| |
| |||||||
Log-Analyse und Auswertung: Windows 8.1 vor Tagen Email account gmx gekappert evtl. Trojaner an BordWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
22.09.2017, 15:05
| #1 |
| |  Windows 8.1 vor Tagen Email account gmx gekappert evtl. Trojaner an Bord Hi evl. könnt ihr mir helfen muss bei google ab und an eine Zahlenfolge eingeben da verdächtiger traffic gemeldet wird. mein gmx account wurde geahackt. evtl habe ich einne trojaner oder Malware an bord. könnt ihr mir hier weiterhelfen |
|
23.09.2017, 07:52
| #2 |
| | hier der lof file FrstFRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2017
durchgeführt von tony (Administrator) auf TJT (22-09-2017 15:48:07)
Gestartet von C:\Users\tony\Downloads
Geladene Profile: tony (Verfügbare Profile: tony)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Opera)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [WrtMon.exe] => C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-08-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [919032 2017-09-03] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9855192 2017-09-07] (Piriform Ltd)
HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\MountPoints2: {15fa7053-3bf2-11e7-843c-ac9e17ec3e92} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\MountPoints2: {57bcc7a8-250b-11e7-8418-ac9e17ec3e92} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\MountPoints2: {57bcc82d-250b-11e7-8418-ac9e17ec3e92} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-08-29]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{BB0E06B1-12B1-4EF0-B7F7-10A9974539AD}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001 -> {F2D2F267-FA34-4648-8409-C46047AF897E} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-05-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-06-27] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-27] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-05-16] (Microsoft Corporation)
BHO-x32: Wondershare Video Converter Ultimate -> {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} -> C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll [2013-12-19] (Wondershare Software Co., Ltd.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001 -> Kein Name - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - Keine Datei
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 6sz8oprv.default
FF ProfilePath: C:\Users\tony\AppData\Roaming\Mozilla\Firefox\Profiles\6sz8oprv.default [2017-09-22]
FF NewTab: Mozilla\Firefox\Profiles\6sz8oprv.default -> about:home
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\6sz8oprv.default -> Bing®
FF Homepage: Mozilla\Firefox\Profiles\6sz8oprv.default -> hxxps://www.google.de
FF NetworkProxy: Mozilla\Firefox\Profiles\6sz8oprv.default -> http", "138.68.41.90"
FF NetworkProxy: Mozilla\Firefox\Profiles\6sz8oprv.default -> http_port", 8080
FF Extension: (Avira Browserschutz) - C:\Users\tony\AppData\Roaming\Mozilla\Firefox\Profiles\6sz8oprv.default\Extensions\abs@avira.com.xpi [2017-09-04]
FF Extension: (Flash Video Downloader - YouTube HD Download [4K]) - C:\Users\tony\AppData\Roaming\Mozilla\Firefox\Profiles\6sz8oprv.default\Extensions\artur.dubovoy@gmail.com [2017-08-18]
FF Extension: (MEGA) - C:\Users\tony\AppData\Roaming\Mozilla\Firefox\Profiles\6sz8oprv.default\Extensions\firefox@mega.co.nz.xpi [2017-09-14]
FF Extension: (ProxTube - Gesperrte YouTube Videos entsperren) - C:\Users\tony\AppData\Roaming\Mozilla\Firefox\Profiles\6sz8oprv.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2017-09-04]
FF Extension: (Flash and Video Download) - C:\Users\tony\AppData\Roaming\Mozilla\Firefox\Profiles\6sz8oprv.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2017-08-28]
FF SearchPlugin: C:\Users\tony\AppData\Roaming\Mozilla\Firefox\Profiles\6sz8oprv.default\searchplugins\bing-lavasoft.xml [2015-12-21]
FF ProfilePath: C:\Users\tony\AppData\Roaming\KompoZer\Profiles\0iy2cnyj.default [2017-01-17]
FF Extension: (AboutConfig) - C:\Users\tony\AppData\Roaming\KompoZer\Profiles\0iy2cnyj.default\Extensions\aboutconfig@mozilla.org [2017-01-13] [ist nicht signiert]
FF Extension: (Kein Name) - C:\Users\tony\AppData\Roaming\KompoZer\Profiles\0iy2cnyj.default\Extensions\temp [2017-01-13] [ist nicht signiert]
FF Extension: (Deutsches (DE) Sprachpaket) - C:\Users\tony\AppData\Roaming\KompoZer\Profiles\0iy2cnyj.default\Extensions\{219999df-ab50-46e1-8ad9-518c53b078ab} [2017-01-13] [ist nicht signiert]
FF Extension: (NsmConText) - C:\Users\tony\AppData\Roaming\KompoZer\Profiles\0iy2cnyj.default\Extensions\{39584d1e-5e2f-45e9-8a7f-9da2f33bc71b} [2017-01-13] [ist nicht signiert]
FF Extension: (HandCoder) - C:\Users\tony\AppData\Roaming\KompoZer\Profiles\0iy2cnyj.default\Extensions\{c08886d0-420a-11da-8cd6-0800200c9a66} [2017-01-13] [ist nicht signiert]
FF Extension: (LoremIpsum Nvu) - C:\Users\tony\AppData\Roaming\KompoZer\Profiles\0iy2cnyj.default\Extensions\{e4bcdfa6-9c33-49d2-a6ee-cbc795a07deb} [2017-01-13] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt
FF Extension: (Wondershare Video Converter Ultimate) - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt [2015-08-29] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-04-02]
FF HKLM-x32\...\Firefox\Extensions: [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}] - C:\Program Files (x86)\SPEEDbit Video Downloader\SPFireFox => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2017-06-11] [ist nicht signiert]
FF HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-12] ()
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-12] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @qq.com/npchrome -> C:\Program Files (x86)\Common Files\Tencent\Npchrome\npchrome.dll [2017-08-26] (Tencent)
FF Plugin-x32: @qq.com/npqscall -> C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll [2017-08-26] (Tencent)
FF Plugin-x32: @qq.com/TXSSO -> C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.2.1\Bin\npSSOAxCtrlForPTLogin.dll [2013-04-08] (Tencent)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [chgdeabpmphfhkoemjjglmilajldekbp] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRChromePlugin.crx [2015-08-29]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-12-17]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Media Box) - C:\Users\tony\AppData\Roaming\Opera Software\Opera Stable\Extensions\hahppkipjinhdigdpgpkmbaoeilcnijo [2017-04-08]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-09-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-09-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-09-03] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1525240 2017-09-03] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [404816 2017-08-15] (Avira Operations GmbH & Co. KG)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-07-20] (IObit)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 61883; C:\Windows\System32\drivers\61883.sys [59904 2013-08-22] (Microsoft Corporation)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
S3 androidusb; C:\Windows\System32\Drivers\smdadb.sys [39624 2015-04-24] (Google Inc)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [118848 2016-08-09] (Advanced Micro Devices)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [60920 2017-06-20] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [176856 2017-09-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [167464 2017-09-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [44488 2017-03-29] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [88488 2017-03-29] (Avira Operations GmbH & Co. KG)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18816 2016-11-25] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.)
