Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Heitmann Metallhandel Makros Virus

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 21.12.2015, 17:09   #1
karaiskaki
 
Heitmann Metallhandel  Makros Virus - Standard

Heitmann Metallhandel Makros Virus



Makro Virus Heitman Metallhandel

Hallo, ich habe gestern eine Mail von Heitman Metallhandel bekommen mit einen Anhang als Rechnung in .doc die ich leider geöffnet habe. Wie sich rausgestellt hat war es eine Mail die nichts mit diesem Unternehmen zu tun hatte und ich befürchte, dass ich mir einen Makro Virus eingefangen habe. Ich wäre für jede Hilfe dankbar.




Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:20-12-2015
durchgeführt von Nikos (2015-12-21 16:48:22)
Gestartet von C:\Users\Nikos\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) (2008-04-03 17:29:46)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1865184633-4289980622-1215388488-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1865184633-4289980622-1215388488-1002 - Limited - Enabled)
Gast (S-1-5-21-1865184633-4289980622-1215388488-501 - Limited - Disabled)
IUSR_NMPR (S-1-5-21-1865184633-4289980622-1215388488-1003 - Limited - Enabled) => C:\Users\IUSR_NMPR
Nikos (S-1-5-21-1865184633-4289980622-1215388488-1004 - Administrator - Enabled) => C:\Users\Nikos

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

12th Century BlackJack 2.1.3  (HKLM\...\12th Century BlackJack) (Version: 2.1.3 - hxxp://www.bksoft.de)
32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
3D-Fahrschule Demo (HKLM\...\3D-Fahrschule Demo) (Version:  - )
3GP Video Converter 3 (HKLM\...\3GP Video Converter 3) (Version: 3.1.8.0720b - Xilisoft)
7-Zip 4.65 (HKLM\...\7-Zip) (Version:  - )
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
ALDI Foto Manager Free Nord (HKLM\...\ALDI Foto Manager Free Nord D) (Version: 3.4.0.466 - MAGIX AG)
ALDI Foto Service Nord (HKLM\...\ALDI Foto Service Nord D) (Version: 1.12.0.93 - MAGIX AG)
ALDI Online Druck Service (Nord) (HKLM\...\ALDI Online Druck Service (Nord)) (Version:  - )
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArmA 2 Uninstall (HKLM\...\ArmA 2) (Version:  - )
Ask Toolbar (HKLM\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.14.1.0 - Ask.com) <==== ACHTUNG
Ask Toolbar Updater (HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.0.20007 - Ask.com) <==== ACHTUNG
Asterix bei den Olympischen Spielen (HKLM\...\Asterix at the Olympic Games) (Version:  - Atari)
AudioCon (HKLM\...\AudioCon) (Version: 1.0 - Basement Softworks)
AVIConverter 2.1 (HKLM\...\AVIConverter) (Version: 2.1 - )
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
Avira SearchFree Toolbar plus Web Protection (HKLM\...\{41564952-412D-5637-00A7-A758B70C0202}) (Version: 12.2.2.663 - Ask Partner Network)
AviSynth 2.5 (HKLM\...\AviSynth) (Version:  - )
BattlEye Uninstall (HKLM\...\BattlEye for A2) (Version:  - )
Bing Bar (HKLM\...\{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}) (Version: 7.1.361.0 - Microsoft Corporation)
Blaze Media Pro (HKLM\...\Blaze Media Pro) (Version:  - Mystik Media)
Blaze Media Pro (Version: 8.0 - Mystik Media) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 82.0.173.000 - Hewlett-Packard) Hidden
calibre (HKLM\...\{0830C2E8-01B9-4CD1-B218-12B0107D5BED}) (Version: 0.9.10 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 3.02 - Piriform)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D1300 (Version: 82.0.233.000 - Hewlett-Packard) Hidden
D1300_Help (Version: 82.0.233.000 - Hewlett-Packard) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Die Siedler 2 - Die nächste Generation - Demoversion (HKLM\...\S2TNGDemo) (Version:  - )
Diercke Globus (HKLM\...\Diercke Globus) (Version: 1.1 - Imagon GmbH)
dolp_demo (HKLM\...\{6CA671A5-954C-4B75-8104-7B085246A8B5}) (Version: 1.0.0.0 - Maze)
DVD Decrypter (Remove Only) (HKLM\...\DVD Decrypter) (Version:  - )
DVD2one V2.2.1 (HKLM\...\DVD2one V2) (Version: 2.2.1 - Eximius B.V.)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 16.1.16835 - Landesfinanzdirektion Thüringen)
EmptyInstaller2 (HKLM\...\{6473B3D0-B05C-4D2F-A7EC-BECB512FCB14}) (Version: 1.0.0.0 - Maze)
Facebook Plug-In (HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Facebook Plug-In) (Version:  - Facebook, Inc.)
