot. [efc089e0fdacb87ecaa1ee2726da9769]
Registry Values Detected: 2
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\tbdelta.exetoolbar783881609.exe|debugger (RiskWare.IFEOHijack) -> Data: tasklist.exe -> Delete on reboot. [e7c80564f9b0a78f412a28edf10fd030]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\tbdelta.exetoolbar783881609.exe|debugger (RiskWare.IFEOHijack) -> Data: tasklist.exe -> Delete on reboot. [efc089e0fdacb87ecaa1ee2726da9769]
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2017.07.23.03
rootkit: v2017.05.27.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18738
Gnartsch :: WG-260 [administrator]
23.07.2017 17:16:27
mbar-log-2017-07-23 (17-16-27).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 371431
Time elapsed: 14 minute(s), 30 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
 Kann ich die beiden Dateien im Verzeichnis C:\Windows\SysWOW64\ LavasoftTcpService.dll LavasoftTcpServiceOff.ini manuell löschen? Mich beschleicht das Gefühl, dass der IE mir die Tür sperrangelweit offen lässt für Bedrohungen. Ich benutze sowieso nur Firefox. Steam meckert mir aber immer noch die Lavasoft Komponenten an. "Eine inkompatible Version von LavasoftTCPService.dll (in Bezug zu Lavasoft Web Companion) wurde innerhalb des Steam-Prozesses erkannt. Wir empfehlen, diese Software zu aktualisieren oder zu entfernen, wenn es beim Ausführen von Steam oder einzelnen Spielen zu Abstürzen oder Netzverzögerungen kommt." Geändert von Scarealemon (23.07.2017 um 16:46 Uhr) |
|
23.07.2017, 23:07
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | LavasoftTCPService.dll - Web Companion Komponente eingefangen Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner v7 Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.07.2017, 18:02
| #8 |
| | LavasoftTCPService.dll - Web Companion Komponente eingefangen Hi, da bin ich wieder. Hier das Logfile von AdwCleaner: Code:
ATTFilter # AdwCleaner 7.0.0.0 - Logfile created on Mon Jul 24 16:34:16 2017
# Updated on 2017/17/07 by Malwarebytes
# Running on Windows 7 Professional (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\Windows\System32\config\systemprofile\AppData\Local\LavasoftTcpService
***** [ Files ] *****
Deleted: C:\Windows\System32\lavasofttcpservice.dll
Deleted: C:\Windows\System32\LavasoftTcpServiceOff.ini
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
No malicious registry entries deleted.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [4483 B] - [2017/7/24 16:2:41]
C:/AdwCleaner/AdwCleaner[C1].txt - [1650 B] - [2017/7/24 16:26:39]
C:/AdwCleaner/AdwCleaner[S0].txt - [4718 B] - [2017/7/24 16:1:8]
C:/AdwCleaner/AdwCleaner[S1].txt - [1433 B] - [2017/7/24 16:23:44]
C:/AdwCleaner/AdwCleaner[S2].txt - [1404 B] - [2017/7/24 16:30:7]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt ##########
nicht komplett löschen. Logfile von JRT: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Professional x64
Ran by Gn****** (Administrator) on 24.07.2017 at 18:49:02,33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 30
Successfully deleted: C:\Users\Gn******\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0IN5L4MZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gn******\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C02OINV7 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gn******\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DBLVGIUG (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gn******\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G7W9N358 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gn******\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GJC165HY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gn******\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HBVUPBWT (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gn******\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J2UB2V18 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gn******\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JSFTDNLZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gn******\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LN8GBKHP (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gn******\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N49E2ZYS (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gn******\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q5M97ZD7 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gn******\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QFE9R2RU (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gn******\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QIVBNQO1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gn******\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T240YKC2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Gn******\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WJ5H8KZQ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0IN5L4MZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C02OINV7 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DBLVGIUG (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G7W9N358 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GJC165HY (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HBVUPBWT (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J2UB2V18 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JSFTDNLZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LN8GBKHP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N49E2ZYS (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q5M97ZD7 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QFE9R2RU (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QIVBNQO1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T240YKC2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WJ5H8KZQ (Temporary Internet Files Folder)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.07.2017 at 18:49:41,36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
24.07.2017, 21:08
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | LavasoftTCPService.dll - Web Companion Komponente eingefangen Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.07.2017, 21:40
| #10 |
| | LavasoftTCPService.dll - Web Companion Komponente eingefangen FRST Log: FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-07-2017
durchgeführt von Gn****** (Administrator) auf WG-260 (24-07-2017 22:35:48)
Gestartet von C:\Users\Gn******\Downloads\FRST
Geladene Profile: Gn****** & Administrator (Verfügbare Profile: Gn****** & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Nero AG) E:\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() E:\MSI Afterburner\MSIAfterburner.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Safer-Networking Ltd.) E:\Spybot - Search & Destroy 2\SDTray.exe
(Piriform Ltd) E:\CCleaner\CCleaner64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() E:\HTC\HTC Sync Manager\HTC Sync\adb.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Safer-Networking Ltd.) E:\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) E:\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Safer-Networking Ltd.) E:\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() E:\RivaTuner Statistics Server\RTSS.exe
() E:\RivaTuner Statistics Server\EncoderServer64.exe
() E:\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) E:\Mozilla Firefox\firefox.exe
(Mozilla Corporation) E:\Mozilla Firefox\firefox.exe
(Mozilla Corporation) E:\Mozilla Firefox\firefox.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamuseragent.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2016-12-02] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21]
(Intel Corporation)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-
3D323D69C677}\AiChargerPlus.exe [465536 2011-10-31] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-04-13] (Razer Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-13] (Avira Operations GmbH &
Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [918008 2017-07-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SDTray] => E:\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\Run: [CCleaner Monitoring] => E:\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy
\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\Run: [Spybot-S&D Cleaning] => E:\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-
Networking Ltd.)
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\Policies\Explorer: []
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: H - H:\AUTORUN.EXE
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {611a43f2-4ce1-11e2-b2c5-94dbc940e75f} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {660695fb-3f74-11e2-8d9d-94dbc940e75f} - J:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {7176c1a5-4047-11e2-a158-c86000e22cc1} - J:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {74e0857a-56a5-11e2-b1d9-94dbc940e75f} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {74e08595-56a5-11e2-b1d9-c86000e22cc1} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {74e085a7-56a5-11e2-b1d9-c86000e22cc1} - H:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {74e085bc-56a5-11e2-b1d9-c86000e22cc1} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {87994de8-3b45-11e3-9e56-c86000e22cc1} - I:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {90f4cafc-3e4a-11e2-9d19-94dbc940e75f} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {90f4cb0c-3e4a-11e2-9d19-94dbc940e75f} - J:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {90f4cb41-3e4a-11e2-9d19-c86000e22cc1} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {90f4cb83-3e4a-11e2-9d19-c86000e22cc1} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {97b2a9f8-58f0-11e2-ab2c-94dbc940e75f} - H:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {d64e0e01-407f-11e2-a01c-94dbc940e75f} - L:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {e392c4ec-a8bd-11e5-abb3-c86000e22cc1} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {f1871499-2a06-11e5-97ea-c86000e22cc1} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {f3950a4f-57ee-11e2-b622-c86000e22cc1} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft
Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag
handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Internet Explorer:
==================
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-386634515-4225027544-3189603330-1000 -> DefaultScope {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q=
{searchTerms}
SearchScopes: HKU\S-1-5-21-386634515-4225027544-3189603330-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-04-21] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
[2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-21] (Oracle
Corporation)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2015-10-19] (pdfforge
GmbH)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live
\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Gn******\AppData\Roaming\Mozilla\Firefox\Profiles\63ip853m.default [2017-07-24]
FF NewTab: Mozilla\Firefox\Profiles\63ip853m.default -> hxxp://www.google.de
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\63ip853m.default -> Google
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\63ip853m.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\63ip853m.default -> hxxp://www.google.de
FF NetworkProxy: Mozilla\Firefox\Profiles\63ip853m.default -> type", 0
FF Extension: (Avira Browser Safety) - C:\Users\Gn******\AppData\Roaming\Mozilla\Firefox\Profiles\63ip853m.default\Extensions\abs@avira.com.xpi [2017-07-17]
FF Extension: (MEGA) - C:\Users\Gn******\AppData\Roaming\Mozilla\Firefox\Profiles\63ip853m.default\Extensions\firefox@mega.co.nz.xpi [2017-07-12]
FF Extension: (Adblock Plus) - C:\Users\Gn******\AppData\Roaming\Mozilla\Firefox\Profiles\63ip853m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2017-06-07]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2015-11-19] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-15] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei]
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> F:\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[2012-01-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-04-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-04-01] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> E:\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2015-10-19] (pdfforge GmbH)
StartMenuInternet: FIREFOX.EXE - E:\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet
wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-07-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-07-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-07-13] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1524216 2017-07-13] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-02-02] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe [324608 2012-05-18] (ASUSTeK Computer Inc.) [Datei
ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [249312 2016-12-02] (DTS, Inc)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [399120 2017-04-18] (EasyAntiCheat Ltd)
S3 GalaxyClientService; E:\GOG Galaxy\GalaxyClientService.exe [284224 2016-11-22] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2016-11-22] (GOG.com)
R2 HTCMonitorService; E:\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-04-02] (Nero AG)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160768 2011-05-27] (Intel Corporation) [Datei ist nicht
signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-04-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation)
S3 Origin Client Service; F:\Origin\OriginClientService.exe [2147216 2017-05-03] (Electronic Arts)
S2 Origin Web Helper Service; F:\Origin\OriginWebHelperService.exe [3116440 2017-05-03] (Electronic Arts)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [99616 2014-03-05] (Overwolf LTD)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Datei ist nicht signiert]
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2015-10-19] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2015-10-19] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2015-10-19] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2017-04-18] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
R2 SDScannerService; E:\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; E:\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; E:\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet
wird.)