S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)
S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2016-03-16] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Datei ist nicht signiert]
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [Datei ist nicht signiert]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
R3 WsAudio_Device; C:\Windows\system32\drivers\VirtualAudio.sys [31080 2013-03-25] (Wondershare)
U3 aswbdisk; kein ImagePath
S1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUdisk64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-22 15:48 - 2017-09-22 15:48 - 000021874 _____ C:\Users\tony\Downloads\FRST.txt
2017-09-22 15:48 - 2017-09-22 15:48 - 000000000 ____D C:\FRST
2017-09-22 15:47 - 2017-09-22 15:47 - 002399744 _____ (Farbar) C:\Users\tony\Downloads\FRST64.exe
2017-09-22 15:44 - 2016-07-29 16:32 - 000000892 _____ C:\Windows\system32\Drivers\etc\hosts.20170922-154423.backup
2017-09-17 16:21 - 2017-09-17 16:21 - 000001893 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shotcut.lnk
2017-09-17 16:21 - 2017-09-17 16:21 - 000000000 ____D C:\Program Files (x86)\Shotcut
2017-09-17 16:06 - 2017-09-17 16:06 - 000000000 ____D C:\Users\tony\AppData\Local\Meltytech
2017-09-17 15:47 - 2017-09-17 15:48 - 000000000 ____D C:\Users\tony\Downloads\WINDOWS 8 UPDATE
2017-09-17 15:47 - 2017-09-17 15:48 - 000000000 ____D C:\Users\tony\Downloads\WINDOWS 7 UPDATE
2017-09-17 15:45 - 2017-09-17 18:38 - 000000000 ____D C:\Users\tony\Downloads\mavide15pr
2017-09-17 15:13 - 2017-09-17 15:36 - 000000000 ____D C:\Users\tony\Downloads\WINDOWS Treiber
2017-09-16 18:24 - 2017-09-16 18:24 - 000001025 _____ C:\Users\Public\Desktop\WinRAR.lnk
2017-09-16 18:24 - 2017-09-16 18:24 - 000000000 ____D C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-09-16 18:24 - 2017-09-16 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-09-16 18:24 - 2017-09-16 18:24 - 000000000 ____D C:\Program Files (x86)\WinRAR
2017-09-16 14:50 - 2017-09-16 19:00 - 000000000 __RHD C:\ESD
2017-09-16 10:07 - 2017-09-16 10:07 - 000000000 ____D C:\Users\tony\AppData\Local\Mein CEWE FOTOBUCH
2017-09-16 10:07 - 2017-09-16 10:07 - 000000000 ____D C:\Users\tony\.QtWebEngineProcess
2017-09-16 10:07 - 2017-09-16 10:07 - 000000000 ____D C:\Users\tony\.Mein CEWE FOTOBUCH
2017-09-16 10:07 - 2017-09-16 10:07 - 000000000 ____D C:\ProgramData\tmp
2017-09-16 10:07 - 2017-09-16 10:07 - 000000000 ____D C:\ProgramData\hps
2017-09-16 09:49 - 2017-09-16 15:44 - 000000000 ____D C:\Program Files\CEWE
2017-09-15 20:45 - 2017-09-21 19:21 - 000000000 ____D C:\Users\tony\Downloads\jg 065
2017-09-15 18:04 - 2017-09-15 18:12 - 000000000 ____D C:\Users\tony\Downloads\2016电影 Buddy Cops 刑警兄弟 HD1080P, 黄宗泽 金刚 曾志伟 徐子珊 方皓玟
2017-09-15 16:02 - 2017-09-15 16:09 - 000000000 ____D C:\Users\tony\Downloads\Kommando U S Seals (Action, Thriller, ganze Actionfilme auf Deutsch anschauen in voller Länge)
2017-09-14 19:19 - 2017-09-14 19:19 - 576578103 _____ C:\Users\tony\Downloads\Die Supermänner aus Shanghai _ EASTERN _ Ganzer Film (356p_25fps_H264-128kbit_AAC).mp4
2017-09-14 19:08 - 2017-09-14 19:35 - 000000000 ____D C:\Users\tony\Downloads\Piranhas II - Die Rache der Killerfische (1979) HORROR_ ABENTEUER
2017-09-14 17:42 - 2017-09-14 17:42 - 457008104 _____ C:\Users\tony\Downloads\Zwei tolle Hunde in Hong Kong (480p_25fps_H264-128kbit_AAC).mp4
2017-09-13 20:03 - 2017-09-13 20:06 - 028129611 _____ C:\Users\tony\Downloads\Old-Town-Central_booklet_EN.pdf
2017-09-13 20:03 - 2017-09-13 20:06 - 027362200 _____ C:\Users\tony\Downloads\Travellers-Guide_EN.pdf
2017-09-13 18:00 - 2017-09-13 18:12 - 547656756 _____ C:\Users\tony\Downloads\Film Horor Indonesia Terbaru 2017, Film Horor Indonesiaan full movie, Jgn Nonton Sendirian (720p_30fps_H264-192kbit_AAC).mp4
2017-09-13 17:33 - 2017-09-13 17:33 - 277090193 _____ C:\Users\tony\Downloads\Run រត់ (Khmer Zombie) (312p_30fps_H264-128kbit_AAC).mp4
2017-09-12 19:31 - 2017-09-12 19:31 - 000592727 _____ C:\Users\tony\Downloads\routemap.pdf
2017-09-10 18:56 - 2017-09-10 19:15 - 000000000 ____D C:\Users\tony\Downloads\s5gs-751
2017-09-09 17:54 - 2017-09-09 18:04 - 184236666 _____ C:\Users\tony\Downloads\kiw-2-998.mp4
2017-09-09 17:43 - 2017-09-14 17:32 - 000000000 ____D C:\Users\tony\Downloads\Wu Tang Collection - Iron Palm Heroine
2017-09-09 17:43 - 2017-09-14 17:32 - 000000000 ____D C:\Users\tony\Downloads\Wu Tang Collection - Honeymoon Killer
2017-09-09 17:43 - 2017-09-09 17:54 - 173599651 _____ C:\Users\tony\Downloads\kiw-1-292.mp4
2017-09-09 17:37 - 2017-09-09 17:37 - 000002370 _____ C:\Users\tony\Desktop\Mexicana - Deadly Holiday.lnk
2017-09-09 17:37 - 2017-09-09 17:37 - 000002203 _____ C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\AllGamesHome Games.lnk
2017-09-09 17:37 - 2017-09-09 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AllGamesHome.com
2017-09-09 17:35 - 2017-09-09 17:35 - 000000000 ____D C:\Program Files (x86)\AllGamesHome.com
2017-09-06 18:37 - 2017-09-07 19:05 - 000000000 ____D C:\Users\tony\Downloads\The Sleep Curse 2017 BluRay 720p 800MB Ganool
2017-09-06 18:17 - 2017-09-06 18:24 - 000000000 ____D C:\Users\tony\Downloads\Vampire cleanup department 2017 BluRay 720p x264 AAC-asian indomoviemania
2017-09-02 13:42 - 2017-09-14 19:37 - 000000000 ____D C:\Users\tony\Downloads\Wu Tang Collection - One Armed Magic Nun
2017-09-01 14:19 - 2017-03-20 07:16 - 000993632 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2017-09-01 14:19 - 2017-03-20 07:16 - 000987848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2017-09-01 14:19 - 2017-03-20 07:16 - 000690016 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2017-09-01 14:19 - 2017-03-20 07:16 - 000484552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2017-09-01 14:19 - 2016-11-30 08:34 - 000028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2017-09-01 14:19 - 2016-11-30 08:27 - 000030400 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2017-09-01 14:18 - 2017-07-14 05:58 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-09-01 14:18 - 2017-07-14 04:48 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-09-01 14:18 - 2017-07-14 03:50 - 001314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-09-01 14:18 - 2017-07-14 03:48 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-09-01 14:18 - 2017-07-08 19:45 - 007078912 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2017-09-01 14:18 - 2017-07-08 18:39 - 005274624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2017-09-01 14:18 - 2017-07-08 18:37 - 007797248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-09-01 14:18 - 2017-07-08 17:59 - 005270016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-09-01 14:18 - 2017-07-01 15:47 - 000144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-09-01 14:18 - 2017-06-15 16:16 - 001920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-09-01 14:18 - 2017-04-16 10:02 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-09-01 14:18 - 2017-04-16 09:40 - 000725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-09-01 14:18 - 2017-04-16 09:24 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-09-01 14:18 - 2017-04-16 09:23 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-09-01 14:18 - 2017-04-16 09:10 - 000330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-09-01 14:18 - 2017-04-16 09:02 - 000267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2017-09-01 14:17 - 2017-08-02 05:17 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-09-01 14:17 - 2017-07-21 15:40 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll
2017-09-01 14:17 - 2017-07-21 15:40 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll
2017-09-01 14:17 - 2017-07-15 12:10 - 000536688 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-09-01 14:17 - 2017-07-15 12:10 - 000140016 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2017-09-01 14:17 - 2017-07-15 12:06 - 000449840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-09-01 14:17 - 2017-07-15 12:06 - 000136832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2017-09-01 14:17 - 2017-07-14 22:08 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2017-09-01 14:17 - 2017-07-14 20:44 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2017-09-01 14:17 - 2017-07-14 08:49 - 025733632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-09-01 14:17 - 2017-07-14 08:44 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-09-01 14:17 - 2017-07-14 08:19 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-09-01 14:17 - 2017-07-14 07:35 - 005981184 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-09-01 14:17 - 2017-07-14 07:26 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-09-01 14:17 - 2017-07-14 07:10 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-09-01 14:17 - 2017-07-14 06:40 - 015254016 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-09-01 14:17 - 2017-07-14 06:23 - 003240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-09-01 14:17 - 2017-07-14 06:07 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-09-01 14:17 - 2017-07-14 04:54 - 020270080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-09-01 14:17 - 2017-07-14 04:38 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-09-01 14:17 - 2017-07-14 04:17 - 004546048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-09-01 14:17 - 2017-07-14 04:17 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-09-01 14:17 - 2017-07-14 04:12 - 000693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-09-01 14:17 - 2017-07-14 04:09 - 013663744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-09-01 14:17 - 2017-07-14 03:53 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-09-01 14:17 - 2017-07-08 22:14 - 000376672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2017-09-01 14:17 - 2017-07-08 21:12 - 004169728 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-09-01 14:17 - 2017-07-08 19:05 - 003631616 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-09-01 14:17 - 2017-07-08 18:23 - 002749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-09-01 14:17 - 2017-07-08 05:46 - 000377688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2017-09-01 14:17 - 2017-07-08 05:16 - 007440728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-09-01 14:17 - 2017-07-08 05:16 - 001674520 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-09-01 14:17 - 2017-07-08 05:16 - 001534072 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-09-01 14:17 - 2017-07-08 05:16 - 001499920 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-09-01 14:17 - 2017-07-08 05:16 - 001370328 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2017-09-01 14:17 - 2017-07-08 05:16 - 000086360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2017-09-01 14:17 - 2017-07-01 15:47 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2017-09-01 14:17 - 2017-07-01 15:47 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll
2017-09-01 14:17 - 2017-07-01 15:47 - 000641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-09-01 14:17 - 2017-07-01 15:47 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll
2017-09-01 14:17 - 2017-07-01 15:47 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2017-09-01 14:17 - 2017-07-01 15:47 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2017-09-01 14:17 - 2017-07-01 15:47 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2017-09-01 14:17 - 2017-07-01 15:47 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-09-01 14:17 - 2017-07-01 15:47 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2017-09-01 14:17 - 2017-07-01 15:47 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
2017-09-01 14:17 - 2017-07-01 15:47 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2017-09-01 14:17 - 2017-07-01 15:47 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll
2017-09-01 14:17 - 2017-06-24 18:46 - 000424448 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2017-09-01 14:17 - 2017-06-24 18:16 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprapi.dll
2017-09-01 14:17 - 2017-06-16 00:02 - 000990040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-09-01 14:17 - 2017-06-15 16:17 - 002551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-09-01 14:17 - 2017-06-13 19:51 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-09-01 14:17 - 2017-06-13 19:23 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2017-09-01 14:17 - 2017-06-13 19:19 - 000383488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2017-09-01 14:17 - 2017-06-13 19:16 - 000024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2017-09-01 14:17 - 2017-06-13 19:11 - 000238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2017-09-01 14:17 - 2017-06-13 19:07 - 000304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2017-09-01 14:17 - 2017-06-13 16:17 - 000656384 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2017-09-01 14:17 - 2017-06-13 16:16 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2017-09-01 14:17 - 2017-06-13 11:47 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2017-09-01 14:17 - 2017-06-13 11:09 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-09-01 14:17 - 2017-06-13 10:22 - 001436160 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-09-01 14:17 - 2017-06-13 10:16 - 000445952 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2017-09-01 14:17 - 2017-06-13 10:10 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2017-09-01 14:17 - 2017-06-13 10:07 - 000301568 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2017-09-01 14:17 - 2017-06-13 10:03 - 000302080 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2017-09-01 14:17 - 2017-06-13 09:54 - 000374272 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2017-09-01 14:17 - 2017-06-13 09:50 - 001547264 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2017-09-01 14:17 - 2017-06-12 02:14 - 000276320 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-09-01 14:17 - 2017-06-12 00:21 - 000590848 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2017-09-01 14:17 - 2017-06-11 23:43 - 000371200 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2017-09-01 14:17 - 2017-06-11 23:25 - 000478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2017-09-01 14:17 - 2017-06-11 23:15 - 001436672 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2017-09-01 14:17 - 2017-06-11 23:08 - 000358912 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-09-01 14:17 - 2017-06-11 23:07 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2017-09-01 14:17 - 2017-06-11 23:00 - 000962560 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-09-01 14:17 - 2017-06-11 22:58 - 000334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2017-09-01 14:17 - 2017-06-11 22:40 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2017-09-01 14:17 - 2017-06-11 22:35 - 000325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-09-01 14:17 - 2017-06-11 22:31 - 000781312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-09-01 14:17 - 2017-06-11 22:13 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\umrdp.dll
2017-09-01 14:17 - 2017-06-11 22:11 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2017-09-01 14:17 - 2017-06-11 22:02 - 002778112 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-09-01 14:17 - 2017-06-11 22:02 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2017-09-01 14:17 - 2017-06-11 21:52 - 002463744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2017-09-01 14:17 - 2017-06-11 17:15 - 002013528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-09-01 14:17 - 2017-06-09 15:47 - 000448629 _____ C:\Windows\system32\ApnDatabase.xml
2017-09-01 14:17 - 2017-06-08 19:01 - 001737600 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-09-01 14:17 - 2017-06-08 19:01 - 001502000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-09-01 14:17 - 2017-06-08 03:48 - 002457936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-09-01 14:17 - 2017-06-07 06:25 - 000428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-09-01 14:17 - 2017-06-06 22:52 - 003120640 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-01 14:17 - 2017-06-06 22:42 - 000925696 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2017-09-01 14:17 - 2017-06-06 22:38 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\cnvfat.dll
2017-09-01 14:17 - 2017-06-06 22:36 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\uudf.dll
2017-09-01 14:17 - 2017-06-06 22:36 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\convert.exe
2017-09-01 14:17 - 2017-06-06 22:35 - 000517120 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2017-09-01 14:17 - 2017-06-06 21:13 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\ulib.dll
2017-09-01 14:17 - 2017-06-06 21:11 - 000557568 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2017-09-01 14:17 - 2017-06-06 21:11 - 000220672 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll
2017-09-01 14:17 - 2017-06-06 21:11 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\ufat.dll
2017-09-01 14:17 - 2017-06-06 21:11 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\uexfat.dll
2017-09-01 14:17 - 2017-06-06 21:08 - 002712576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-09-01 14:17 - 2017-06-06 21:03 - 000837632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
2017-09-01 14:17 - 2017-06-06 20:59 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cnvfat.dll
2017-09-01 14:17 - 2017-06-06 20:57 - 000141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uudf.dll
2017-09-01 14:17 - 2017-06-06 20:56 - 000375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
2017-09-01 14:17 - 2017-06-06 20:38 - 000607232 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2017-09-01 14:17 - 2017-06-06 20:03 - 000143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ulib.dll
2017-09-01 14:17 - 2017-06-06 20:02 - 000513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2017-09-01 14:17 - 2017-06-06 20:02 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ifsutil.dll
2017-09-01 14:17 - 2017-06-06 20:02 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ufat.dll
2017-09-01 14:17 - 2017-06-06 20:02 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uexfat.dll
2017-09-01 14:17 - 2017-06-06 19:44 - 000530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2017-09-01 14:17 - 2017-06-03 18:27 - 002346496 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-09-01 14:17 - 2017-06-03 18:03 - 001549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-09-01 14:17 - 2017-06-02 14:15 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-09-01 14:17 - 2017-06-02 14:12 - 000468992 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-09-01 14:17 - 2017-06-02 14:12 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-09-01 14:17 - 2017-06-02 14:06 - 001001984 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-09-01 14:17 - 2017-06-02 14:01 - 000774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-09-01 14:17 - 2017-06-02 13:03 - 000903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-09-01 14:17 - 2017-06-02 12:25 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-09-01 14:17 - 2017-06-02 12:24 - 000391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-09-01 14:17 - 2017-06-02 12:17 - 000699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-09-01 14:17 - 2017-06-02 11:43 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-09-01 14:17 - 2017-05-31 23:20 - 000470360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-09-01 14:17 - 2017-05-27 18:42 - 001115136 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2017-09-01 14:17 - 2017-05-27 18:38 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\rdsdwmdr.dll