Facebook Plug-In (HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Facebook Plug-In) (Version:  - Facebook, Inc.)
FileConverter 1.3 Toolbar (HKLM\...\FileConverter_1.3 Toolbar) (Version: 6.9.0.16 - FileConverter 1.3)
Find Junk Files (HKLM\...\Find Junk Files) (Version:  - )
Firebird SQL Server - MAGIX Edition (HKLM\...\Firebird SQL Server D) (Version: 2.0.1.8 - MAGIX AG)
Fußball WM-Chronik (HKLM\...\InstallShield_{50C5FC87-CDF3-445E-86CE-FE4F7703F075}) (Version: 1.00.0000 - USM)
Fußball WM-Chronik (Version: 1.00.0000 - USM) Hidden
GBalph NDSMovie Converter V1.00 (HKLM\...\{5B4F13B0-62C4-4F70-B9A6-3788196EC972}) (Version: 1.00.0000 - GBalpha)
Google Chrome (HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: - - Google)
Google Earth (HKLM\...\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}) (Version: 4.3.7284.3916 - Google)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
GSGÂ*eXtract (HKLM\...\GSGÂ*eXtract) (Version:  - )
HP Deskjet & Photosmart Printer Driver Software 8.0.A (HKLM\...\{981DE354-9301-440f-AAFC-025AA2354A93}) (Version: 8.0 - HP)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (HKLM\...\{9FAAE06C-DEDD-4299-B88D-1F9AD5E1547F}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Hilfe (HKLM\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.3341 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM\...\{787D1A33-A97B-4245-87C0-7174609A540C}) (Version: 5.002.005.003 - Hewlett-Packard)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.4.4.0 - LIGHTNING UK!)
ImTOO MPEG Encoder (HKLM\...\ImTOO MPEG Encoder) (Version: 3.1.54.0404b - ImTOO)
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
Intel(R) PRO Network Connections 12.2.41.0 (HKLM\...\PROSetDX) (Version: 12.2.41.0 - Intel)
Intel® Viiv™ Software (HKLM\...\Intel(R) Configuration Center) (Version: 1.7.512.0 - Intel Corporation)
iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
JAP (HKLM\...\JAP) (Version: 00.010.003 - JAP-Team)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LetsTrade Komponenten (HKLM\...\LetsTrade) (Version:  - )
LibreOffice 4.4.3.2 (HKLM\...\{A651A592-2F6C-4D66-AEA8-9BFE4B61BCB3}) (Version: 4.4.3.2 - The Document Foundation)
livetvbar Toolbar (HKLM\...\livetvbar Toolbar) (Version:  - )
LookDisk (HKLM\...\LookDisk) (Version:  - )
M3 SAKURA V1.42 European (GAME PATCH V4.5Beta) (HKLM\...\{ADE237A0-0B2B-4009-AE91-3FF0989C28CD}) (Version: 1.4.2 - GBalpha)
M3 SAKURA V1.47 Global (GAME PATCH V4.8b) (HKLM\...\{F3FB33E7-6058-4C95-8FCE-9C0E01EAF946}) (Version: 1.4.7 - GBalpha)
Magical Kingdom (HKLM\...\{E50CE67B-9E1F-4638-AD3A-D33C7889D23E}) (Version: 1.0.0.3 - Maze)
MakeDisc (HKLM\...\{B145EC69-66F5-11D8-9D75-000129760D75}) (Version: 3.0.2516 - CyberLink Corp.)