R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [64504 2017-06-20] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [185032 2017-06-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [149976 2017-06-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-02] (Avira Operations GmbH & Co. KG)
S3 DFX11_0; C:\Windows\System32\drivers\dfx11_0x64.sys [28008 2012-08-16] (Windows (R) Win 7 DDK provider)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [216576 2009-09-04] (Huawei Technologies Co., Ltd.)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [29672 2013-01-13] (REALiX(tm))
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [76840 2017-04-01] (NVIDIA Corporation)
R3 RTCore64; E:\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R2 WinRing0_1_2_0; C:\Users\Gn******\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries25.gadget\WinRing0x64.sys [14544 2012-08-17] (OpenLibSys.org)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet
wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-24 18:09 - 2017-07-24 18:49 - 00005523 _____ C:\Users\Gn******\Desktop\JRT.txt
2017-07-24 18:07 - 2017-07-24 18:56 - 00000000 ____D C:\Users\Gn******\Downloads\JRT
2017-07-24 17:58 - 2017-07-24 18:34 - 00000000 ____D C:\AdwCleaner
2017-07-24 17:58 - 2017-07-24 17:58 - 00000000 ____D C:\Users\Gn******\Downloads\adwcleaner
2017-07-23 16:51 - 2017-07-23 16:52 - 00000000 ____D C:\Users\Gn******\Downloads\mbar
2017-07-23 16:45 - 2017-07-23 16:45 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Gn******\Downloads\mbar-1.09.3.1001.exe
2017-07-23 12:30 - 2017-07-24 22:35 - 00000000 ____D C:\FRST
2017-07-17 19:30 - 2017-07-17 19:30 - 00863744 _____ (Farbar) C:\Windows\mod_frst.exe
2017-07-16 15:00 - 2017-07-24 22:35 - 00000000 ____D C:\Users\Gn******\Downloads\FRST
2017-07-13 20:57 - 2017-07-13 20:57 - 00195541 _____ C:\Users\Gn******\Downloads\20170713_Vergleichsrechnung.pdf
2017-07-12 18:59 - 2017-06-30 06:15 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-07-12 18:59 - 2017-06-30 05:32 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 02319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 02222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 02058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-07-12 18:59 - 2017-06-30 04:40 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-07-12 18:59 - 2017-06-30 04:40 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-07-12 18:59 - 2017-06-30 04:39 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-07-12 18:59 - 2017-06-30 04:39 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-07-12 18:59 - 2017-06-30 04:38 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-07-12 18:59 - 2017-06-30 04:38 - 01363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-07-12 18:59 - 2017-06-30 04:38 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-07-12 18:59 - 2017-06-30 04:38 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-07-12 18:59 - 2017-06-30 04:38 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-07-12 18:59 - 2017-06-30 04:38 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-07-12 18:59 - 2017-06-30 04:38 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-07-12 18:59 - 2017-06-30 04:38 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-07-12 18:59 - 2017-06-30 04:27 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-07-12 18:59 - 2017-06-30 04:27 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-07-12 18:59 - 2017-06-30 04:26 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-07-12 18:59 - 2017-06-30 04:26 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-07-12 18:59 - 2017-06-29 08:27 - 25734656 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-07-12 18:59 - 2017-06-29 08:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-07-12 18:59 - 2017-06-29 08:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-07-12 18:59 - 2017-06-29 08:04 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-07-12 18:59 - 2017-06-29 08:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-07-12 18:59 - 2017-06-29 08:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-07-12 18:59 - 2017-06-29 08:02 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-07-12 18:59 - 2017-06-29 08:02 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-07-12 18:59 - 2017-06-29 08:02 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-07-12 18:59 - 2017-06-29 07:55 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-07-12 18:59 - 2017-06-29 07:54 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-07-12 18:59 - 2017-06-29 07:51 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-07-12 18:59 - 2017-06-29 07:50 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-07-12 18:59 - 2017-06-29 07:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-07-12 18:59 - 2017-06-29 07:50 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-07-12 18:59 - 2017-06-29 07:50 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-07-12 18:59 - 2017-06-29 07:44 - 05975552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-07-12 18:59 - 2017-06-29 07:43 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-07-12 18:59 - 2017-06-29 07:39 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-07-12 18:59 - 2017-06-29 07:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-07-12 18:59 - 2017-06-29 07:31 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-07-12 18:59 - 2017-06-29 07:31 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-07-12 18:59 - 2017-06-29 07:30 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-07-12 18:59 - 2017-06-29 07:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-07-12 18:59 - 2017-06-29 07:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-07-12 18:59 - 2017-06-29 07:23 - 20270592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-07-12 18:59 - 2017-06-29 07:23 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-07-12 18:59 - 2017-06-29 07:23 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-07-12 18:59 - 2017-06-29 07:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-07-12 18:59 - 2017-06-29 07:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-07-12 18:59 - 2017-06-29 07:22 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-07-12 18:59 - 2017-06-29 07:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-07-12 18:59 - 2017-06-29 07:22 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-07-12 18:59 - 2017-06-29 07:19 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-07-12 18:59 - 2017-06-29 07:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-07-12 18:59 - 2017-06-29 07:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-07-12 18:59 - 2017-06-29 07:14 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-07-12 18:59 - 2017-06-29 07:13 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-07-12 18:59 - 2017-06-29 07:13 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-07-12 18:59 - 2017-06-29 07:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-07-12 18:59 - 2017-06-29 07:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-07-12 18:59 - 2017-06-29 07:09 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-07-12 18:59 - 2017-06-29 07:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-07-12 18:59 - 2017-06-29 07:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-07-12 18:59 - 2017-06-29 07:07 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-07-12 18:59 - 2017-06-29 07:05 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-07-12 18:59 - 2017-06-29 07:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-07-12 18:59 - 2017-06-29 07:00 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-07-12 18:59 - 2017-06-29 07:00 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-07-12 18:59 - 2017-06-29 06:58 - 15253504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-07-12 18:59 - 2017-06-29 06:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-07-12 18:59 - 2017-06-29 06:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-07-12 18:59 - 2017-06-29 06:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-07-12 18:59 - 2017-06-29 06:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-07-12 18:59 - 2017-06-29 06:53 - 03240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-07-12 18:59 - 2017-06-29 06:52 - 04549632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-07-12 18:59 - 2017-06-29 06:48 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-07-12 18:59 - 2017-06-29 06:47 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-07-12 18:59 - 2017-06-29 06:46 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-07-12 18:59 - 2017-06-29 06:46 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-07-12 18:59 - 2017-06-29 06:43 - 13663744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-07-12 18:59 - 2017-06-29 06:41 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-07-12 18:59 - 2017-06-29 06:29 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-07-12 18:59 - 2017-06-29 06:28 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-07-12 18:59 - 2017-06-29 06:24 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-07-12 18:59 - 2017-06-29 06:23 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-07-12 18:59 - 2017-06-22 16:58 - 03223040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-07-12 18:59 - 2017-06-15 22:23 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-07-12 18:59 - 2017-06-13 00:54 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-07-12 18:59 - 2017-06-13 00:54 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-07-12 18:59 - 2017-06-13 00:54 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-07-12 18:59 - 2017-06-13 00:49 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 01363456 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2017-07-12 18:59 - 2017-06-13 00:49 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-07-12 18:59 - 2017-06-13 00:29 - 01227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2017-07-12 18:59 - 2017-06-13 00:29 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-07-12 18:59 - 2017-06-13 00:29 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2017-07-12 18:59 - 2017-06-13 00:29 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2017-07-12 18:59 - 2017-06-13 00:29 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-07-12 18:59 - 2017-06-13 00:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-07-12 18:59 - 2017-06-13 00:29 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-07-12 18:59 - 2017-06-13 00:29 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-07-12 18:59 - 2017-06-13 00:19 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-07-12 18:59 - 2017-06-13 00:14 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2017-07-12 18:59 - 2017-06-13 00:14 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2017-07-12 18:59 - 2017-06-13 00:14 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
2017-07-12 18:59 - 2017-06-13 00:12 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-07-12 18:59 - 2017-06-13 00:12 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-07-12 18:59 - 2017-06-13 00:12 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-07-12 18:59 - 2017-06-13 00:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-07-12 18:59 - 2017-06-13 00:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-07-12 18:59 - 2017-06-13 00:06 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2017-07-12 18:59 - 2017-06-13 00:06 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
2017-07-12 18:59 - 2017-06-13 00:06 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resmon.exe
2017-07-12 18:59 - 2017-06-13 00:05 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-07-12 18:59 - 2017-06-10 17:59 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-07-12 18:59 - 2017-06-10 17:39 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-07-12 18:59 - 2017-06-09 17:33 - 01680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-07-12 18:59 - 2017-06-06 17:30 - 01867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-07-12 18:59 - 2017-06-06 17:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-07-12 18:59 - 2017-05-30 06:56 - 01895656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-07-12 18:59 - 2017-05-30 06:56 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-07-12 18:59 - 2017-05-30 06:56 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-07-12 18:59 - 2017-05-21 06:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-07-12 18:59 - 2017-05-21 06:06 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-07-12 18:59 - 2017-05-16 17:35 - 00986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-07-12 18:59 - 2017-05-16 17:35 - 00265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-07-12 18:59 - 2017-05-16 17:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-07-12 18:58 - 2017-05-03 17:34 - 00094952 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-07-12 18:58 - 2017-05-03 17:29 - 01206272 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-07-12 18:58 - 2017-05-03 15:05 - 01555968 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-07-12 18:58 - 2017-05-03 15:05 - 00620544 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-07-12 18:58 - 2017-05-03 15:05 - 00535552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-07-12 18:58 - 2017-05-03 15:05 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-07-12 18:58 - 2017-05-03 15:05 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-07-12 18:58 - 2017-05-03 15:05 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-07-12 18:58 - 2017-05-03 15:05 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-07-12 18:58 - 2017-03-23 04:06 - 01691136 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-07-08 13:29 - 2017-07-08 13:29 - 00268579 _____ C:\Users\Gn******\Downloads\0408_ttc_18tfsi_118.pdf
2017-07-08 13:24 - 2017-07-08 13:24 - 00118330 _____ C:\Users\Gn******\Downloads\step_50400_50700.pdf
2017-07-08 13:22 - 2017-07-08 13:22 - 01646397 _____ C:\Users\Gn******\Downloads\ams0715_058_2.pdf
2017-07-08 13:20 - 2017-07-08 13:20 - 00171395 _____ C:\Users\Gn******\Downloads\step_50200_50500.pdf
2017-07-08 12:21 - 2017-07-08 12:21 - 00129100 _____ C:\Users\Gn******\Downloads\LM_AN_INFO_0104_D_Bremsenquietschen.pdf
2017-07-02 12:58 - 2017-07-02 12:58 - 00035802 _____ C:\Users\Gn******\Downloads\Kontoauszug_700786587600_2017-07-01_0627.pdf
2017-07-02 12:57 - 2017-07-02 12:57 - 00021035 _____ C:\Users\Gn******\Downloads\Abrechnung_700786587600_2017-07-01_1011.pdf
2017-07-01 17:09 - 2017-07-01 17:09 - 01167932 _____ C:\Users\Gn******\Downloads\Kaufvertrag-WAUZZZ8V8GA088893.pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-24 20:07 - 2013-10-16 21:05 - 00000000 ____D C:\Users\Gn******\AppData\Roaming\uTorrent
2017-07-24 19:24 - 2014-12-02 20:05 - 00022528 _____ C:\Users\Gn******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-24 19:13 - 2011-04-12 09:43 - 00702964 _____ C:\Windows\system32\perfh007.dat
2017-07-24 19:13 - 2011-04-12 09:43 - 00150604 _____ C:\Windows\system32\perfc007.dat
2017-07-24 19:13 - 2009-07-14 07:13 - 01629436 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-24 19:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-07-24 19:12 - 2009-07-14 06:45 - 00031872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-24 19:12 - 2009-07-14 06:45 - 00031872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-07-24 19:07 - 2016-09-04 21:36 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-24 19:06 - 2016-11-22 20:02 - 00000000 ____D C:\Users\Gn******\AppData\LocalLow\Mozilla
2017-07-24 19:04 - 2013-10-22 23:42 - 00000000 ____D C:\Users\Gn******\AppData\Local\HTC MediaHub
2017-07-24 19:04 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-24 18:50 - 2012-09-08 13:30 - 00000000 ____D C:\Temp
2017-07-24 18:46 - 2015-07-23 02:34 - 00002984 _____ C:\Windows\System32\Tasks\MSIAfterburner
2017-07-24 18:17 - 2016-11-10 19:15 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-07-24 07:24 - 2013-11-06 21:12 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-07-23 17:15 - 2014-10-03 12:39 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-07-23 17:15 - 2014-10-03 12:38 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-07-23 17:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\IME
2017-07-19 18:38 - 2015-07-26 19:45 - 00000000 ____D C:\Users\Gn******\Downloads\hjt
2017-07-17 21:40 - 2012-08-21 20:15 - 00000000 ____D C:\Users\Gn******\AppData\Roaming\vlc
2017-07-14 20:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2017-07-13 21:38 - 2013-04-25 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-07-13 19:27 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-07-13 19:27 - 2009-07-14 06:45 - 00466296 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-12 23:02 - 2014-12-09 21:30 - 00000000 ____D C:\Windows\system32\appraiser
2017-07-12 22:40 - 2015-11-01 16:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-07-12 19:01 - 2013-07-11 17:37 - 00000000 ____D C:\Windows\system32\MRT
2017-07-12 19:00 - 2012-08-16 23:34 - 135225752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-07-11 18:01 - 2013-11-28 22:27 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-01 21:01 - 2013-01-18 09:42 - 00000000 ____D C:\Windows\Minidump
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-12-02 20:05 - 2017-07-24 19:24 - 0022528 _____ () C:\Users\Gn******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-10-07 19:23 - 2015-04-25 12:31 - 1065984 _____ () C:\Users\Gn******\AppData\Local\file__0.localstorage
2013-12-08 22:17 - 2013-12-08 22:17 - 0003072 _____ () C:\Users\Gn******\AppData\Local\http_www.youtube.com_0.localstorage
2012-08-21 01:09 - 2016-11-06 16:15 - 0007610 _____ () C:\Users\Gn******\AppData\Local\Resmon.ResmonCfg
2016-12-31 13:50 - 2016-12-31 13:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-08-18 01:45 - 2012-08-18 01:46 - 0000498 _____ () C:\ProgramData\Gpu.log
2012-09-08 13:28 - 2012-09-08 13:28 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2017-01-05 13:15 - 2017-04-15 15:08 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log
2017-01-05 13:15 - 2017-04-15 01:36 - 0005504 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
Einige Dateien in TEMP:
====================
2015-02-07 14:48 - 2015-02-07 14:48 - 0000000 ____D () C:\Users\Administrator.WG-260\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-07-22 11:44
==================== Ende von FRST.txt ============================
|
|
24.07.2017, 21:41
| #11 |
| | LavasoftTCPService.dll - Web Companion Komponente eingefangen Addition Log FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-07-2017
durchgeführt von Gn****** (24-07-2017 22:36:02)
Gestartet von C:\Users\Gn******\Downloads\FRST
Windows 7 Professional Service Pack 1 (X64) (2012-08-16 20:57:26)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-386634515-4225027544-3189603330-500 - Administrator - Enabled) => C:\Users\Administrator.WG-260
Gast (S-1-5-21-386634515-4225027544-3189603330-501 - Limited - Disabled)
Gn****** (S-1-5-21-386634515-4225027544-3189603330-1000 - Administrator - Enabled) => C:\Users\Gn******
HomeGroupUser$ (S-1-5-21-386634515-4225027544-3189603330-1003 - Limited - Enabled)
lan (S-1-5-21-386634515-4225027544-3189603330-1005 - Limited - Disabled)
Vybz (S-1-5-21-386634515-4225027544-3189603330-1004 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.4.402.265 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.04.04 - ASUSTeK Computer Inc.)