2017-09-01 14:17 - 2017-05-16 00:09 - 000057688 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2017-09-01 14:17 - 2017-05-15 22:03 - 000379744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-09-01 14:17 - 2017-05-15 21:58 - 000121184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2017-09-01 14:17 - 2017-05-14 22:19 - 001364040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-09-01 14:17 - 2017-05-14 21:04 - 000315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-09-01 14:17 - 2017-05-14 21:03 - 000373080 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-09-01 14:17 - 2017-05-14 20:13 - 000136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-09-01 14:17 - 2017-05-12 19:05 - 000035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-09-01 14:17 - 2017-05-12 18:16 - 001084928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-09-01 14:17 - 2017-05-12 18:13 - 001559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-09-01 14:17 - 2017-05-12 17:51 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-09-01 14:17 - 2017-05-12 17:50 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-09-01 14:17 - 2017-05-12 17:48 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-09-01 14:17 - 2017-05-12 17:47 - 000726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-09-01 14:17 - 2017-05-12 06:10 - 000044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-09-01 14:17 - 2017-05-12 04:58 - 001985536 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-09-01 14:17 - 2017-05-12 04:48 - 001377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-09-01 14:17 - 2017-05-12 04:18 - 003714560 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-09-01 14:17 - 2017-05-12 04:11 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-09-01 14:17 - 2017-05-12 04:10 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-09-01 14:17 - 2017-05-12 04:07 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2017-09-01 14:17 - 2017-05-12 04:06 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-09-01 14:17 - 2017-05-12 04:04 - 000897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-09-01 14:17 - 2017-05-12 04:00 - 002240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-09-01 14:17 - 2017-05-12 01:36 - 022361848 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-01 14:17 - 2017-05-12 01:32 - 019788672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-09-01 14:17 - 2017-05-10 20:19 - 000101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-09-01 14:17 - 2017-05-09 16:37 - 000658432 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2017-09-01 14:17 - 2017-05-09 16:35 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2017-09-01 14:17 - 2017-05-09 16:29 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsdchngr.dll
2017-09-01 14:17 - 2017-05-09 16:29 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\snmptrap.exe
2017-09-01 14:17 - 2017-05-09 16:28 - 000193024 _____ (Microsoft Corporation) C:\Windows\system32\DAFWSD.dll
2017-09-01 14:17 - 2017-05-09 16:28 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2017-09-01 14:17 - 2017-05-06 18:05 - 001094656 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-01 14:17 - 2017-05-06 18:04 - 000865792 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-01 14:17 - 2017-05-02 22:09 - 000686592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-09-01 14:17 - 2017-05-02 22:08 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-09-01 14:17 - 2017-05-02 22:08 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-09-01 14:17 - 2017-05-02 20:41 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2017-09-01 14:17 - 2017-05-02 20:31 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2017-09-01 14:17 - 2017-05-02 20:31 - 000207360 _____ (Microsoft Corporation) C:\Windows\system32\smbwmiv2.dll
2017-09-01 14:17 - 2017-05-02 19:35 - 000031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2017-09-01 14:17 - 2017-04-30 18:48 - 000080078 _____ C:\Windows\system32\normidna.nls
2017-09-01 14:17 - 2017-04-28 03:13 - 001292288 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-09-01 14:17 - 2017-04-28 03:11 - 001060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2017-09-01 14:17 - 2017-04-16 12:23 - 002176584 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-09-01 14:17 - 2017-04-16 12:23 - 001662096 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-01 14:17 - 2017-04-16 12:23 - 001063464 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2017-09-01 14:17 - 2017-04-16 12:18 - 001135288 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-09-01 14:17 - 2017-04-16 12:18 - 000803192 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-09-01 14:17 - 2017-04-16 11:07 - 001566032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-09-01 14:17 - 2017-04-16 11:07 - 001213792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-09-01 14:17 - 2017-04-16 11:07 - 000548032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2017-09-01 14:17 - 2017-04-16 11:05 - 000612096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-09-01 14:17 - 2017-04-16 10:54 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-09-01 14:17 - 2017-04-16 10:51 - 002899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-09-01 14:17 - 2017-04-16 10:37 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-09-01 14:17 - 2017-04-16 10:16 - 000862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-09-01 14:17 - 2017-04-16 10:10 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-09-01 14:17 - 2017-04-16 10:03 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-09-01 14:17 - 2017-04-16 10:00 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-09-01 14:17 - 2017-04-16 10:00 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-09-01 14:17 - 2017-04-16 09:53 - 002290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-09-01 14:17 - 2017-04-16 09:43 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-09-01 14:17 - 2017-04-16 09:40 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-09-01 14:17 - 2017-04-16 09:37 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-09-01 14:17 - 2017-04-16 09:29 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-09-01 14:17 - 2017-04-16 09:22 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-01 14:17 - 2017-04-16 09:22 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-09-01 14:17 - 2017-04-16 09:12 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-09-01 14:17 - 2017-04-16 09:08 - 002057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-09-01 14:17 - 2017-04-10 00:00 - 001548640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-09-01 14:17 - 2017-04-10 00:00 - 000388448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-09-01 14:17 - 2017-04-06 19:16 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2017-09-01 14:17 - 2017-04-06 18:46 - 000434688 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-09-01 14:17 - 2017-04-06 18:35 - 001362432 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2017-09-01 14:17 - 2017-04-06 18:15 - 000358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-09-01 14:17 - 2017-04-06 17:44 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2017-09-01 14:17 - 2017-04-02 16:49 - 000186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2017-09-01 14:17 - 2017-04-01 01:16 - 001968408 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-09-01 14:17 - 2017-03-31 23:59 - 001612504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-09-01 14:17 - 2017-03-13 18:38 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\wmitomi.dll
2017-09-01 14:17 - 2017-03-13 18:29 - 002609664 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-09-01 14:17 - 2017-03-13 18:25 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2017-09-01 14:17 - 2017-03-13 18:13 - 000159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmitomi.dll
2017-09-01 14:17 - 2017-03-13 18:07 - 002170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-09-01 14:17 - 2017-03-13 18:06 - 000236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2017-09-01 14:17 - 2017-03-09 22:52 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2017-09-01 14:17 - 2017-03-09 21:17 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2017-08-26 19:29 - 2017-09-16 18:56 - 000000000 ____D C:\Users\tony\Documents\Tencent Files
2017-08-26 19:28 - 2017-08-26 19:28 - 000000000 ____D C:\Users\Public\Documents\Tencent
2017-08-26 19:28 - 2017-08-26 19:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
2017-08-26 19:28 - 2009-02-18 08:51 - 000018760 _____ C:\Windows\SysWOW64\QQVistaHelper.dll
2017-08-24 20:45 - 2017-08-24 20:45 - 000000000 ____D C:\Program Files\iTunes
2017-08-24 20:44 - 2017-09-16 16:17 - 000000000 ____D C:\Program Files\Common Files\Apple
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-22 15:45 - 2016-11-20 18:00 - 000000000 ____D C:\Users\tony\AppData\LocalLow\Mozilla
2017-09-22 15:29 - 2014-03-18 12:03 - 001776918 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-22 15:29 - 2014-03-18 11:25 - 000764340 _____ C:\Windows\system32\perfh007.dat
2017-09-22 15:29 - 2014-03-18 11:25 - 000159160 _____ C:\Windows\system32\perfc007.dat
2017-09-22 15:29 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2017-09-22 15:28 - 2015-08-29 10:58 - 000003906 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4E614DAB-C428-4A6B-8D63-129E43A2F0CF}
2017-09-22 15:27 - 2015-12-23 18:02 - 000000000 ____D C:\Program Files (x86)\Opera
2017-09-22 15:23 - 2017-04-16 15:14 - 000000378 _____ C:\Windows\Tasks\MAGIX Connector.job
2017-09-22 15:23 - 2016-06-23 20:04 - 000003754 _____ C:\Windows\System32\Tasks\AutoKMS
2017-09-22 15:22 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-21 19:22 - 2017-04-03 19:37 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2017-09-21 18:47 - 2015-08-29 11:14 - 000000000 ____D C:\Users\tony\AppData\Roaming\vlc
2017-09-21 18:36 - 2015-08-29 11:08 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1646258700-1999135678-1155189212-1001
2017-09-18 18:08 - 2015-09-02 20:30 - 129588224 ___SH C:\Users\tony\Downloads\Thumbs.db
2017-09-18 16:08 - 2015-08-29 10:57 - 000000000 ____D C:\Users\tony\AppData\Local\Packages
2017-09-17 20:04 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2017-09-17 19:31 - 2015-10-18 10:32 - 000000000 ____D C:\Users\tony\AppData\Local\JDownloader 2.0
2017-09-16 18:41 - 2016-02-15 17:43 - 000000000 ____D C:\Program Files\CCleaner
2017-09-16 18:25 - 2015-08-30 16:45 - 000000000 ____D C:\Users\tony\AppData\Roaming\WinRAR