Max Payne 2 (HKLM\...\{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}) (Version: 1.01.102 - )
MCE Software Encoder 1.1 (HKLM\...\{7655E113-C306-11D9-A373-0050BAE317E1}) (Version: 1.1.0.1918 - CyberLink Corporation)
Media Converter SA Edition 0.8 (HKLM\...\Media Converter SA Edition) (Version: 0.8 - Pascal Beyeler)
MediaShow (HKLM\...\{D5A9B7C0-8751-11D8-9D75-000129760D75}) (Version: 3.0.4325 - CyberLink Corporation)
MEDION Fotos auf CD Nord (HKLM\...\MEDION Fotos auf CD Nord D) (Version: 6.0.2.0 - MAGIX AG)
MEDIONbox (HKLM\...\{27FDF949-69CE-435A-8372-339F72336AC5}) (Version: 1.09.0000.00050 - Medion)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB953297) (HKLM\...\M953297) (Version:  - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Automated Troubleshooting Services Shim (HKLM\...\{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb) (Version:  - )
Microsoft Office 2000 Premium (HKLM\...\{00000407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Microsoft Office Excel Viewer 2003 (HKLM\...\{90840407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mobipocket Reader 6.2 (HKLM\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Moorhuhn 3 DL (HKLM\...\{FF895069-BD9A-11D5-986D-00500443CF9F}) (Version:  - )
Moorhuhn Kart 2 XS (HKLM\...\{DDABECD7-C579-4477-8B5F-B817AF54B2DC}) (Version:  - )
MOV Converter 3 (HKLM\...\MOV Converter 3) (Version: 3.1.8.0720b - Xilisoft)
Movavi Video Converter 6 (HKLM\...\{F2DF7839-7B71-4E34-BB8D-552E182082C9}) (Version: 6.03.000 - MOVAVI)
Mozilla Firefox 43.0.1 (x86 de) (HKLM\...\Mozilla Firefox 43.0.1 (x86 de)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
MP3 Player Utilities 3.68 (HKLM\...\{5DFDB75C-DA8C-45DB-987C-67000BB6C3B9}) (Version: 1.0.0 - myMPxPlayer.org)
MP3 Player Utilities 4.00 (HKLM\...\{7784A172-61F1-445E-8368-601607E0DD22}) (Version: 4.00 -  )
MP3 Player Utilities 4.15 (HKLM\...\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}) (Version: 4.15 -  )
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 Essentials (HKLM\...\{5BB977A4-E843-4E31-9859-745F442B1031}) (Version: 8.10.284 - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}) (Version: 6.83.9.0 - Nokia)
Nokia Lifeblog 2.5 (HKLM\...\{E94603CA-2996-4154-8EE2-A5FCD4BFB500}) (Version: 2.5.224 - Nokia)
Nokia NSeries Application Installer (HKLM\...\{FD349381-D79C-4E5C-8980-015DFFB962D5}) (Version: 6.82.15 - Nokia)
Nokia NSeries Content Copier (HKLM\...\{F779EC8D-6703-4C4A-817C-37B07898E647}) (Version: 6.82.15 - Nokia)
Nokia NSeries One Touch Access (HKLM\...\{F4EE8763-EAA8-4BC1-8594-8501F5F00414}) (Version: 6.82.15 - Nokia)
Nokia NSeries System Utilities (HKLM\...\{96E94E18-54D6-42C1-8FC4-24DACEDC3395}) (Version: 6.82.16 - Nokia)
Nokia Software Launcher (HKLM\...\{A8C856AD-63CD-4613-AA29-E6C85607EA06}) (Version: 1.6.80 - Nokia)
Nokia Software Updater (HKLM\...\{3186AEAE-E104-424D-9152-1BF6A4404758}) (Version: 01.03.085.28569 - Nokia Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
O&O MediaRecovery (HKLM\...\{53480870-02D8-48FB-BC27-72C956885168}) (Version: 4.1.1322 - O&O Software GmbH)
OpenOffice 4.1.1 Language Pack (German) (HKLM\...\{68AF7AB8-E018-40D9-B703-0129274FDBAE}) (Version: 4.11.9775 - Apache Software Foundation)