Alien: Isolation (HKLM-x32\...\Steam App 214490) (Version: - Creative Assembly)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 381.65 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
Assetto Corsa (HKLM\...\Steam App 244210) (Version: - Kunos Simulazioni)
Assetto Corsa (HKLM-x32\...\Steam App 244210) (Version: - Kunos Simulazioni)
Autodesk Navisworks 2013 64 bit Exporter Plug-ins (HKLM\...\{DE7FFE23-D092-5379-B83C-0E27FF07E329}) (Version: 10.0.840.82 - Autodesk) Hidden
Autodesk Navisworks 2013 64 bit Exporter Plug-ins (HKLM\...\Autodesk Navisworks 2013 64 bit Exporter Plug-ins) (Version: 10.0.840.82 - Autodesk)
Autodesk Navisworks 2013 64-Bit-Exportmodul-Plugins Language Pack - Deutsch (HKLM\...\{907A3175-B78E-0407-A98B-0A97BDE8A59C}) (Version: 10.0.831.95 - Autodesk) Hidden
Autodesk Navisworks 2013 64-Bit-Exportmodul-Plugins Language Pack - Deutsch (HKLM\...\Autodesk Navisworks 2013 64-Bit-Exportmodul-Plugins Language Pack - Deutsch) (Version: 10.0.831.95 - Autodesk)
Automobilista (HKLM-x32\...\Steam App 431600) (Version: - Reiza Studios)
Automobilista Beta (HKLM-x32\...\Steam App 388990) (Version: - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.28.28 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{661C79C2-D156-419C-81CA-D1A2523B0841}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG) Hidden
Avira Connect (HKLM-x32\...\{dd9049b8-31d1-40bd-8c8c-97a7b087a78f}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG)
Batman: Arkham City™ (HKLM-x32\...\{57520FA0-A73E-4165-BCA2-D71000038301}) (Version: 1.0.0003.131 - WB Games) Hidden
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.49.52296 - Electronic Arts)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CAD Loader (HKLM-x32\...\CDLKit) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CrewChiefV4 (HKLM-x32\...\{18A1E8CC-8D11-4364-8BCA-459DB119AB0D}) (Version: 4.6.4.9 - Britton IT Ltd)
Dropbox (HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dying Light (HKLM-x32\...\Steam App 239140) (Version: - Techland)
For Honor (HKLM\...\Steam App 304390) (Version: - Ubisoft Montreal)
G4E (HKLM-x32\...\{A700F154-3C6E-9572-3E7B-B1730FDA27AD}) (Version: 1.8 - Netdiffusion Limited) Hidden
G4E (HKLM-x32\...\G4E) (Version: 1.8 - Netdiffusion Limited)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Homeworld (HKLM-x32\...\Homeworld) (Version: - )
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.64.0 - HTC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) Network Connections 19.5.303.0 (HKLM\...\PROSetDX) (Version: 19.5.303.0 - Intel)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Killing Floor 2 Digital Deluxe Edition MULTi2 1.0 (HKLM-x32\...\Killing Floor 2 Digital Deluxe Edition MULTi2 1.0) (Version: 1.0 - .x.X.RIDDICK.X.x.)
League of Legends (HKLM-x32\...\{517CC397-B22F-4593-8DCB-DE72CC541E9A}) (Version: 3.0.1 - Riot Games ) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Luxology modo 701_sp2 64-bit build 61434 (HKLM-x32\...\701_sp2_64) (Version: - )
MechWarrior Online (HKLM-x32\...\{F8511A0F-D91D-4E3D-A59C-3CA8FB8EAFE8}) (Version: 1.2.0.0 - Piranha Games Inc.) Hidden
MechWarrior Online (HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\{74d11f91-05cc-44f6-8e49-94fe7f33c79b}) (Version: 1.2.0.0 - Piranha Games Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft HPC Pack 2008 R2 MS-MPI Redistributable Pack (HKLM\...\{D3299935-57F7-403A-9D7B-0B8F9F56F44B}) (Version: 3.4.4169.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 (HKLM-x32\...\{EDEA8AB7-7683-4ED2-AA19-E6C078064C0D}) (Version: 3.0.5305.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
modo 701 content (HKLM-x32\...\modo701_Content) (Version: - )
Mozilla Firefox 49.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 de)) (Version: 49.0.2 - Mozilla)
Mozilla Firefox 54.0.1 (x86 de) (HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2 - Mozilla)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 381.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 381.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.9.38188 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\{FB83467F-D8EB-43E6-8B3D-860B045C1C52}) (Version: 0.51.325 - Overwolf)
PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.26.25466 - pdfforge GmbH)
PDF Architect 4 Create Module (HKLM\...\{373FD974-6F3C-4946-99BA-B9E6E2608DE2}) (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (HKLM\...\{5FF218A5-86BC-420A-A44A-66EA7C234068}) (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (HKLM\...\{A8104CED-8954-4311-9894-FC1E0FDE3ACB}) (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.1 - pdfforge)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.4 - Power Software Ltd)
Project CARS (HKLM-x32\...\Steam App 234630) (Version: - Slightly Mad Studios)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RaceRoom Racing Experience (HKLM-x32\...\Steam App 211500) (Version: - Sector3 Studios)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.413 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8004 - Realtek Semiconductor Corp.)
rFactor 2 (HKLM\...\Steam App 365960) (Version: - Studio 397)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TF2 lan edition (HKLM-x32\...\TF2 lan edition) (Version: - )
The Forest (HKLM-x32\...\Steam App 242760) (Version: - Endnight Games Ltd)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 25.0 - Ubisoft)
VBA (2627.01) (HKLM-x32\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (HKLM-x32\...\{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.0 - Sysprogs)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gn******\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{01971695-16C8-4886-9742-ADC79A269444}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{07474513-7B58-45c7-B3E6-13A3669B1AFD}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> E:\Autodesk\AutoCAD Mechanical 2012\acad.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{6E1B07CC-8C0F-46F1-B993-FA20D1C368C3}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> E:\Autodesk\AutoCAD Mechanical 2012\acad.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> E:\Autodesk\AutoCAD Mechanical 2012\acad.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> E:\Autodesk\AutoCAD Mechanical 2012\acad.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{DEF63C56-2AB9-4284-A400-CDD81AED639E}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gn******\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gn******\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gn******\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gn******\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gn******\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gn******\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gn******\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gn******\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-386634515-4225027544-3189603330-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gn******\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-06-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gn******\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-06-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gn******\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-06-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gn******\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-06-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gn******\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [2014-06-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gn******\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [2014-06-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gn******\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [2014-06-24] (Dropbox, Inc.)
ContextMenuHandlers01: [PDFArchitect4_ManagerExt] -> {3AECFCB3-8472-48E9-BC7B-5A3CD945C886} => C:\Program Files\PDF Architect 4\creator-context-menu.dll [2015-10-19] (pdfforge GmbH)
ContextMenuHandlers01: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => E:\PowerISO\PWRISOSH.DLL [2012-08-17] (Power Software Ltd)
ContextMenuHandlers01: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => E:\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers01: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => E:\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers01: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-07-13] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers01: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => E:\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-06-03] (Sysprogs OU)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Keine Datei
ContextMenuHandlers04: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => E:\PowerISO\PWRISOSH.DLL [2012-08-17] (Power Software Ltd)
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-03-26] (Intel Corporation)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-04-01] (NVIDIA Corporation)
ContextMenuHandlers06: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => E:\PowerISO\PWRISOSH.DLL [2012-08-17] (Power Software Ltd)
ContextMenuHandlers06: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => E:\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers06: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => E:\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers06: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-07-13] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Keine Datei
ContextMenuHandlers6_.DEFAULT: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} => -> Keine Datei
ContextMenuHandlers1_S-1-5-21-386634515-4225027544-3189603330-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gn******\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-06-24] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-386634515-4225027544-3189603330-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gn******\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-06-24] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-386634515-4225027544-3189603330-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gn******\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-06-24] (Dropbox, Inc.)
ContextMenuHandlers6_S-1-5-21-386634515-4225027544-3189603330-1000: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} => -> Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02A23F7E-D115-4CFE-BC88-16FF6BF469E3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {0B5B5F2D-AF91-49D2-8D49-BE03692995A3} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {17FBE060-3E42-454A-B3B0-1C1CD6B79304} - System32\Tasks\SamsungMagician => E:\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {1DBA3E92-4A8B-4803-9E6C-6F7E9235E7A9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {202BFEC4-0F7B-4EBF-81A1-0B0AC99D4108} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => E:\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {26A32B09-291F-426F-981F-1ACA2DA5106E} - System32\Tasks\CCleanerSkipUAC => E:\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {426BC857-EB3C-44F2-B180-51C1FE1FF8B0} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {465AEF5B-E50C-4F7E-A234-DD32120D28EF} - System32\Tasks\MSIAfterburner => E:\MSI Afterburner\MSIAfterburner.exe [2014-12-06] ()
Task: {53D10CDF-4AE2-4CF1-92A8-658F0CC589DA} - System32\Tasks\{87A7183B-CBA3-40C2-BDD1-CB7961B16DFA} => C:\Windows\system32\pcalua.exe -a C:\Users\Gn******\AppData\Local\Temp\jre-8u101-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ACHTUNG
Task: {54F2D8FD-3856-42E2-AD79-867BC90CF111} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {5856CF62-7BB4-4351-A9AD-471CA6F43DF5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {63CC8441-8BA9-4C10-83AB-D750CBEFF045} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => E:\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {776F4982-9A7D-4A9C-9BD8-D06D7EA74A40} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe
Task: {8A1D861D-DE98-43BF-8CE3-6A88BB52B204} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {8F917E2C-5814-4770-957D-BC991EFEECBD} - System32\Tasks\{D3CF6318-E097-4075-8E76-A04606C4ED57} => "e:\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.6.64.103/de/abandoninstall?page=tsProgressBar
Task: {98B7BA9B-70AD-4B49-B4AE-4B3886986159} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2012-05-02] (ASUSTeK Computer Inc.)