2017-09-16 18:22 - 2017-01-12 19:12 - 000000000 ____D C:\ProgramData\ProductData
2017-09-16 16:54 - 2015-09-03 19:49 - 000000000 ____D C:\Program Files (x86)\MAGIX
2017-09-16 16:53 - 2015-09-03 19:50 - 000000000 ___RD C:\Users\tony\Documents\MAGIX
2017-09-16 16:53 - 2015-09-03 19:49 - 000000000 ____D C:\Users\Public\Documents\MAGIX
2017-09-16 16:53 - 2015-09-03 19:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2017-09-16 16:47 - 2015-12-16 18:32 - 000000000 ____D C:\Users\tony\Desktop\Tor Browser
2017-09-16 16:46 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-16 16:46 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2017-09-16 16:26 - 2015-08-29 11:17 - 000000000 ____D C:\ProgramData\Wondershare Video Converter Ultimate
2017-09-16 16:18 - 2017-08-22 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com
2017-09-16 16:17 - 2017-02-25 20:21 - 000000000 ____D C:\Users\tony\AppData\Roaming\IrfanView
2017-09-16 16:17 - 2015-12-25 14:57 - 000000000 ____D C:\ProgramData\Apple
2017-09-16 10:07 - 2015-08-29 10:57 - 000000000 ____D C:\Users\tony
2017-09-16 09:52 - 2015-08-29 11:07 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-14 19:07 - 2017-01-12 19:45 - 000000000 ____D C:\Users\tony\AppData\Local\CrashDumps
2017-09-12 18:51 - 2015-12-26 22:41 - 000004468 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-09-12 18:51 - 2015-08-29 20:37 - 000004342 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-09-12 18:51 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-09-12 18:51 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2017-09-09 19:33 - 2017-08-04 13:59 - 000000000 ____D C:\Users\tony\AppData\Roaming\qBittorrent
2017-09-08 22:58 - 2015-09-04 19:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-09-05 17:22 - 2016-11-26 20:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-05 17:22 - 2015-08-29 11:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-03 12:30 - 2015-09-04 19:31 - 000176856 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2017-09-03 12:30 - 2015-09-04 19:31 - 000167464 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2017-09-02 09:15 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2017-09-01 20:40 - 2016-06-27 18:28 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-01 14:34 - 2016-05-10 18:25 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2017-09-01 14:34 - 2016-05-10 18:25 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-09-01 14:34 - 2015-12-30 10:48 - 000741560 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-01 14:33 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2017-09-01 14:33 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\PolicyDefinitions
2017-09-01 14:25 - 2015-08-29 13:30 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-09-01 14:24 - 2016-05-10 18:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-09-01 14:22 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2017-09-01 14:21 - 2015-08-30 19:57 - 000000000 ____D C:\Windows\system32\MRT
2017-09-01 14:21 - 2013-08-22 15:25 - 000000167 _____ C:\Windows\win.ini
2017-09-01 14:20 - 2015-08-30 19:57 - 140394280 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-08-31 19:24 - 2015-12-06 17:34 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-31 16:27 - 2017-01-12 19:11 - 000000000 ____D C:\ProgramData\Avg
2017-08-31 16:26 - 2017-01-12 19:11 - 000000000 ____D C:\Users\tony\AppData\Local\AvgSetupLog
2017-08-31 16:20 - 2016-07-15 09:10 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-08-31 15:49 - 2017-08-18 15:33 - 000000000 ____D C:\Program Files (x86)\Google
2017-08-31 15:48 - 2016-02-15 17:43 - 000000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-08-26 19:50 - 2015-12-29 20:42 - 000000000 ____D C:\Users\tony\AppData\Roaming\Tencent
2017-08-26 19:28 - 2015-12-29 20:42 - 000000000 ____D C:\Program Files (x86)\Tencent
2017-08-24 20:41 - 2016-05-14 10:31 - 000000000 ____D C:\ProgramData\WindSolutions
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2009-05-26 09:26 - 2009-05-26 09:26 - 000097336 _____ (Un4seen Developments) C:\Program Files (x86)\bass.dll
2009-05-26 09:26 - 2009-05-26 09:26 - 000013872 _____ (Un4seen Developments) C:\Program Files (x86)\basscd.dll
2009-05-26 09:26 - 2009-05-26 09:26 - 000102912 _____ (Albert L Faber) C:\Program Files (x86)\CDRip.dll
2009-05-26 09:26 - 2009-05-26 09:26 - 000155136 _____ () C:\Program Files (x86)\lame_enc.dll
2009-05-26 09:26 - 2009-05-26 09:26 - 000623616 _____ (Ivan Bischof ©2003 - 2005) C:\Program Files (x86)\No23 Recorder.exe
2009-05-26 09:26 - 2009-05-26 09:26 - 000029184 _____ () C:\Program Files (x86)\no23xwrapper.dll
2009-05-26 09:26 - 2009-05-26 09:26 - 000015872 _____ () C:\Program Files (x86)\ogg.dll
2009-04-09 17:08 - 2009-04-09 17:08 - 000001476 _____ () C:\Program Files (x86)\RecConfig.xml
2009-05-26 09:26 - 2009-05-26 09:26 - 000143872 _____ () C:\Program Files (x86)\vorbis.dll
2009-05-26 09:26 - 2009-05-26 09:26 - 000064000 _____ () C:\Program Files (x86)\vorbisenc.dll
2009-05-26 09:26 - 2009-05-26 09:26 - 000019456 _____ () C:\Program Files (x86)\vorbisfile.dll
2015-12-29 20:42 - 2015-12-29 20:42 - 000000056 _____ () C:\Users\tony\AppData\Roaming\coreavc.ini
2017-02-18 22:01 - 2017-06-16 15:39 - 000018524 _____ () C:\Users\tony\AppData\Roaming\log.sflog
2017-02-25 20:41 - 2017-02-25 20:41 - 000003584 _____ () C:\Users\tony\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-28 08:25 - 2016-03-28 08:25 - 000001454 _____ () C:\Users\tony\AppData\Local\RecConfig.xml
2017-05-13 13:54 - 2017-05-13 13:54 - 000011772 _____ () C:\Users\tony\AppData\Local\recently-used.xbel
2016-05-21 09:48 - 2017-07-19 19:52 - 000000040 ___SH () C:\ProgramData\.zreglib
2017-02-10 14:56 - 2017-02-10 14:56 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-05-01 13:47 - 2017-05-01 13:47 - 000000060 _____ () C:\ProgramData\SoftwareUpdateTemp.xml
Einige Dateien in TEMP:
====================
2014-09-24 00:42 - 2014-09-24 00:42 - 000013824 _____ () C:\Users\tony\AppData\Local\Temp\gkey.exe
2017-09-16 16:17 - 2016-08-21 12:17 - 000138720 _____ (Irfan Skiljan, IrfanView) C:\Users\tony\AppData\Local\Temp\iv_uninstall.exe
2015-04-13 00:04 - 2015-04-13 00:04 - 000027648 _____ () C:\Users\tony\AppData\Local\Temp\pkeyui.exe
2015-04-12 22:08 - 2017-09-17 15:29 - 000050848 _____ () C:\Users\tony\AppData\Local\Temp\wabk.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-09-13 17:16
==================== Ende von FRST.txt ============================
|
|
23.09.2017, 07:54
| #3 |
| | logfile Adition FRST Additions Logfile:
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-09-2017
durchgeführt von tony (22-09-2017 15:48:23)
Gestartet von C:\Users\tony\Downloads
Windows 8.1 (Update) (X64) (2015-08-29 08:57:40)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1646258700-1999135678-1155189212-500 - Administrator - Disabled)
Gast (S-1-5-21-1646258700-1999135678-1155189212-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1646258700-1999135678-1155189212-1004 - Limited - Enabled)
tony (S-1-5-21-1646258700-1999135678-1155189212-1001 - Administrator - Enabled) => C:\Users\tony
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1394 OHCI Compliant Host Controller (Legacy) (HKLM-x32\...\{B12878BB-DA05-4F25-96E7-E0200428B220}) (Version: 0.0.1 - Microsoft Corporation)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.19 - Adobe Systems)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Anti-Twin (Installation 29.08.2015) (HKLM-x32\...\Anti-Twin 2015-08-29 13.26.40) (Version: - Joerg Rosenthal, Germany)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.5.1.0 - SlySoft)
Avira (HKLM-x32\...\{4771539a-931b-4378-8d4a-721ba62effca}) (Version: 1.2.95.14694 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{C22F76F2-AC9E-44BA-B297-71485F94022F}) (Version: 1.2.95.14694 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.30.29 - Avira Operations GmbH & Co. KG)
Big Fish Games: Game Manager (HKLM-x32\...\BFGC) (Version: 2.0.0.8 - )
Catalyst Control Center Next Localization BR (HKLM\...\{5643CFCB-ECB4-8F38-4C6E-794F9CB9BDB6}) (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{1290D845-0675-069A-21F6-AF7B91157922}) (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{DBBA5556-18DB-35E7-B5B8-77C2F821F66D}) (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{3DAA0DB9-83E9-A0FF-0AE2-30A5145A4DA0}) (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{5E7A41DF-D1E1-FC64-F6C4-30D276CD45D7}) (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{78B9CFEE-00CF-7B3E-197F-5B78481C0AE5}) (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{BB165852-53D6-7CB5-A67F-47C56E96BD2E}) (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{B3C7690E-99AA-84F2-6BFA-EE260C91342D}) (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{4C18AE3B-9985-4058-CA9B-8C4FE916CD4F}) (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{793A2D28-277E-63B5-775E-1C01DBF71E3F}) (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{7D5F90E3-DD9F-ABE8-5094-4993DCEFE55A}) (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{E8F8578A-3924-E9B9-5904-DA148C61CB34}) (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{9369B8C5-8BC8-5267-3250-8FF7C6FCB658}) (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CCC33275-AE1F-9AD4-4C52-38FC18220DD4}) (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{932E6691-759F-9227-30B5-9B8AD513CE15}) (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{6A7C146E-AE92-B9EB-580F-FD92F7A7A9AC}) (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{C94F6D95-D84E-70C6-6FF1-800D4549B814}) (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{DFA784B7-3E18-4BB1-6541-F2D6F4E8C93B}) (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{1541A89F-FF1C-B9FE-FE90-CBB60B4768DA}) (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{9E26B24A-98E6-BD87-63EF-08F4BD1C82A9}) (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{AC3CA38B-562B-C8A9-B26F-8BA993CD4F54}) (Version: 2017.0316.1721.29397 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.34 - Piriform)
Epson Benutzerhandbuch WF-3520 Series (HKLM-x32\...\WF-3520 Series Useg) (Version: - )