OpenOffice 4.1.2 (HKLM\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Opera 9.52 (HKLM\...\{E1A88DE8-BD36-4DEA-8DD8-E35EF475ADC7}) (Version: 9.52 - Opera Software ASA)
PC Connectivity Solution (HKLM\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.5 - Frank Heindörfer, Philip Chinery)
Phoenix Backup Professional (HKLM\...\{BF34527D-7B27-43AD-9994-7B3ABCEF3625}) (Version: 3.5.000 - SYDATEC)
PhotoNow! (HKLM\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.0.4310 - CyberLink Corp.)
PixiePack Codec Pack (HKLM\...\{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}) (Version: 0.10.6.0 - None)
PlayStation(R)Network Downloader (HKLM\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.02.00076 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 3.1.8.07881 - Sony Computer Entertainment Inc.)
PokerStars (HKLM\...\PokerStars) (Version:  - PokerStars)
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2209a - CyberLink Corp.)
PowerDirector (Version: 6.5.2209a - CyberLink Corp.) Hidden
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3118.0 - CyberLink Corporation)
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 4.2.2504 - CyberLink Corp.)
Prism Video Converter (HKLM\...\Prism) (Version:  - NCH Software)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RealArcade (HKLM\...\RealArcade 1.2) (Version:  - )
RealPlayer (HKLM\...\RealPlayer 12.0) (Version:  - RealNetworks)
RealUpgrade 1.0 (Version: 1.0.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.60 (HKLM\...\Revo Uninstaller) (Version: 1.60 - VS Revo Group)
RonyaSoft CD DVD Label Maker 2.01 (HKLM\...\RonyaSoft CD DVD Label Maker) (Version: 2.01 - RonyaSoft)
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio USB Driver Installer (HKLM\...\InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio USB Driver Installer (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
SamsungConnectivityCableDriver (HKLM\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
Sceneo AbsolutTV (HKLM\...\{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}) (Version:  - )
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
SF_CDA_ProductContext (Version: 82.0.233.000 - Hewlett-Packard) Hidden
SF_CDA_Software (Version: 82.0.233.000 - Hewlett-Packard) Hidden
Silverjuke 2.51 (HKLM\...\Silverjuke) (Version: 2.51 - Bjoern Petersen Software Design and Development)
SLD CODEC PACK 1.5.3 (HKLM\...\SLD CODEC PACK 1.5.3) (Version:  - )
SopCast 3.0.3 (HKLM\...\SopCast) (Version: 3.0.3 - SopCast.com)
Speckie (HKLM\...\{C1A4F1E2-46E6-4EEE-B183-B10908BEF30F}) (Version: 5.9.1 - Versoworks)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Steganos Safe OEM (HKLM\...\{9A4F72EE-8378-49BD-8C10-301E25907B5B}) (Version: 10.0.2 - Steganos GmbH)
Stream Torrent 1.0 (HKLM\...\StreamTorrent 1.0) (Version:  - )
Studie zur Verbesserung von HP Deskjet 2050 J510 series Produkten (HKLM\...\{B23B43B5-DDDC-41DA-9700-F334744E694E}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
SUPER RTL - Clubs 2.1 (HKLM\...\SUPER RTL - Clubs) (Version: 2.1 - SynthiCon AG)
Switch Sound File Converter (HKLM\...\Switch) (Version:  - NCH Swift Sound)
System Requirements Lab for Intel (HKLM\...\{F7FC9307-374E-4017-8E9D-DE1154780480}) (Version: 4.1.66.0 - Husdawg, LLC)
Systemsteuerung "MobileMe" (HKLM\...\{6DA9102E-199F-43A0-A36B-6EF48081A658}) (Version: 2.1.0.24 - Apple Inc.)