Task: {B312C95A-90DC-4052-84C7-29A135B33115} - System32\Tasks\{C25B44FD-4EE0-4298-B2F8-CA4C94F57F13} => C:\Windows\system32\pcalua.exe -a C:\Users\Gn******\Downloads\Huawei_WindowsDriver(3.05.00.00)\DriverSetup.exe -d C:\Users\Gn******\Downloads\Huawei_WindowsDriver(3.05.00.00)
Task: {C452C5D5-20BD-4F9B-A5AE-704232B894F0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => E:\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {C5B7E1C6-97E8-42B7-8602-8397093BDE41} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {C87A6F46-97A8-44EC-8498-8CB574DBF263} - System32\Tasks\{1AD5778D-B9CF-49F4-BCA4-988C5081CA3A} => C:\Windows\system32\pcalua.exe -a "H:\Killing Floor 2\Uninstall.exe"
Task: {D3FD010F-BAB8-409C-807B-99BA9E787B4A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {F43EA08C-1AD1-4552-84E4-075436ADDD0B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {FD5794BA-C746-4B05-958A-AACFB7F41192} - System32\Tasks\{3520D453-BC23-4BB5-BF74-5BE957B9B13E} => C:\Windows\system32\pcalua.exe -a C:\Users\Gn******\AppData\Local\Temp\jre-8u77-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-08-22 12:54 - 2012-06-01 17:42 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2016-09-11 17:12 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-10-12 21:02 - 2014-11-09 13:37 - 00402432 _____ () E:\RivaTuner Statistics Server\RTSSHooks64.dll
2015-10-12 21:01 - 2014-12-06 09:03 - 00565760 _____ () E:\MSI Afterburner\MSIAfterburner.exe
2015-10-12 20:55 - 2014-12-13 00:24 - 00047104 _____ () E:\CCleaner\lang\lang-1031.dll
2015-11-24 17:12 - 2015-11-24 17:12 - 00821240 _____ () E:\HTC\HTC Sync Manager\HTC Sync\adb.exe
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2017-04-18 00:44 - 2017-04-18 01:07 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-09-25 00:20 - 2016-09-25 00:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-10-12 21:02 - 2014-11-09 13:37 - 00197632 _____ () E:\RivaTuner Statistics Server\RTSS.exe
2015-10-12 21:02 - 2014-11-09 13:37 - 00031232 _____ () E:\RivaTuner Statistics Server\EncoderServer64.exe
2015-10-12 21:02 - 2014-11-09 13:37 - 00088576 _____ () E:\RivaTuner Statistics Server\RTSSHooksLoader64.exe
2017-05-14 12:45 - 2017-05-03 22:20 - 00034424 _____ () C:\Program Files\NVIDIA Corporation\nvstreamsrv\boost_system-vc120-mt-1_58.dll
2017-05-14 12:45 - 2017-05-03 22:20 - 00920184 _____ () C:\Program Files\NVIDIA Corporation\nvstreamsrv\boost_regex-vc120-mt-1_58.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-22 12:54 - 2017-07-24 19:04 - 00029696 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2012-08-22 12:54 - 2010-06-29 10:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-05-27 13:42 - 2014-05-27 13:42 - 00031080 _____ () E:\HTC\HTC Sync Manager\DbAccess.dll
2015-11-24 17:02 - 2015-11-24 17:02 - 00604288 _____ () E:\HTC\HTC Sync Manager\sqlite3.dll
2014-05-27 13:43 - 2014-05-27 13:43 - 00059752 _____ () E:\HTC\HTC Sync Manager\NAdvLog.dll
2014-05-27 13:42 - 2014-05-27 13:42 - 00036216 _____ () E:\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-05-27 13:43 - 2014-05-27 13:43 - 00080248 _____ () E:\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-05-27 13:44 - 2014-05-27 13:44 - 00129376 _____ () E:\HTC\HTC Sync Manager\zlib1.dll
2014-05-27 13:45 - 2014-05-27 13:45 - 00223592 _____ () E:\HTC\HTC Sync Manager\DevConnMon.dll
2016-09-11 17:12 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-10-12 21:02 - 2014-11-09 13:37 - 00356864 _____ () E:\RivaTuner Statistics Server\RTSSHooks.dll
2015-10-12 21:01 - 2014-12-06 09:01 - 00071680 _____ () E:\MSI Afterburner\RTMUI.dll
2015-10-12 21:01 - 2014-12-06 09:01 - 00056832 _____ () E:\MSI Afterburner\RTFC.dll
2015-10-12 21:01 - 2014-12-06 09:02 - 00217600 _____ () E:\MSI Afterburner\RTCore.dll
2015-10-12 21:01 - 2014-12-06 09:01 - 00353792 _____ () E:\MSI Afterburner\RTUI.dll
2015-10-12 21:01 - 2014-12-06 09:02 - 00649216 _____ () E:\MSI Afterburner\RTHAL.dll
2017-01-16 13:40 - 2017-01-16 13:40 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2016-11-10 19:15 - 2014-05-13 13:04 - 00109400 _____ () E:\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-11-10 19:15 - 2014-05-13 13:04 - 00416600 _____ () E:\Spybot - Search & Destroy 2\DEC150.bpl
2016-11-10 19:15 - 2014-05-13 13:04 - 00167768 _____ () E:\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2012-08-22 12:54 - 2011-07-12 19:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2012-08-22 12:54 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2012-08-22 12:55 - 2011-09-26 19:36 - 00869376 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
2012-08-22 12:54 - 2012-03-21 12:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2012-08-22 12:56 - 2012-07-03 10:58 - 01124352 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
2012-08-22 12:54 - 2012-05-25 10:33 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2012-08-22 12:54 - 2012-05-28 21:27 - 01622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2012-08-22 12:54 - 2011-09-19 20:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2012-08-22 12:54 - 2011-07-21 09:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2012-08-22 12:54 - 2011-10-14 20:03 - 00885248 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2012-08-18 01:41 - 2010-08-23 04:17 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2012-08-22 12:54 - 2010-10-05 08:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2012-08-22 12:54 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2016-11-10 19:15 - 2012-08-23 11:38 - 00574840 _____ () E:\Spybot - Search & Destroy 2\sqlite3.dll
2016-11-10 19:15 - 2012-04-03 18:06 - 00565640 _____ () E:\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-10-12 21:02 - 2014-11-09 13:37 - 00056832 _____ () E:\RivaTuner Statistics Server\RTFC.dll
2015-10-12 21:02 - 2014-11-09 13:37 - 00353792 _____ () E:\RivaTuner Statistics Server\RTUI.dll
2015-10-12 21:02 - 2014-11-09 13:37 - 00071680 _____ () E:\RivaTuner Statistics Server\RTMUI.dll
2012-08-22 12:56 - 2012-07-02 14:57 - 00151552 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\gep.dll
2012-08-22 12:56 - 2012-05-10 16:38 - 00786432 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\func.dll
2012-08-22 12:56 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\pngio.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData:gs5sys [2560]
AlternateDataStreams: C:\Users\All Users:gs5sys [2560]
AlternateDataStreams: C:\Users\Gn******:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939 [116]
AlternateDataStreams: C:\ProgramData\Templates:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Vorlagen:gs5sys [2560]
AlternateDataStreams: C:\Users\Gn******\Anwendungsdaten:gs5sys [2048]
AlternateDataStreams: C:\Users\Gn******\Cookies:gs5sys [2048]
AlternateDataStreams: C:\Users\Gn******\Lokale Einstellungen:gs5sys [2560]
AlternateDataStreams: C:\Users\Gn******\Vorlagen:gs5sys [2560]
AlternateDataStreams: C:\Users\Gn******\AppData\Local:gs5sys [2560]
AlternateDataStreams: C:\Users\Gn******\AppData\Roaming:gs5sys [2048]
AlternateDataStreams: C:\Users\Gn******\AppData\Local\Anwendungsdaten:gs5sys [2560]
AlternateDataStreams: C:\Users\Gn******\AppData\Local\Verlauf:gs5sys [2048]
AlternateDataStreams: C:\Users\Gn******\Documents\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [2560]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7916 mehr Seiten.
IE trusted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\123simsen.com -> www.123simsen.com
Da befinden sich 7916 mehr Seiten.
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-500\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-500\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-500\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-500\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-500\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-500\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-500\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-500\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-500\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-500\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-500\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-500\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-500\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-500\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-500\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-500\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-500\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-500\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-500\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-386634515-4225027544-3189603330-500\...\123simsen.com -> www.123simsen.com
Da befinden sich 7916 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2017-03-22 01:54 - 00453364 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15560 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gn******\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-386634515-4225027544-3189603330-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator.WG-260\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: mi-raysat_3dsmax2013_64 => 2
MSCONFIG\startupfolder: C:^Users^Gn******^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Magician.lnk => C:\Windows\pss\Samsung Magician.lnk.Startup
MSCONFIG\startupreg: ADSK DLMSession => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Gn******\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASUS WiFi GO! FileTransfer Execute => C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CCleaner Monitoring => "E:\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: iTunesHelper => "F:\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PWRISOVM.EXE => E:\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: QuickTime Task => "E:\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