Epson Connect Guide (HKLM-x32\...\Epson Connect Guide) (Version: - )
Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.31.00 - SEIKO EPSON CORPORATION)
Epson Netzwerkhandbuch WF-3520 Series (HKLM-x32\...\WF-3520 Series Netg) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON WF-3520 Series Printer Uninstall (HKLM\...\EPSON WF-3520 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FileZilla Client 3.24.0 (HKLM-x32\...\FileZilla Client) (Version: 3.24.0 - Tim Kosse)
FLV Downloader (xmlbar) (nur entfernen) (HKLM-x32\...\Xmlbar FLVDownloader) (Version: - )
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
MAGIX Connector (HKLM-x32\...\MAGIX_connector_is1) (Version: 2.5.1.55 - simplitec GmbH)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Foto Designer 7 (HKLM\...\{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}) (Version: 7.0.1.1 - MAGIX AG) Hidden
MAGIX Foto Designer 7 (HKLM-x32\...\MAGIX_{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}) (Version: 7.0.1.1 - MAGIX AG)
MAGIX Music Maker 2013 Premium Soundpools (HKLM\...\{E9C22D9E-F51D-4CE5-959C-2144D8972787}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Soundpools (HKLM\...\{BF4C9E0E-A720-46C6-9C23-1E77B17355FB}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Soundpool Music Maker - Feel good (HKLM\...\{A4BF76B3-070C-4F49-87AF-C4B6D5EE6A9B}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM\...\{7960D234-68BA-4F77-8016-9D1C16915ABC}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{7960D234-68BA-4F77-8016-9D1C16915ABC}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (HKLM\...\{B9D9D873-ADDA-4D0C-B691-0F323C6DD62A}) (Version: 15.0.0.62 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (HKLM\...\MX.{B9D9D873-ADDA-4D0C-B691-0F323C6DD62A}) (Version: 15.0.0.62 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (NewBlue ActionCam Package) (HKLM\...\{02C01AE1-F497-475A-AA45-43E41A495136}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (NewBlue ActionCam Package) (HKLM\...\MX.{02C01AE1-F497-475A-AA45-43E41A495136}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (proDAD Mercalli V4) (HKLM\...\{89CF4765-0012-4619-BA4E-1571376A25CA}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (proDAD Mercalli V4) (HKLM\...\MX.{89CF4765-0012-4619-BA4E-1571376A25CA}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium Update (HKLM\...\{7751963F-7D88-4626-BEFE-9A848F7400B4}) (Version: 15.0.0.90 - MAGIX Software GmbH) Hidden
MAGIX Video Pro X7 (Designelemente) (HKLM\...\{10FF2952-0E0E-48B3-A536-BB112AF2CB51}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video Pro X7 (Designelemente) (HKLM\...\MX.{10FF2952-0E0E-48B3-A536-BB112AF2CB51}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video Pro X7 (Filmvorlagen) (HKLM\...\{515110FD-B44B-460B-AC42-63EBF05B6082}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video Pro X7 (Filmvorlagen) (HKLM\...\MX.{515110FD-B44B-460B-AC42-63EBF05B6082}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video Pro X7 (Fotoshow Maker-Stile) (HKLM\...\{AD8221A0-591D-4CBE-AA2A-FE0B705D148B}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video Pro X7 (Fotoshow Maker-Stile) (HKLM\...\MX.{AD8221A0-591D-4CBE-AA2A-FE0B705D148B}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video Pro X7 (HKLM\...\{317B58FE-6117-4601-913A-9BA64BCA6535}) (Version: 14.0.0.96 - MAGIX Software GmbH) Hidden
MAGIX Video Pro X7 (HKLM\...\MX.{317B58FE-6117-4601-913A-9BA64BCA6535}) (Version: 14.0.0.96 - MAGIX Software GmbH)
MAGIX Video Pro X7 (Individuelle Menüvorlagen) (HKLM\...\{B174182A-7D02-4D1D-9AAE-F210FAF0692D}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video Pro X7 (Individuelle Menüvorlagen) (HKLM\...\MX.{B174182A-7D02-4D1D-9AAE-F210FAF0692D}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video Pro X7 (Menüvorlagen) (HKLM\...\{585CA335-503C-4237-A4B2-F25F58A83D98}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video Pro X7 (Menüvorlagen) (HKLM\...\MX.{585CA335-503C-4237-A4B2-F25F58A83D98}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video Pro X7 (proDAD Mercalli V4) (HKLM\...\{5941BA8B-E170-4F1F-B42F-90F49E1C07F7}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video Pro X7 (proDAD Mercalli V4) (HKLM\...\MX.{5941BA8B-E170-4F1F-B42F-90F49E1C07F7}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video Pro X7 (Soundtrack Maker-Stile) (HKLM\...\{7B739F29-AB56-4898-92F7-F62816308A19}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video Pro X7 (Soundtrack Maker-Stile) (HKLM\...\MX.{7B739F29-AB56-4898-92F7-F62816308A19}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video Pro X7 (Titeleffekte) (HKLM\...\{7384156B-EA84-4910-B4E1-611A83CF1B6E}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video Pro X7 (Titeleffekte) (HKLM\...\MX.{7384156B-EA84-4910-B4E1-611A83CF1B6E}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video Pro X7 (Überblendeffekte) (HKLM\...\{FACEE989-3F19-486A-AD92-D905EF0B790A}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video Pro X7 (Überblendeffekte) (HKLM\...\MX.{FACEE989-3F19-486A-AD92-D905EF0B790A}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video Pro X7 (Video deluxe - Designelemente) (HKLM\...\{0F8A6506-BF6B-4876-9A75-B42628EC8A21}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video Pro X7 (Video deluxe - Designelemente) (HKLM\...\MX.{0F8A6506-BF6B-4876-9A75-B42628EC8A21}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video Pro X7 (Video deluxe - Filmvorlagen 1) (HKLM\...\{198E071A-7480-439C-B89C-02283266E445}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video Pro X7 (Video deluxe - Filmvorlagen 1) (HKLM\...\MX.{198E071A-7480-439C-B89C-02283266E445}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video Pro X7 (Video deluxe - Filmvorlagen 2) (HKLM\...\{7DEE0B93-30F1-4FF8-BC11-785F1132F34B}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video Pro X7 (Video deluxe - Filmvorlagen 2) (HKLM\...\MX.{7DEE0B93-30F1-4FF8-BC11-785F1132F34B}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video Pro X7 (Video deluxe - Filmvorlagen 3) (HKLM\...\{7335C37E-408F-4DC4-8933-CA3ECD90EB9B}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video Pro X7 (Video deluxe - Filmvorlagen 3) (HKLM\...\MX.{7335C37E-408F-4DC4-8933-CA3ECD90EB9B}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video Pro X7 (Video deluxe - Fotoshow Maker-Stile) (HKLM\...\{77E73225-F4FA-45EB-8A6E-63C956600BE2}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video Pro X7 (Video deluxe - Fotoshow Maker-Stile) (HKLM\...\MX.{77E73225-F4FA-45EB-8A6E-63C956600BE2}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video Pro X7 (Video deluxe - Individuelle Menüvorlagen) (HKLM\...\{76F5F102-A3E4-4A75-B692-5C98397B213E}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video Pro X7 (Video deluxe - Individuelle Menüvorlagen) (HKLM\...\MX.{76F5F102-A3E4-4A75-B692-5C98397B213E}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video Pro X7 (Video deluxe - Menüvorlagen) (HKLM\...\{F8204A38-51E3-4C1C-A3F1-859D31ADC303}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video Pro X7 (Video deluxe - Menüvorlagen) (HKLM\...\MX.{F8204A38-51E3-4C1C-A3F1-859D31ADC303}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video Pro X7 (Video deluxe - Titeleffekte) (HKLM\...\{C3D96884-356D-4CEE-B2EB-79D91DBC7BB5}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video Pro X7 (Video deluxe - Titeleffekte) (HKLM\...\MX.{C3D96884-356D-4CEE-B2EB-79D91DBC7BB5}) (Version: 1.0.0.0 - MAGIX Software GmbH)
Mexicana - Deadly Holiday (HKLM-x32\...\Mexicana - Deadly Holiday_is1) (Version: 1.0 - My World My Apps Ltd.)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
Music Maker (HKLM\...\{D5FF45D3-3AE3-4490-85DE-04D059606382}) (Version: 25.0.0.23 - MAGIX Software GmbH) Hidden
Music Maker (HKLM-x32\...\MX.{D5FF45D3-3AE3-4490-85DE-04D059606382}) (Version: 25.0.0.23 - MAGIX Software GmbH)
Music Maker Update (HKLM\...\{39CB0160-A534-40FE-BF01-9D45A9BEEA3B}) (Version: 25.0.0.24 - MAGIX Software GmbH) Hidden
NewBlue ActionCam Package (HKLM-x32\...\NewBlue ActionCam Package) (Version: 1.0 - NewBlue)
NewBlue Titler EX for MAGIX (HKLM-x32\...\NewBlue Titler EX for MAGIX) (Version: 1.0 - NewBlue)
Opera Stable 39.0.2256.48 (HKLM-x32\...\Opera 39.0.2256.48) (Version: 39.0.2256.48 - Opera Software)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
proDAD Mercalli NLE 4.0 (64bit) (HKLM\...\proDAD-MercalliPlugins-4.0) (Version: 4.0.467.1 - proDAD GmbH)
QQ International (HKLM-x32\...\{3CA54984-A14B-42FE-9FF1-7EA90151D725}) (Version: 1.91.1369.0 - Tencent Technology(Shenzhen) Company Limited)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
RarZilla Free Unrar (HKLM-x32\...\RarZilla Free Unrar) (Version: 6.50 - Philipp Winterberg)
Shotcut (HKLM-x32\...\Shotcut) (Version: - )
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Vita 2 (HKLM\...\{E0CF0134-98F1-46CA-87F1-AE887D0CFEFB}) (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita 2 Zusatzcontent (HKLM\...\{6F97C05E-DC9E-4CE7-9BF4-C6473541069B}) (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita Bass Machine (HKLM\...\{FBE9C9B2-F652-48FC-9770-EFDCE387FB49}) (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita Concert Grand LE (HKLM\...\{52612301-8B97-41AB-B740-CD1CE44305DC}) (Version: 2.4.0.95 - MAGIX Software GmbH) Hidden
Vita Rock Drums (HKLM\...\{0354057E-E123-41F9-B650-1F459D61AF7C}) (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita String Ensemble (HKLM\...\{2AEAFCA1-7EC4-4097-8A25-C3C5DF366AC6}) (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita World Percussion (HKLM\...\{69EF0CC4-698D-42B4-84C2-CE4CBA11DE1F}) (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
Windows-Treiberpaket - Google Corporation (androidusb) USB (04/20/2015 1.0.0018.00000) (HKLM\...\5BAEDAE1FDD50B7653C3BF0764CF27189A23603B) (Version: 04/20/2015 1.0.0018.00000 - Google Corporation)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (11/28/2013 2.0.0018.00000) (HKLM\...\724A5661585DAD3C707B84BACF43F64B5E070CE5) (Version: 11/28/2013 2.0.0018.00000 - Google, Inc.)