Tobit.Software ClipInc (HKLM\...\Tobit ClipInc Server) (Version:  - Tobit.Software)
Toolbox (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Treiber-Studio Heft-Ausgabe 1.5.0.0  (HKLM\...\Treiber-Studio Heft-Ausgabe) (Version: 1.5.0.0 - )
TV Enhance (HKLM\...\{E4C891D6-6844-41B8-86E8-633CACCC644F}) (Version: 1.0.4916 - CyberLink Corp.)
TVAnts 1.0 (HKLM\...\TVAnts 1.0) (Version:  - )
TVsweeper 3 (HKLM\...\{588D9F5F-8C62-4421-BAE9-CCAA57D4E4EE}) (Version: 3.0.3 - Sonavis)
Ulead PhotoImpact 12 (HKLM\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
UnloadSupport (Version: 1.00.0000 - Hewlett-Packard) Hidden
Unlocker 1.8.7 (HKLM\...\Unlocker) (Version: 1.8.7 - Cedrick Collomb)
USB Multi-Channel Audio Device (HKLM\...\C-Media CM106 Like Sound Driver) (Version:  - )
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
Veetle TV 0.9.18 (HKLM\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
Videora iPod Converter 3.00 (HKLM\...\Videora iPod Converter) (Version: 3.00 - Red Kawa Inc.)
Vista Codec Package (HKLM\...\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}) (Version: 4.6.5 - Shark007)
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
WebReg (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.541  - Nullsoft, Inc)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile-Gerätecenter (HKLM\...\{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8}) (Version: 6.0.6783.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{CB8CA439-DA83-419C-A4CF-5A0A50025144}) (Version: 6.0.6783.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (HKLM\...\3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F) (Version: 10/12/2007 6.85.4.0 - Nokia)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
WISO Mein Geld 2008 Professional (HKLM\...\{D8D22773-14BF-4178-A683-3DBA515C2A26}) (Version: 9.00.01.0023 - Buhl Data Service GmbH)
WISO Sparbuch 2009 (HKLM\...\{00C58EBE-223E-4AB6-8AE9-38F27F4420BD}) (Version: 16.00.6228 - Buhl Data Service GmbH)
WISO Sparbuch 2010 (HKLM\...\{46B70DEB-97B3-4E38-B746-EC16905E6A8F}) (Version: 17.00.6531 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2011 (HKLM\...\{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}) (Version: 18.00.6928 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2012 (HKLM\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2013 (HKLM\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM\...\{E27015CD-CE60-4D7A-A194-1EDB6F0294B8}) (Version: 21.00.8480 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2015 (HKLM\...\{4A07FBD0-6B15-4066-81BE-9C6F56BF3374}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Wonderland (HKLM\...\Wonderland) (Version:  - )
X10 Hardware(TM) (HKLM\...\X10Hardware) (Version:  - )
XBMC (HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\XBMC) (Version:  - Team XBMC)
Xilisoft DVD Creator (HKLM\...\Xilisoft DVD Creator) (Version: 3.0.39.1212 - Xilisoft)
Xilisoft Video Converter (HKLM\...\Xilisoft Video Converter) (Version: 3.1.34.0629b - Xilisoft)
XMedia Recode 2.0.5.3 (HKLM\...\XMedia Recode) (Version: 2.0.5.3 - Sebastian