MSCONFIG\startupreg: Steam => "F:\Steam\steam.exe" -silent
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{016F80FE-C302-4F29-BC5E-9451C52D80F9}] => (Allow) LPort=2869
FirewallRules: [{E6E22D10-5198-4041-85EE-197578FAEC11}] => (Allow) LPort=1900
FirewallRules: [{FBB67428-966A-4562-93B9-7BA422253549}] => (Allow) E:\Microsoft Office\Office12\outlook.exe
FirewallRules: [TCP Query User{4298D2A8-F37F-499A-B4C6-B7679B7A5B0E}C:\program files (x86)\asus\ai suite ii\ai suite ii.exe] => (Allow) C:\program files (x86)\asus\ai suite ii\ai suite ii.exe
FirewallRules: [UDP Query User{0CADB4BC-B892-46CD-A323-E3BF8CD5E8A9}C:\program files (x86)\asus\ai suite ii\ai suite ii.exe] => (Allow) C:\program files (x86)\asus\ai suite ii\ai suite ii.exe
FirewallRules: [{80EBF83D-A15D-4835-8235-B3731DD2A976}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{56A330DA-7BE4-4551-982A-B56D0643625D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{FA144840-2272-44C9-AC45-CAE0225138F0}] => (Allow) LPort=2869
FirewallRules: [{DD27145A-EB3C-4CA1-8DEF-AC1084922D7C}] => (Allow) LPort=1900
FirewallRules: [{24294484-424B-4CD2-8B80-88B311825858}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{DB602AA0-5713-4ACF-8D56-99FDE20E29C1}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{909811AA-FE21-4E87-9618-F16014DC91C0}] => (Allow) C:\Users\Gn******\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{405C3E08-0FBD-4133-A640-8AFA2B09BB8F}] => (Allow) C:\Users\Gn******\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5B15CC1B-2576-498E-A5C3-CF627E634C19}] => (Allow) C:\Users\Gn******\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5A8D62C7-36C1-49F5-806E-450C41355897}] => (Allow) C:\Users\Gn******\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6A119D62-B3B6-4779-976F-07FF9E237692}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{C49904E1-714B-47D1-973C-B9ECC834F412}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{31A860DC-9264-44FE-9322-8B35E9565612}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8616A330-54E7-4B6B-8130-F6242D41EB90}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C2556F9E-27D8-4AE6-AF66-9A57257AC537}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9F19DA25-3C03-4B25-A852-5C98BEC86783}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{05E08E86-32FA-4312-97CF-F8E4BB60302A}] => (Allow) E:\Luxology\modo\701_sp2\modo.exe
FirewallRules: [{EC50B753-A9F3-4183-81E0-C164174A19FB}] => (Allow) E:\Luxology\modo\701_sp2\modo.exe
FirewallRules: [TCP Query User{776530B4-6523-4632-ABEC-E91CBA919747}E:\luxology\modo\701_sp2\modo.exe] => (Block) E:\luxology\modo\701_sp2\modo.exe
FirewallRules: [UDP Query User{2E243218-E465-45FC-B4D8-0D0B43E296AA}E:\luxology\modo\701_sp2\modo.exe] => (Block) E:\luxology\modo\701_sp2\modo.exe
FirewallRules: [TCP Query User{F5A79786-421D-437B-BD41-3688E55AB50A}F:\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) F:\steam\steamapps\common\assettocorsa\acs.exe
FirewallRules: [UDP Query User{57D1538B-101C-4E2E-8864-B8BE7EE79C0F}F:\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) F:\steam\steamapps\common\assettocorsa\acs.exe
FirewallRules: [{A4CAD7B4-1AD9-4FC0-83FE-0AA2BC366AED}] => (Allow) F:\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [{DBB0E75D-C8FF-4AB7-8EA4-8B8229CF99A8}] => (Allow) F:\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [{606FEF5A-AF81-4C84-9D3A-CD1220A79A80}] => (Allow) F:\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [{C0E5F6E2-9D3F-4AAB-927F-12D9B336E6EF}] => (Allow) F:\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [{F1005D1E-3171-46EF-A0A4-D8B4896357B3}] => (Allow) F:\iTunes\iTunes.exe
FirewallRules: [TCP Query User{E02B6371-7604-4DFF-911D-FC33501A6C96}F:\steam\steamapps\common\assettocorsa\acshowroom.exe] => (Allow) F:\steam\steamapps\common\assettocorsa\acshowroom.exe
FirewallRules: [UDP Query User{795E19FC-D956-426C-83BD-86D55304C9B0}F:\steam\steamapps\common\assettocorsa\acshowroom.exe] => (Allow) F:\steam\steamapps\common\assettocorsa\acshowroom.exe
FirewallRules: [{0C68527A-EC3B-4409-87AC-781416318F67}] => (Allow) F:\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [{C67B50D8-B6E0-46E8-A0C2-21BD320E741F}] => (Allow) F:\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [TCP Query User{DE9B9F31-1692-4B50-8A2C-459711F0E259}E:\vlc\vlc.exe] => (Allow) E:\vlc\vlc.exe
FirewallRules: [UDP Query User{EA1C13D4-308B-4F3E-A0C6-02E9E7294F37}E:\vlc\vlc.exe] => (Allow) E:\vlc\vlc.exe
FirewallRules: [TCP Query User{5635B7C6-7874-4ABE-968B-8C5E4E710F5D}G:\sierra\homeworld\homeworld.exe] => (Allow) G:\sierra\homeworld\homeworld.exe
FirewallRules: [UDP Query User{E288270F-7B3E-4204-9E63-0A4E0F903E4C}G:\sierra\homeworld\homeworld.exe] => (Allow) G:\sierra\homeworld\homeworld.exe
FirewallRules: [{C42053BD-2DE2-4170-AE1F-3C2EF62B884F}] => (Allow) F:\Steam\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{989BC131-1F8B-4227-A3CB-0687A9C2F761}] => (Allow) F:\Steam\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [TCP Query User{55193628-2554-43DE-9273-53CF64B531E5}E:\mozilla firefox\firefox.exe] => (Block) E:\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{1590720A-98BD-423E-806E-F548DC04BA1E}E:\mozilla firefox\firefox.exe] => (Block) E:\mozilla firefox\firefox.exe
FirewallRules: [{96C790E9-E1DB-4F32-90BC-BD37D5FC718D}] => (Allow) F:\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{930CEC4F-3F02-4464-AA91-D28E591E5D5B}] => (Allow) F:\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{11EB5CBF-4D12-4764-8C14-3706D521C06F}] => (Allow) F:\Steam\SteamApps\common\pCars\pCARS64.exe
FirewallRules: [{1EA4F9F8-1B82-4D80-A441-573AC24E9969}] => (Allow) F:\Steam\SteamApps\common\pCars\pCARS64.exe
FirewallRules: [{94A15276-EA91-45EF-87BE-753A5FFDDC91}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{533D84F9-97B8-41E4-A32A-52643EF3808A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{62BFF4F8-AD4A-4BFA-8F5F-C7380BD7553C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E8BCD9BE-EA99-49A9-9F9B-0BD0A660DA19}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{4E713FDF-0487-409D-898C-5E6E16742354}G:\cod 5\codwawmp.exe] => (Block) G:\cod 5\codwawmp.exe
FirewallRules: [UDP Query User{771081E5-E5FA-4A74-965C-2BFCF99D842E}G:\cod 5\codwawmp.exe] => (Block) G:\cod 5\codwawmp.exe
FirewallRules: [TCP Query User{17B13A5F-9F07-4093-A5FF-FBAFAA7FFD6B}G:\tf2\tf2 lan edition\hl2.exe] => (Block) G:\tf2\tf2 lan edition\hl2.exe
FirewallRules: [UDP Query User{8D8FE4CC-DDC6-4F14-B50A-24720600599A}G:\tf2\tf2 lan edition\hl2.exe] => (Block) G:\tf2\tf2 lan edition\hl2.exe
FirewallRules: [{45BE3D13-0056-4D15-83A6-934E2CCFCF16}] => (Allow) E:\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{121D2407-3FC2-4C66-BFF6-001D8195A716}] => (Allow) E:\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [TCP Query User{3F3C1BF5-D053-4BFD-999A-0606729366CB}F:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) F:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{D371ADF8-F3C7-465F-9A96-F828752D2CE5}F:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) F:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{F522DEF9-9261-496D-BB99-44192EF2D5B3}H:\warcraft iii\war3.exe] => (Allow) H:\warcraft iii\war3.exe
FirewallRules: [UDP Query User{02C5255A-3A9A-4E89-90B0-414C40FF9D21}H:\warcraft iii\war3.exe] => (Allow) H:\warcraft iii\war3.exe
FirewallRules: [TCP Query User{C5FF3445-0A08-47B6-BE2E-DFE40B2A9A5C}H:\left 4 dead 2\left4dead2.exe] => (Block) H:\left 4 dead 2\left4dead2.exe
FirewallRules: [UDP Query User{BAFBDB79-7895-41C8-B6ED-B87D38C430E4}H:\left 4 dead 2\left4dead2.exe] => (Block) H:\left 4 dead 2\left4dead2.exe
FirewallRules: [TCP Query User{9DEB3C3C-65FB-4C9B-81F4-C04296D27175}H:\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Allow) H:\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [UDP Query User{A62F7852-9A8D-4831-86A2-710C037C778D}H:\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Allow) H:\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [{129BE3BB-BED6-4C5C-995E-3538A88CF2FC}] => (Allow) F:\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{C7C13F38-D992-45C9-B16B-422969673B2C}] => (Allow) F:\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{F1430781-0C61-479D-A7DE-C6478CFEF83C}] => (Allow) F:\Steam\SteamApps\common\AMSBeta\AMS.exe
FirewallRules: [{7706DF69-D09B-450E-8953-921F97FA7F71}] => (Allow) F:\Steam\SteamApps\common\AMSBeta\AMS.exe
FirewallRules: [{B8E4EFEA-C3E3-4DFF-A8BE-13EC7427DE7F}] => (Allow) F:\Steam\SteamApps\common\AMSBeta\AMS Dedicated.exe
FirewallRules: [{D8DC94E3-01FC-4AB6-90F7-58F4FF9873F2}] => (Allow) F:\Steam\SteamApps\common\AMSBeta\AMS Dedicated.exe
FirewallRules: [{4DB47EF5-8FEB-4EB9-A390-30A9787D760D}] => (Allow) F:\Steam\SteamApps\common\AMSBeta\AMS Config.exe
FirewallRules: [{0F97988E-46B7-493E-90F1-52134C8382FD}] => (Allow) F:\Steam\SteamApps\common\AMSBeta\AMS Config.exe
FirewallRules: [{E1743A0C-CB7F-4CE7-816C-80A4B9D0A75E}] => (Allow) F:\Steam\SteamApps\common\Automobilista\AMS.exe
FirewallRules: [{3CF37731-1818-4031-BD0F-6F64736A21F9}] => (Allow) F:\Steam\SteamApps\common\Automobilista\AMS.exe
FirewallRules: [{CB33D222-7289-4128-8E0D-DB258C83B8C7}] => (Allow) F:\Steam\SteamApps\common\Automobilista\AMS Config.exe
FirewallRules: [{2BFFF923-192C-49BB-8FE7-21DCF8FE3C4E}] => (Allow) F:\Steam\SteamApps\common\Automobilista\AMS Config.exe
FirewallRules: [{8098B2BF-E1DE-451B-AAC6-2AE931F27FF0}] => (Allow) F:\Steam\SteamApps\common\Automobilista\AMS Dedicated.exe
FirewallRules: [{62A1C4AB-1B29-499B-89F8-EF388D76ECDE}] => (Allow) F:\Steam\SteamApps\common\Automobilista\AMS Dedicated.exe