Windows-Treiberpaket - SAMSUNG Electronics Co., Ltd. (WinUSB) AndroidUsbDeviceClass (06/10/2014 2.11.10.0) (HKLM\...\19CBC797AE23190CD0F3C85E76495B645F0154C4) (Version: 06/10/2014 2.11.10.0 - SAMSUNG Electronics Co., Ltd. )
WinRAR 5.50 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WYSIWYG Web Builder 9 (HKLM-x32\...\WYSIWYG_Web_Builder_9) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-09-03] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2013-08-23] ()
ContextMenuHandlers2: [MyPictures3D] -> {AA7A03E6-7FA5-42E7-9D7A-9A2A4E344B3F} => -> Keine Datei
ContextMenuHandlers2: [Photo! 3D ScreenSaver] -> {AA7A03E6-7FA5-42E7-9D7A-9A2A4E344B3F} => -> Keine Datei
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [MyPictures3D] -> {AA7A03E6-7FA5-42E7-9D7A-9A2A4E344B3F} => -> Keine Datei
ContextMenuHandlers4: [Photo! 3D ScreenSaver] -> {AA7A03E6-7FA5-42E7-9D7A-9A2A4E344B3F} => -> Keine Datei
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-03-16] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-09-03] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0084C63F-6FE8-45CF-88C4-FADECFF5A037} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {010B2B49-53E6-431C-A58C-5DB3691159A5} - System32\Tasks\{C9C6CF9D-9536-4964-9232-8198BFB07061} => C:\Windows\system32\pcalua.exe -a C:\Users\tony\Downloads\ccc\WinEMUSetup.exe -d C:\Users\tony\Downloads\ccc
Task: {16B3E7AE-7FB8-48C5-A128-EC312FE82399} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-03-16] (Advanced Micro Devices, Inc.)
Task: {1DE956D0-3FA9-4262-91CF-83176869A2B9} - \Browsing Secure Updater -> Keine Datei <==== ACHTUNG
Task: {25DEECD9-7152-46DE-8AF0-450B7FF6C295} - System32\Tasks\{4473590F-C4E3-4611-B063-E4CA5BA3994F} => C:\Windows\system32\pcalua.exe -a G:\DirectX\dxsetup.exe -d G:\DirectX
Task: {2D62A4B4-1C5F-4640-819A-088408BC9B90} - System32\Tasks\{88910A6E-D85E-4F36-999B-E976620EBDEB} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\My Pictures 3D\My Pictures 3D Album\mypic3dalbum.exe"
Task: {3E2F089E-B041-42C4-A0B5-408E9775A38A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {441F3B0D-D086-4C0B-A41A-721D44F75A29} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2016-02-29] ()
Task: {64E665D9-5B4E-402A-863D-C9E17C3A3669} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {6C885C66-1EA0-4BA0-B07B-4F54E845E00A} - System32\Tasks\{F333BCDE-AB2A-466A-A3DE-56D89550E247} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Azureus\Uninstall.exe" -d "C:\Program Files (x86)\Azureus"
Task: {84F169AC-1DA9-4E89-BE09-344B068EB3D4} - System32\Tasks\{A319FCF4-648C-4340-9668-DD57FF5DBF3D} => C:\Windows\system32\pcalua.exe -a "C:\Users\tony\Downloads\Campfire Legends The Babysitter\Campfire.Legends.The.Babysitter\CampfireLegendsBabysitter.exe" -d "C:\Users\tony\Downloads\Campfire Legends The Babysitter\Campfire.Legends.The.Babysitter"
Task: {85143671-479E-4D8A-A9E2-AE74374A0823} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {865DFD5E-CC03-4446-91B5-BF62FD0DB2FF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {980BD260-D7B7-44D7-A408-B7A5A1D1B25F} - System32\Tasks\{80A6EA62-AFAF-40FF-B816-9284C6D1B2C2} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\Uninst.exe"
Task: {AA62947E-D235-476F-BF41-DFABF60252B5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-07] (Piriform Ltd)
Task: {B00A65C1-91B3-4848-9AE1-CBC219D8F8F9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-12] (Adobe Systems Incorporated)
Task: {B138A50D-52BF-4F0D-B150-6B3E8991C359} - System32\Tasks\Opera scheduled Autoupdate 1450886547 => C:\Program Files (x86)\Opera\launcher.exe [2016-08-03] (Opera Software)
Task: {B6FAEE82-13FE-4C00-A55F-B7A60F4E8591} - System32\Tasks\{648C9D9D-7CC6-47BC-8BC6-19AA01948851} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Azureus\Uninstall.exe" -d "C:\Program Files (x86)\Azureus"
Task: {BEBD1B82-36AB-4285-9674-F09D0DF62F94} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_130_pepper.exe [2017-09-12] (Adobe Systems Incorporated)
Task: {CFAC10DA-C00D-4079-A58B-9D200FD2492C} - System32\Tasks\MAGIX Connector => C:\Program Files (x86)\MAGIX\Connector\connector.exe [2017-03-17] (MAGIX Software GmbH)
Task: {D273AD67-D271-4D6B-BF9C-D09CFD75725B} - System32\Tasks\Abelssoft\StartBackgroundguardWithWindows => C:\Program Files (x86)\CheckDrive\CheckDrive.exe
Task: {D79D79B3-0E86-49FD-BCED-4402135D6FAF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {F529ECF5-6800-4316-9276-14B01F255115} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\MAGIX Connector.job => C:\Program Files (x86)\MAGIX\Connector\connector.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-09-14 03:20 - 2016-09-14 03:20 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:20 - 2016-09-14 03:20 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:20 - 2016-09-14 03:20 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:20 - 2016-09-14 03:20 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 03:20 - 2016-09-14 03:20 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 03:20 - 2016-09-14 03:20 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:20 - 2016-09-14 03:20 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-01-13 21:10 - 2017-01-13 21:10 - 000052400 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2015-08-29 11:07 - 2013-07-04 03:32 - 000936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2017-01-12 19:11 - 2015-12-28 14:49 - 000629536 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-08-29 11:07 - 2017-09-22 15:25 - 000034448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-08-29 11:07 - 2013-07-04 03:32 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2016-07-15 09:10 - 2014-05-13 12:04 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-07-15 09:10 - 2014-05-13 12:04 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-07-15 09:10 - 2014-05-13 12:04 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-07-15 09:10 - 2012-08-23 10:38 - 000574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-07-15 09:10 - 2012-04-03 17:06 - 000565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:0B9DC6BB [190]
AlternateDataStreams: C:\ProgramData\TEMP:2313511A [372]
AlternateDataStreams: C:\ProgramData\TEMP:45A64DE6 [183]
AlternateDataStreams: C:\ProgramData\TEMP:4C465B13 [181]
AlternateDataStreams: C:\ProgramData\TEMP:667D4A95 [166]
AlternateDataStreams: C:\ProgramData\TEMP:75765D7B [186]
AlternateDataStreams: C:\ProgramData\TEMP:7C60A173 [113]
AlternateDataStreams: C:\ProgramData\TEMP:7E47A57F [174]
AlternateDataStreams: C:\ProgramData\TEMP:862BDB1A [132]
AlternateDataStreams: C:\ProgramData\TEMP:A19DFC74 [380]
AlternateDataStreams: C:\ProgramData\TEMP:B74BD6BF [90]
AlternateDataStreams: C:\ProgramData\TEMP:D6A43EB0 [171]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\Software\Classes\.exe: => <==== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7936 mehr Seiten.