FirewallRules: [{05FBB345-4311-4633-83C7-95E45A4C5F32}] => (Allow) E:\Mozilla Firefox\firefox.exe
FirewallRules: [{5DF2A42E-E5A2-49D5-B547-7CE2904CE823}] => (Allow) E:\Mozilla Firefox\firefox.exe
FirewallRules: [{2889A2C1-6CBC-4752-8F0F-37BE0888BB5D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A01E5043-B03E-42F2-AE1B-4D651CB3276A}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6ED83AE2-CF5B-4491-9B59-9629ED5C6606}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{41AA060D-C933-401E-820B-2535BDCEF019}] => (Allow) H:\Steam\steamapps\common\rFactor 2\Launcher\Launch rFactor.exe
FirewallRules: [{89132D40-225A-444E-AAFA-5D428745FC4F}] => (Allow) H:\Steam\steamapps\common\rFactor 2\Launcher\Launch rFactor.exe
FirewallRules: [TCP Query User{E1DB7630-CB5A-41C2-BC20-2A1A6F43C8E2}F:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) F:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8ADDF18D-583D-4E4D-8518-13A26CD8723A}F:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) F:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{0C588CEA-0D94-4080-B0D3-81F33BB366FE}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [UDP Query User{A9BE1B03-CD7D-4E53-BCA8-0EC6E1F85EF2}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [TCP Query User{C50CAAE7-CD38-421C-A11C-1D7A316B6086}H:\grim dawn\grim dawn.exe] => (Allow) H:\grim dawn\grim dawn.exe
FirewallRules: [UDP Query User{171CEBA3-D364-40F2-B623-21A7223E0FC4}H:\grim dawn\grim dawn.exe] => (Allow) H:\grim dawn\grim dawn.exe
FirewallRules: [TCP Query User{9F4D9389-5728-492C-95DA-D9101BCB55DC}H:\arma iii\arma3.exe] => (Allow) H:\arma iii\arma3.exe
FirewallRules: [UDP Query User{25D0F19C-939A-4E67-BCE8-583010D06AE9}H:\arma iii\arma3.exe] => (Allow) H:\arma iii\arma3.exe
FirewallRules: [TCP Query User{1D48DCB4-77D1-4DF1-9EC9-166F8306EB23}H:\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Block) H:\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [UDP Query User{399B1562-E1E3-4561-926A-190183636942}H:\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Block) H:\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [TCP Query User{F3FD1533-720A-4FAD-8AAA-BD5E85EC2025}H:\killingfloor 1\system\killingfloor.exe] => (Allow) H:\killingfloor 1\system\killingfloor.exe
FirewallRules: [UDP Query User{7D04470C-CF1A-4DB5-BBF6-3CAE99616F8C}H:\killingfloor 1\system\killingfloor.exe] => (Allow) H:\killingfloor 1\system\killingfloor.exe
FirewallRules: [TCP Query User{A95577B3-2D86-48D3-ABAB-A5F9E670FB02}H:\arma iii\arma3.exe] => (Allow) H:\arma iii\arma3.exe
FirewallRules: [UDP Query User{B318CBBC-9C3D-4252-AF3A-6546348ECA6F}H:\arma iii\arma3.exe] => (Allow) H:\arma iii\arma3.exe
FirewallRules: [TCP Query User{A5A1310A-D9C0-4342-A951-8EF3A2739DF1}G:\tf2\tf2 lan edition\hl2.exe] => (Allow) G:\tf2\tf2 lan edition\hl2.exe
FirewallRules: [UDP Query User{1551C3FD-DD88-49EF-9FD8-63B976A77982}G:\tf2\tf2 lan edition\hl2.exe] => (Allow) G:\tf2\tf2 lan edition\hl2.exe
FirewallRules: [TCP Query User{EDECED75-6AA3-4D79-8F71-40F855939053}H:\grim dawn\grim dawn.exe] => (Allow) H:\grim dawn\grim dawn.exe
FirewallRules: [UDP Query User{4616A99A-FE22-4824-8ED4-DE9441C6760A}H:\grim dawn\grim dawn.exe] => (Allow) H:\grim dawn\grim dawn.exe
FirewallRules: [TCP Query User{BF6E3206-E828-4972-B115-8797016230EB}G:\cod 5\codwawmp.exe] => (Allow) G:\cod 5\codwawmp.exe
FirewallRules: [UDP Query User{533EDC38-0EE5-4952-A1C8-F54CCBAE9A70}G:\cod 5\codwawmp.exe] => (Allow) G:\cod 5\codwawmp.exe
FirewallRules: [TCP Query User{1672E9FC-A92A-4557-9275-733583316AAD}H:\killing floor 2\binaries\win64\kfgame.exe] => (Allow) H:\killing floor 2\binaries\win64\kfgame.exe
FirewallRules: [UDP Query User{5439EF92-1817-4554-A312-BFE385D192B0}H:\killing floor 2\binaries\win64\kfgame.exe] => (Allow) H:\killing floor 2\binaries\win64\kfgame.exe
FirewallRules: [{175844F9-1D95-45A7-8E9C-27B011CDDE38}] => (Allow) H:\Steam\steamapps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [{C817703A-B3C1-493E-9173-3B162B30A819}] => (Allow) H:\Steam\steamapps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [TCP Query User{0FB27A19-6D1F-4EA3-859D-B3FFB7F531D9}H:\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) H:\steam\steamapps\common\assettocorsa\acs.exe
FirewallRules: [UDP Query User{F59BF70E-316B-4304-B05B-4BBD16D70F81}H:\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) H:\steam\steamapps\common\assettocorsa\acs.exe
FirewallRules: [{45F8F6F3-38E7-4AF6-933A-CE32ACA20F67}] => (Allow) H:\Steam\steamapps\common\For Honor\forhonor.exe
FirewallRules: [{7899DB83-533E-4046-9A54-E19060E18881}] => (Allow) H:\Steam\steamapps\common\For Honor\forhonor.exe
FirewallRules: [{7DBB8CAF-0D77-429A-BFF3-CED817171D43}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{590F34E7-3A5F-44BF-8EF4-71E88B27142F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{907528BB-37C5-48B5-A18C-327138C619A8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E65F440A-F4DD-4FAE-ADF8-0FF9AB77F532}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6FC0C7B5-7255-4AEA-A91B-4E053461954E}] => (Allow) L:\SteamLibrary\steamapps\common\For Honor\forhonor.exe
FirewallRules: [{95A57ACB-BAC3-49A2-B3F8-55976EBA8B1A}] => (Allow) L:\SteamLibrary\steamapps\common\For Honor\forhonor.exe
FirewallRules: [{C6D0B454-542C-4B61-9A96-653B3709DCCE}] => (Allow) L:\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [{C8C2ADE0-C480-45DD-AD72-16B2D8C017DE}] => (Allow) L:\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [{22B725F4-0257-4385-BEEA-D9A4D93F42B9}] => (Allow) L:\SteamLibrary\steamapps\common\rFactor 2\Launcher\Launch rFactor.exe
FirewallRules: [{3DB608E6-7E26-4F2E-8EFB-9AA083C42ADD}] => (Allow) L:\SteamLibrary\steamapps\common\rFactor 2\Launcher\Launch rFactor.exe
FirewallRules: [{378C2C08-7B08-4267-9330-6B2B3D4233E6}] => (Allow) F:\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{FA8AFE8A-D8C4-49A3-8B85-8CE0F51A7F16}] => (Allow) F:\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{C98B13C1-811E-464B-B1C7-7AC4661EF64F}] => (Allow) F:\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{D21EDF57-0C04-492D-99EE-FA4D9F48C6C7}] => (Allow) F:\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [TCP Query User{E010852E-1A03-4101-BE76-9639B03EF393}L:\steamlibrary\steamapps\common\rfactor 2\bin64\rfactor2.exe] => (Allow) L:\steamlibrary\steamapps\common\rfactor 2\bin64\rfactor2.exe
FirewallRules: [UDP Query User{713AE10E-A629-4C0E-A2DD-431E3CC918F7}L:\steamlibrary\steamapps\common\rfactor 2\bin64\rfactor2.exe] => (Allow) L:\steamlibrary\steamapps\common\rfactor 2\bin64\rfactor2.exe
FirewallRules: [{1836A596-3F4F-49FC-A6C8-032B2C7439AD}] => (Allow) F:\Steam\SteamApps\common\rFactor 2\Launcher\Launch rFactor.exe
FirewallRules: [{2DF1CABB-722E-4C01-BC24-B17710121DDB}] => (Allow) F:\Steam\SteamApps\common\rFactor 2\Launcher\Launch rFactor.exe
FirewallRules: [TCP Query User{9BE2E7AE-8C84-442A-9317-33B7595F8327}F:\steam\steamapps\common\rfactor 2\bin64\rfactor2.exe] => (Allow) F:\steam\steamapps\common\rfactor 2\bin64\rfactor2.exe
FirewallRules: [UDP Query User{90315690-86BF-4E98-8CF0-07CF99787E2F}F:\steam\steamapps\common\rfactor 2\bin64\rfactor2.exe] => (Allow) F:\steam\steamapps\common\rfactor 2\bin64\rfactor2.exe
FirewallRules: [{ED8BD539-3195-486E-8C25-B7F880E86140}] => (Allow) F:\Steam\SteamApps\common\AMSBeta\SeasonTool\SeasonTool.exe
FirewallRules: [{62073AD5-EA48-4CBD-B1FA-5A361CDC6FE9}] => (Allow) F:\Steam\SteamApps\common\AMSBeta\SeasonTool\SeasonTool.exe
FirewallRules: [{450F5957-281F-4EB5-927E-DCBDA3621024}] => (Allow) F:\Steam\SteamApps\common\Automobilista\SeasonTool\SeasonTool.exe
FirewallRules: [{A822ECA3-14DC-456C-9D77-F2574D3CAE87}] => (Allow) F:\Steam\SteamApps\common\Automobilista\SeasonTool\SeasonTool.exe
FirewallRules: [TCP Query User{3EC583F6-A91D-469E-9BB0-A5EED3137E57}L:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) L:\steamlibrary\steamapps\common\assettocorsa\acs.exe
FirewallRules: [UDP Query User{E62596F4-FD2C-4A19-B7AA-26348B6E4459}L:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) L:\steamlibrary\steamapps\common\assettocorsa\acs.exe
FirewallRules: [{28AD0A46-13E8-44F9-BEDE-11A3D9A08993}] => (Allow) F:\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{703A5FCC-AE0F-4810-89E6-2226EA54CDBB}] => (Allow) F:\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{D78F562B-96F1-489A-8571-DDD85B6E2B4F}] => (Allow) F:\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{F9A3625A-CF45-4E7B-946C-483AC22B00F4}] => (Allow) F:\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
StandardProfile\AuthorizedApplications: [E:\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [E:\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [E:\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [E:\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
18-07-2017 18:42:41 Windows Update
23-07-2017 17:08:50 Malwarebytes Anti-Rootkit Restore Point
24-07-2017 18:09:18 JRT Pre-Junkware Removal
24-07-2017 18:49:02 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Microsoft Loopbackadapter
Description: Microsoft Loopbackadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: msloop
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/24/2017 07:07:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 14 2.2.3.4.6.E.3.D.B.D.C.8.E.7.9.3.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR WG-316.local.
Error: (07/24/2017 07:07:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.10:5353 14 2.2.3.4.6.E.3.D.B.D.C.8.E.7.9.3.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR WG-260.local.
Error: (07/24/2017 07:07:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 14 10.178.168.192.in-addr.arpa. PTR WG-316.local.
Error: (07/24/2017 07:07:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.10:5353 14 10.178.168.192.in-addr.arpa. PTR WG-260.local.
Error: (07/24/2017 07:07:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname WG-260.local already in use; will try WG-316.local instead
Error: (07/24/2017 07:07:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 1; will deregister 16 WG-260.local. AAAA FE80:0000:0000:0000:397E:8CDB:D3E6:4322
Error: (07/24/2017 07:07:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.10:5353 16 WG-260.local. AAAA 2003:00EE:E3C0:BC00:397E:8CDB:D3E6:4322
Error: (07/24/2017 07:07:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Ignoring response received before we even began probing: 4 WG-260.local. Addr 192.168.178.10
Error: (07/24/2017 07:07:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ResolveSimultaneousProbe: 0000000001238930 Our Record 2 won: 84E8A98E 16 WG-260.local. AAAA FE80:0000:0000:0000:397E:8CDB:D3E6:4322
Error: (07/24/2017 07:07:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ResolveSimultaneousProbe: 0000000001238930 Pkt Record: 12A8A8B4 16 WG-260.local. AAAA 2003:00EE:E3C0:BC00:397E:8CDB:D3E6:4322
Systemfehler:
=============
Error: (07/24/2017 07:04:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (07/24/2017 07:04:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (07/24/2017 07:04:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-19) für Benutzer NT-AUTORITÄT\LOKALER DIENST von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{22279AF5-03AE-4CAF-989D-2530918B2F1C}
und APPID
{0773CCD6-59A2-4D26-B235-19247767E645}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (07/24/2017 07:04:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-19) für Benutzer NT-AUTORITÄT\LOKALER DIENST von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{22279AF5-03AE-4CAF-989D-2530918B2F1C}
und APPID
{0773CCD6-59A2-4D26-B235-19247767E645}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (07/24/2017 06:49:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/24/2017 06:49:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA NetworkService Container" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/24/2017 06:49:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/24/2017 06:47:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HDDHealth" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/24/2017 06:46:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/24/2017 06:35:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
CodeIntegrity:
===================================
Date: 2017-07-24 19:37:59.738
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-07-24 19:11:08.188
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-07-24 19:04:33.739
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-07-24 18:57:53.170
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-07-24 18:45:31.666
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-07-24 18:35:07.850
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-07-24 18:27:38.722
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-07-24 18:15:44.717
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-07-24 18:14:25.252
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-07-24 18:03:40.739
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 16339.18 MB
Verfügbarer physikalischer RAM: 11849.48 MB
Summe virtueller Speicher: 18385.36 MB
Verfügbarer virtueller Speicher: 12993.43 MB
==================== Laufwerke ================================
Drive c: (Windows 7) (Fixed) (Total:107.24 GB) (Free:51.69 GB) NTFS
Drive e: (Programme) (Fixed) (Total:97.66 GB) (Free:62.16 GB) NTFS
Drive f: (FunPlace) (Fixed) (Total:341.8 GB) (Free:75.89 GB) NTFS
Drive g: (Diverse) (Fixed) (Total:492.06 GB) (Free:152.71 GB) NTFS
Drive k: (Diverse) (Fixed) (Total:128.9 GB) (Free:91.14 GB) NTFS
Drive l: (StorageNew) (Fixed) (Total:103.98 GB) (Free:24.8 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 8E44248D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=107.2 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F1FA884D)
Partition 1: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=341.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=492.1 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 232.9 GB) (Disk ID: 0ADD0ADD)
Partition 1: (Not Active) - (Size=128.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=104 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
24.07.2017, 21:53
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | LavasoftTCPService.dll - Web Companion Komponente eingefangen Äh, da müssen wir nochmal die Sense rausholen. Das depperte Avira und auch das unwirksame Spybot muss runter sowie unnötiges und/oder veraltetes Zeugs: Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.07.2017, 18:52
| #13 |
| | LavasoftTCPService.dll - Web Companion Komponente eingefangen Ich hab jetzt die Applikationen deinstalliert. Allerdings konnte ich die Navisworks Komponenten auch nicht mit dem RevoUninstaller runterbügeln. Jetzt wäre meine Frage, nun habe ich ja kein Antiviren Wächter mehr und dabei ist mir nicht ganz wohl zumute. Was kann ich denn da als Alternative wählen? Auch zum Entpacken von zip´s und rar´s hatte ich ja WinRAR, was kann man da als Ersatz nehmen? Jetzt brauchst Du wahrscheinlich wieder logfiles bzw. wie ist das weitere Vorgehen? Dank im Voraus. |
|
25.07.2017, 20:25
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | LavasoftTCPService.dll - Web Companion Komponente eingefangen Ja man merkt durch die Bank weg, welche Angst und Panik die Schlangenöl-Industrie in der Bevölkerung geschürt hat. Dass deren absolut utopischen Versprechen nicht eingehalt werden können will aber kaum jmd realisieren. Und die Foren sind voll mit irgendwelchen Sicherheitsproblemen, Junkware und anderer Malware, obwohl die Virenscanner doch alle perfekt schützt - oder etwa doch nicht?  Alternativen werden zum Abschluss genannt. Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.07.2017, 20:34
| #15 |
| | LavasoftTCPService.dll - Web Companion Komponente eingefangen Ja diese Vermutung hat mich auch schon länger heimgesucht. Mal hier auf den falschen Link geklickt und dort was installiert was man gar nicht wollte und zack hat man schon irgendwelchen Schadcode drauf. Der tolle Echtzeit -Scan KlimBim macht dabei irgendwie rein gar nix. Das einzige was mir Avira mal angemeckert hat war dann ein False Positive für die Rennsimulation Automobilista, und das hat es dann auch noch verlässlich in die Quarantäne geschickt sodass es nicht mehr lief... na denn prost Mahlzeit  FRST logs: FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-07-2017
durchgeführt von Gn****** (Administrator) auf WG-260 (25-07-2017 20:09:52)
Gestartet von C:\Users\Gn******\Downloads\FRST
Geladene Profile: Gn****** & Administrator (Verfügbare Profile: Gn****** & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Nero AG) E:\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
() E:\HTC\HTC Sync Manager\HTC Sync\adb.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamuseragent.exe
(Mozilla Corporation) E:\Mozilla Firefox\firefox.exe
(Mozilla Corporation) E:\Mozilla Firefox\firefox.exe
(Mozilla Corporation) E:\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2016-12-02] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21]
(Intel Corporation)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-
3D323D69C677}\AiChargerPlus.exe [465536 2011-10-31] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-04-13] (Razer Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy
\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\Policies\Explorer: []
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: H - H:\AUTORUN.EXE
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {611a43f2-4ce1-11e2-b2c5-94dbc940e75f} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {660695fb-3f74-11e2-8d9d-94dbc940e75f} - J:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {7176c1a5-4047-11e2-a158-c86000e22cc1} - J:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {74e0857a-56a5-11e2-b1d9-94dbc940e75f} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {74e08595-56a5-11e2-b1d9-c86000e22cc1} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {74e085a7-56a5-11e2-b1d9-c86000e22cc1} - H:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {74e085bc-56a5-11e2-b1d9-c86000e22cc1} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {87994de8-3b45-11e3-9e56-c86000e22cc1} - I:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {90f4cafc-3e4a-11e2-9d19-94dbc940e75f} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {90f4cb0c-3e4a-11e2-9d19-94dbc940e75f} - J:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {90f4cb41-3e4a-11e2-9d19-c86000e22cc1} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {90f4cb83-3e4a-11e2-9d19-c86000e22cc1} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {97b2a9f8-58f0-11e2-ab2c-94dbc940e75f} - H:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {d64e0e01-407f-11e2-a01c-94dbc940e75f} - L:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {e392c4ec-a8bd-11e5-abb3-c86000e22cc1} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {f1871499-2a06-11e5-97ea-c86000e22cc1} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\...\MountPoints2: {f3950a4f-57ee-11e2-b622-c86000e22cc1} - I:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft
Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag
handelt.)
Internet Explorer:
==================
HKU\S-1-5-21-386634515-4225027544-3189603330-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-386634515-4225027544-3189603330-1000 -> DefaultScope {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q=
{searchTerms}
SearchScopes: HKU\S-1-5-21-386634515-4225027544-3189603330-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-04-21] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
[2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-21] (Oracle
Corporation)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2015-10-19] (pdfforge
GmbH)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live
\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Gn******\AppData\Roaming\Mozilla\Firefox\Profiles\63ip853m.default [2017-07-25]
FF NewTab: Mozilla\Firefox\Profiles\63ip853m.default -> hxxp://www.google.de
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\63ip853m.default -> Google
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\63ip853m.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\63ip853m.default -> hxxp://www.google.de
FF NetworkProxy: Mozilla\Firefox\Profiles\63ip853m.default -> type", 0
FF Extension: (Avira Browser Safety) - C:\Users\Gn******\AppData\Roaming\Mozilla\Firefox\Profiles\63ip853m.default\Extensions\abs@avira.com.xpi [2017-07-17]
FF Extension: (MEGA) - C:\Users\Gn******\AppData\Roaming\Mozilla\Firefox\Profiles\63ip853m.default\Extensions\firefox@mega.co.nz.xpi [2017-07-12]
FF Extension: (Adblock Plus) - C:\Users\Gn******\AppData\Roaming\Mozilla\Firefox\Profiles\63ip853m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2017-06-07]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2015-11-19] [ist nicht signiert]
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei]
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> F:\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[2012-01-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-04-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-04-01] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> E:\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2015-10-19] (pdfforge GmbH)
StartMenuInternet: FIREFOX.EXE - E:\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet
wird.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-02-02] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe [324608 2012-05-18] (ASUSTeK Computer Inc.) [Datei
ist nicht signiert]
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [249312 2016-12-02] (DTS, Inc)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [399120 2017-04-18] (EasyAntiCheat Ltd)
S3 GalaxyClientService; E:\GOG Galaxy\GalaxyClientService.exe [284224 2016-11-22] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2016-11-22] (GOG.com)
R2 HTCMonitorService; E:\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-04-02] (Nero AG)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160768 2011-05-27] (Intel Corporation) [Datei ist nicht
signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-04-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation)
S3 Origin Client Service; F:\Origin\OriginClientService.exe [2147216 2017-05-03] (Electronic Arts)
S2 Origin Web Helper Service; F:\Origin\OriginWebHelperService.exe [3116440 2017-05-03] (Electronic Arts)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [99616 2014-03-05] (Overwolf LTD)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Datei ist nicht signiert]
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2015-10-19] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2015-10-19] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2015-10-19] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2017-04-18] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet
wird.)
R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
S3 DFX11_0; C:\Windows\System32\drivers\dfx11_0x64.sys [28008 2012-08-16] (Windows (R) Win 7 DDK provider)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [216576 2009-09-04] (Huawei Technologies Co., Ltd.)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [29672 2013-01-13] (REALiX(tm))
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [76840 2017-04-01] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R2 WinRing0_1_2_0; C:\Users\Gn******\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries25.gadget\WinRing0x64.sys [14544 2012-08-17] (OpenLibSys.org)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet
wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-25 19:47 - 2017-07-25 19:47 - 00000065 _____ C:\Windows\wininit.ini
2017-07-25 19:21 - 2017-07-25 19:21 - 00000000 ____D C:\Users\Gn******\AppData\Roaming\Autodesk
2017-07-25 19:14 - 2017-07-25 19:14 - 00000593 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-07-25 19:14 - 2017-07-25 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-07-25 19:12 - 2017-07-25 19:13 - 00000000 ____D C:\Users\Gn******\Downloads\revo_uninstaller
2017-07-24 18:09 - 2017-07-24 18:49 - 00005523 _____ C:\Users\Gn******\Desktop\JRT.txt
2017-07-24 18:07 - 2017-07-24 18:56 - 00000000 ____D C:\Users\Gn******\Downloads\JRT
2017-07-24 17:58 - 2017-07-24 18:34 - 00000000 ____D C:\AdwCleaner
2017-07-24 17:58 - 2017-07-24 17:58 - 00000000 ____D C:\Users\Gn******\Downloads\adwcleaner
2017-07-23 16:51 - 2017-07-23 16:52 - 00000000 ____D C:\Users\Gn******\Downloads\mbar
2017-07-23 16:45 - 2017-07-23 16:45 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Gn******\Downloads\mbar-1.09.3.1001.exe
2017-07-23 12:30 - 2017-07-25 20:09 - 00000000 ____D C:\FRST
2017-07-17 19:30 - 2017-07-17 19:30 - 00863744 _____ (Farbar) C:\Windows\mod_frst.exe
2017-07-16 15:00 - 2017-07-24 22:35 - 00000000 ____D C:\Users\Gn******\Downloads\FRST
2017-07-13 20:57 - 2017-07-13 20:57 - 00195541 _____ C:\Users\Gn******\Downloads\20170713_Vergleichsrechnung.pdf