IE trusted site: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\123simsen.com -> www.123simsen.com
Da befinden sich 7936 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2016-07-29 16:32 - 000000892 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\tony\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\StartupApproved\Run: => "ACDSeeCommanderPro8"
HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1646258700-1999135678-1155189212-1001\...\StartupApproved\Run: => "Steam"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{886C3558-77AC-4B06-9ABD-13DA2CA5AAEF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{626BE026-44F7-445C-8822-7FA151420553}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DEC9339B-240B-4F36-8445-4169DF3457EF}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{13E4C373-4417-4C57-A25C-D9F063F252F8}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{4CE9A124-E7FD-47AB-8E13-36CD80458F2F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{7EBDEF0E-0F04-429D-82FE-E6D2C8621219}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{773BDDDD-4081-4378-9210-33AEB06F7D65}] => (Allow) G:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{B0FB0F43-208B-4BA9-A9A1-BE95677D2DE2}] => (Allow) G:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [TCP Query User{10D5FCEB-F2FE-40AC-9EC1-FD8B6A6D2CB5}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{64FB7C13-CF32-46A4-B7BA-00F61F1AB24F}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{3405BC9E-4400-47B0-8850-FCC68D6E845A}] => (Allow) C:\Program Files\MAGIX\Video Pro X7\Video_Pro_X.exe
FirewallRules: [TCP Query User{70123A29-DFFE-4BC9-BBE1-AC1DDB1C929D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{D7E4F623-C3B7-48C2-8BF9-8BA754A36320}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{AB625738-3213-4F5B-9F7A-53E4C1421856}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2DF5F545-7553-45F3-BFB9-D304AD06761A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{95EE1685-9101-41C1-B0EE-43318055E48C}] => (Allow) C:\Program Files (x86)\Common Files\Tencent\QQDownload\118\Tencentdl.exe
FirewallRules: [{83FAC5DD-E950-4F70-B468-CFA12AF56E1F}] => (Allow) C:\Program Files (x86)\Common Files\Tencent\QQDownload\118\Tencentdl.exe
FirewallRules: [{01B9B494-A5D7-4EB6-955E-EAD60807D1A4}] => (Allow) C:\Program Files (x86)\Tencent\QQPlayer\loader\QQLiveDownloader.exe
FirewallRules: [{9E2EC2A1-62A3-48AC-AD9F-E7AB3E4A0363}] => (Allow) C:\Program Files (x86)\Tencent\QQPlayer\loader\QQLiveDownloader.exe
FirewallRules: [{DE49BCF8-1892-4E47-8EF9-0F474112B43B}] => (Allow) C:\Program Files (x86)\Tencent\QQPlayer\loader\QQPCDownload8880463.exe
FirewallRules: [{5A0AD7B1-8683-46AC-9783-86B1807B3D8C}] => (Allow) C:\Program Files (x86)\Tencent\QQPlayer\loader\QQPCDownload8880463.exe
FirewallRules: [{303E0873-3B67-4A7E-8970-FB155657183A}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{C7A1757D-5C88-473E-B72F-3642FB992023}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{E43A13A4-65ED-44AE-AE23-58A5CE527EE5}] => (Allow) C:\Program Files\MAGIX\Video deluxe 2016 Premium\Videodeluxe.exe
FirewallRules: [{E76CF803-E59B-4AE9-B1CB-26945FB14114}] => (Allow) C:\Users\tony\AppData\Local\Temp\{0B0DD512-6196-42A5-8E67-33D96089CA30}\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\InstTool.exe
FirewallRules: [{EC587BC0-3F04-4CFD-9632-F4D6C488254C}] => (Allow) C:\Users\tony\AppData\Local\Temp\{0B0DD512-6196-42A5-8E67-33D96089CA30}\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\InstTool.exe
FirewallRules: [{5FF45A36-D693-44CE-B21E-20F3E3D652E1}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{86FF357F-E0FF-4776-A9EC-DCC278E20F3A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{2389C5A2-FF31-475A-A311-E20628CDE775}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{DD8846FD-E8C6-4D5A-AE9D-571F03036E36}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{EC30E7EB-6F6E-4300-B1A9-9F7D8532C702}] => (Allow) C:\Program Files (x86)\MAGIX\Music Maker\25\MusicMaker.exe
FirewallRules: [{7B8BB990-9E2E-4D82-9205-BE5FD0184BED}] => (Allow) C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe
FirewallRules: [{2D3B102A-BAC6-4054-9CCD-CD07D734E782}] => (Allow) C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe
FirewallRules: [TCP Query User{17766C72-FED4-485A-9AA3-5808633B6F20}C:\program files (x86)\tencent\qqintl\bin\qq.exe] => (Allow) C:\program files (x86)\tencent\qqintl\bin\qq.exe
FirewallRules: [UDP Query User{260847DF-0714-48C6-BAD3-D2422C9AC29E}C:\program files (x86)\tencent\qqintl\bin\qq.exe] => (Allow) C:\program files (x86)\tencent\qqintl\bin\qq.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Android Composite ADB Interface
Description: Android Composite ADB Interface
Class Guid: {f72fe0d4-cbcb-407d-8814-9ed673d0dd6b}
Manufacturer: Xiaomi
Service: androidusb
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/21/2017 06:36:57 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (09/18/2017 03:57:47 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (09/17/2017 04:46:36 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (09/17/2017 04:40:32 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (09/17/2017 04:21:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/17/2017 04:21:29 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Xmlbar\FLV Downloader\FLVDownloader(xmlbar).exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (09/17/2017 04:21:28 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/17/2017 04:05:59 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/17/2017 04:05:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Xmlbar\FLV Downloader\FLVDownloader(xmlbar).exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (09/17/2017 04:05:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Systemfehler:
=============
Error: (09/22/2017 03:22:43 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x1
Error: (09/21/2017 06:37:56 PM) (Source: DCOM) (EventID: 10010) (User: TJT)
Description: Der Server "{1B1F472E-3221-4826-97DB-2C2324D389AE}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/21/2017 06:37:26 PM) (Source: DCOM) (EventID: 10010) (User: TJT)
Description: Der Server "{BF6C1E47-86EC-4194-9CE5-13C15DCB2001}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/21/2017 05:44:09 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x1
Error: (09/18/2017 05:59:19 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x1
Error: (09/18/2017 05:05:34 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x1
Error: (09/18/2017 04:03:41 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "D:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (09/18/2017 03:58:44 PM) (Source: DCOM) (EventID: 10010) (User: TJT)
Description: Der Server "{1B1F472E-3221-4826-97DB-2C2324D389AE}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/18/2017 03:58:14 PM) (Source: DCOM) (EventID: 10010) (User: TJT)
Description: Der Server "{BF6C1E47-86EC-4194-9CE5-13C15DCB2001}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/18/2017 03:46:58 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT-AUTORITÄT)
Description: 0x8000002a28\??\C:\Users\tony\ntuser.dat
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 13%
Installierter physikalischer RAM: 16319.15 MB
Verfügbarer physikalischer RAM: 14191.33 MB
Summe virtueller Speicher: 18751.15 MB
Verfügbarer virtueller Speicher: 15932.12 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:238.13 GB) (Free:72.81 GB) NTFS
Drive d: (Volume) (Fixed) (Total:488.28 GB) (Free:236.89 GB) NTFS
Drive e: (Volume) (Fixed) (Total:488.28 GB) (Free:151.08 GB) NTFS
Drive f: (Volume) (Fixed) (Total:488.28 GB) (Free:473.28 GB) NTFS
Drive h: (Volume) (Fixed) (Total:1863.01 GB) (Free:498.42 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 67A6F1C2)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: C993FAEB)
Partition 1: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: F12A59B5)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
25.09.2017, 12:14
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 8.1 vor Tagen Email account gmx gekappert evtl. Trojaner an Bord Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
26.09.2017, 14:40
| #5 |
| | Frage bezgl. Logs Wenn ich den ersten Logfile habe - dieser erstreckt sich über 21 Seiten. In wie viele Teile kann/soll ich diesen unterteilen - ich bin das etwas überfragt. Vielen Dank und Gruß |
|
26.09.2017, 15:01
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 8.1 vor Tagen Email account gmx gekappert evtl. Trojaner an Bord du möchtest bitte das avscan Logfile in codetags posten...
__________________ --> Windows 8.1 vor Tagen Email account gmx gekappert evtl. Trojaner an Bord |
|
| Themen zu Windows 8.1 vor Tagen Email account gmx gekappert evtl. Trojaner an Bord |
| account, eingebe, email, email account, folge, gemeldet, gmx, gmx account, google, malware, tagen, traffic, troja, trojaner, weiterhelfen, windows, windows 8.1 |
Linear-Darstellung