2017-07-12 18:59 - 2017-06-30 06:15 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-07-12 18:59 - 2017-06-30 05:32 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 02319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 02222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 02058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-07-12 18:59 - 2017-06-30 04:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-07-12 18:59 - 2017-06-30 04:40 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-07-12 18:59 - 2017-06-30 04:40 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-07-12 18:59 - 2017-06-30 04:39 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-07-12 18:59 - 2017-06-30 04:39 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-07-12 18:59 - 2017-06-30 04:38 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-07-12 18:59 - 2017-06-30 04:38 - 01363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-07-12 18:59 - 2017-06-30 04:38 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-07-12 18:59 - 2017-06-30 04:38 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-07-12 18:59 - 2017-06-30 04:38 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-07-12 18:59 - 2017-06-30 04:38 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-07-12 18:59 - 2017-06-30 04:38 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-07-12 18:59 - 2017-06-30 04:38 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-07-12 18:59 - 2017-06-30 04:27 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-07-12 18:59 - 2017-06-30 04:27 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-07-12 18:59 - 2017-06-30 04:26 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-07-12 18:59 - 2017-06-30 04:26 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-07-12 18:59 - 2017-06-29 08:27 - 25734656 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-07-12 18:59 - 2017-06-29 08:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-07-12 18:59 - 2017-06-29 08:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-07-12 18:59 - 2017-06-29 08:04 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-07-12 18:59 - 2017-06-29 08:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-07-12 18:59 - 2017-06-29 08:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-07-12 18:59 - 2017-06-29 08:02 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-07-12 18:59 - 2017-06-29 08:02 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-07-12 18:59 - 2017-06-29 08:02 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-07-12 18:59 - 2017-06-29 07:55 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-07-12 18:59 - 2017-06-29 07:54 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-07-12 18:59 - 2017-06-29 07:51 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-07-12 18:59 - 2017-06-29 07:50 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-07-12 18:59 - 2017-06-29 07:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-07-12 18:59 - 2017-06-29 07:50 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-07-12 18:59 - 2017-06-29 07:50 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-07-12 18:59 - 2017-06-29 07:44 - 05975552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-07-12 18:59 - 2017-06-29 07:43 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-07-12 18:59 - 2017-06-29 07:39 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-07-12 18:59 - 2017-06-29 07:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-07-12 18:59 - 2017-06-29 07:31 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-07-12 18:59 - 2017-06-29 07:31 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-07-12 18:59 - 2017-06-29 07:30 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-07-12 18:59 - 2017-06-29 07:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-07-12 18:59 - 2017-06-29 07:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-07-12 18:59 - 2017-06-29 07:23 - 20270592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-07-12 18:59 - 2017-06-29 07:23 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-07-12 18:59 - 2017-06-29 07:23 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-07-12 18:59 - 2017-06-29 07:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-07-12 18:59 - 2017-06-29 07:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-07-12 18:59 - 2017-06-29 07:22 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-07-12 18:59 - 2017-06-29 07:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-07-12 18:59 - 2017-06-29 07:22 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-07-12 18:59 - 2017-06-29 07:19 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-07-12 18:59 - 2017-06-29 07:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-07-12 18:59 - 2017-06-29 07:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-07-12 18:59 - 2017-06-29 07:14 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-07-12 18:59 - 2017-06-29 07:13 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-07-12 18:59 - 2017-06-29 07:13 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-07-12 18:59 - 2017-06-29 07:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-07-12 18:59 - 2017-06-29 07:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-07-12 18:59 - 2017-06-29 07:09 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-07-12 18:59 - 2017-06-29 07:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-07-12 18:59 - 2017-06-29 07:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-07-12 18:59 - 2017-06-29 07:07 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-07-12 18:59 - 2017-06-29 07:05 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-07-12 18:59 - 2017-06-29 07:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-07-12 18:59 - 2017-06-29 07:00 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-07-12 18:59 - 2017-06-29 07:00 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-07-12 18:59 - 2017-06-29 06:58 - 15253504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-07-12 18:59 - 2017-06-29 06:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-07-12 18:59 - 2017-06-29 06:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-07-12 18:59 - 2017-06-29 06:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-07-12 18:59 - 2017-06-29 06:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-07-12 18:59 - 2017-06-29 06:53 - 03240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-07-12 18:59 - 2017-06-29 06:52 - 04549632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-07-12 18:59 - 2017-06-29 06:48 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-07-12 18:59 - 2017-06-29 06:47 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-07-12 18:59 - 2017-06-29 06:46 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-07-12 18:59 - 2017-06-29 06:46 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-07-12 18:59 - 2017-06-29 06:43 - 13663744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-07-12 18:59 - 2017-06-29 06:41 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-07-12 18:59 - 2017-06-29 06:29 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-07-12 18:59 - 2017-06-29 06:28 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-07-12 18:59 - 2017-06-29 06:24 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-07-12 18:59 - 2017-06-29 06:23 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-07-12 18:59 - 2017-06-22 16:58 - 03223040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-07-12 18:59 - 2017-06-15 22:23 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-07-12 18:59 - 2017-06-13 00:54 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-07-12 18:59 - 2017-06-13 00:54 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-07-12 18:59 - 2017-06-13 00:54 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-07-12 18:59 - 2017-06-13 00:49 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 01363456 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2017-07-12 18:59 - 2017-06-13 00:49 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-07-12 18:59 - 2017-06-13 00:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-07-12 18:59 - 2017-06-13 00:29 - 01227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2017-07-12 18:59 - 2017-06-13 00:29 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-07-12 18:59 - 2017-06-13 00:29 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2017-07-12 18:59 - 2017-06-13 00:29 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2017-07-12 18:59 - 2017-06-13 00:29 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-07-12 18:59 - 2017-06-13 00:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-07-12 18:59 - 2017-06-13 00:29 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-07-12 18:59 - 2017-06-13 00:29 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-07-12 18:59 - 2017-06-13 00:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-07-12 18:59 - 2017-06-13 00:19 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-07-12 18:59 - 2017-06-13 00:14 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2017-07-12 18:59 - 2017-06-13 00:14 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2017-07-12 18:59 - 2017-06-13 00:14 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
2017-07-12 18:59 - 2017-06-13 00:12 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-07-12 18:59 - 2017-06-13 00:12 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-07-12 18:59 - 2017-06-13 00:12 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-07-12 18:59 - 2017-06-13 00:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-07-12 18:59 - 2017-06-13 00:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-07-12 18:59 - 2017-06-13 00:06 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2017-07-12 18:59 - 2017-06-13 00:06 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
2017-07-12 18:59 - 2017-06-13 00:06 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resmon.exe
2017-07-12 18:59 - 2017-06-13 00:05 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-07-12 18:59 - 2017-06-10 17:59 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-07-12 18:59 - 2017-06-10 17:39 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-07-12 18:59 - 2017-06-09 17:33 - 01680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-07-12 18:59 - 2017-06-06 17:30 - 01867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-07-12 18:59 - 2017-06-06 17:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-07-12 18:59 - 2017-05-30 06:56 - 01895656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-07-12 18:59 - 2017-05-30 06:56 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-07-12 18:59 - 2017-05-30 06:56 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-07-12 18:59 - 2017-05-21 06:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-07-12 18:59 - 2017-05-21 06:06 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-07-12 18:59 - 2017-05-16 17:35 - 00986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-07-12 18:59 - 2017-05-16 17:35 - 00265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-07-12 18:59 - 2017-05-16 17:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-07-12 18:58 - 2017-05-03 17:34 - 00094952 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-07-12 18:58 - 2017-05-03 17:29 - 01206272 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-07-12 18:58 - 2017-05-03 15:05 - 01555968 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-07-12 18:58 - 2017-05-03 15:05 - 00620544 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-07-12 18:58 - 2017-05-03 15:05 - 00535552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-07-12 18:58 - 2017-05-03 15:05 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-07-12 18:58 - 2017-05-03 15:05 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-07-12 18:58 - 2017-05-03 15:05 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-07-12 18:58 - 2017-05-03 15:05 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-07-12 18:58 - 2017-03-23 04:06 - 01691136 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-07-08 13:29 - 2017-07-08 13:29 - 00268579 _____ C:\Users\Gn******\Downloads\0408_ttc_18tfsi_118.pdf
2017-07-08 13:24 - 2017-07-08 13:24 - 00118330 _____ C:\Users\Gn******\Downloads\step_50400_50700.pdf
2017-07-08 13:22 - 2017-07-08 13:22 - 01646397 _____ C:\Users\Gn******\Downloads\ams0715_058_2.pdf
2017-07-08 13:20 - 2017-07-08 13:20 - 00171395 _____ C:\Users\Gn******\Downloads\step_50200_50500.pdf
2017-07-08 12:21 - 2017-07-08 12:21 - 00129100 _____ C:\Users\Gn******\Downloads\LM_AN_INFO_0104_D_Bremsenquietschen.pdf
2017-07-02 12:58 - 2017-07-02 12:58 - 00035802 _____ C:\Users\Gn******\Downloads\Kontoauszug_700786587600_2017-07-01_0627.pdf
2017-07-02 12:57 - 2017-07-02 12:57 - 00021035 _____ C:\Users\Gn******\Downloads\Abrechnung_700786587600_2017-07-01_1011.pdf
2017-07-01 17:09 - 2017-07-01 17:09 - 01167932 _____ C:\Users\Gn******\Downloads\Kaufvertrag-WAUZZZ8V8GA088893.pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-25 20:09 - 2016-11-22 20:02 - 00000000 ____D C:\Users\Gn******\AppData\LocalLow\Mozilla
2017-07-25 20:09 - 2015-07-23 02:34 - 00002984 _____ C:\Windows\System32\Tasks\MSIAfterburner
2017-07-25 19:53 - 2016-02-29 21:21 - 00000000 ____D C:\Users\Gn******\AppData\Local\CrashDumps
2017-07-25 19:53 - 2013-10-17 00:46 - 00000000 ____D C:\Users\Gn******\AppData\Roaming\Luxology
2017-07-25 19:53 - 2013-10-16 21:05 - 00000000 ____D C:\Users\Gn******\AppData\Roaming\uTorrent
2017-07-25 19:47 - 2016-11-10 19:15 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-07-25 19:39 - 2015-03-01 17:32 - 00000000 ____D C:\Program Files\OBS
2017-07-25 19:39 - 2015-03-01 17:32 - 00000000 ____D C:\Program Files (x86)\OBS
2017-07-25 19:33 - 2013-11-28 22:27 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-25 19:33 - 2013-04-25 09:32 - 00000000 ____D C:\ProgramData\Avira
2017-07-25 19:33 - 2009-07-14 06:45 - 00031872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-25 19:33 - 2009-07-14 06:45 - 00031872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-07-25 19:31 - 2016-09-04 21:36 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-25 19:31 - 2011-04-12 09:43 - 00702964 _____ C:\Windows\system32\perfh007.dat
2017-07-25 19:31 - 2011-04-12 09:43 - 00150604 _____ C:\Windows\system32\perfc007.dat
2017-07-25 19:31 - 2009-07-14 07:13 - 01629436 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-25 19:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-07-25 19:29 - 2013-10-22 23:42 - 00000000 ____D C:\Users\Gn******\AppData\Local\HTC MediaHub
2017-07-25 19:24 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-25 19:20 - 2012-08-16 23:18 - 00000000 ____D C:\Windows\system32\Macromed
2017-07-25 19:19 - 2012-08-16 23:18 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-07-25 19:17 - 2015-11-01 16:25 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-07-24 19:24 - 2014-12-02 20:05 - 00022528 _____ C:\Users\Gn******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-24 18:50 - 2012-09-08 13:30 - 00000000 ____D C:\Temp
2017-07-24 18:17 - 2016-11-10 19:15 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-07-24 07:24 - 2013-11-06 21:12 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-07-23 17:15 - 2014-10-03 12:39 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-07-23 17:15 - 2014-10-03 12:38 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-07-23 17:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\IME
2017-07-19 18:38 - 2015-07-26 19:45 - 00000000 ____D C:\Users\Gn******\Downloads\hjt
2017-07-17 21:40 - 2012-08-21 20:15 - 00000000 ____D C:\Users\Gn******\AppData\Roaming\vlc
2017-07-14 20:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2017-07-13 19:27 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-07-13 19:27 - 2009-07-14 06:45 - 00466296 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-12 23:02 - 2014-12-09 21:30 - 00000000 ____D C:\Windows\system32\appraiser
2017-07-12 19:01 - 2013-07-11 17:37 - 00000000 ____D C:\Windows\system32\MRT
2017-07-12 19:00 - 2012-08-16 23:34 - 135225752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-07-01 21:01 - 2013-01-18 09:42 - 00000000 ____D C:\Windows\Minidump
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-12-02 20:05 - 2017-07-24 19:24 - 0022528 _____ () C:\Users\Gn******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-10-07 19:23 - 2015-04-25 12:31 - 1065984 _____ () C:\Users\Gn******\AppData\Local\file__0.localstorage
2013-12-08 22:17 - 2013-12-08 22:17 - 0003072 _____ () C:\Users\Gn******\AppData\Local\http_www.youtube.com_0.localstorage
2012-08-21 01:09 - 2016-11-06 16:15 - 0007610 _____ () C:\Users\Gn******\AppData\Local\Resmon.ResmonCfg
2016-12-31 13:50 - 2016-12-31 13:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-08-18 01:45 - 2012-08-18 01:46 - 0000498 _____ () C:\ProgramData\Gpu.log
2012-09-08 13:28 - 2012-09-08 13:28 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2017-01-05 13:15 - 2017-04-15 15:08 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log
2017-01-05 13:15 - 2017-04-15 01:36 - 0005504 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
Einige Dateien in TEMP:
====================
2015-02-07 14:48 - 2015-02-07 14:48 - 0000000 ____D () C:\Users\Administrator.WG-260\AppData\Local\Temp\avgnt.exe
2017-07-25 19:21 - 2011-12-14 12:34 - 0039336 _____ (Autodesk, Inc.) C:\Users\Gn******\AppData\Local\Temp\AcDeltree.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-07-22 11:44
==================== Ende von FRST.txt ============================
Addition wieder extra... |
|
| Themen zu LavasoftTCPService.dll - Web Companion Komponente eingefangen |
| antivirus, avdevprot, avdevprot.sys, avira, bonjour, computer, defender, desktop, explorer, firefox, helper, homepage, installation, lavasofttcpservice64.dll, mozilla, node.js, prozesse, realtek, registry, scan, secur, services.exe, software, svchost.exe, system, temp, usb, windows, winlogon.exe |
dann auf 
und dann auf 
. 
Linear-Darstellung
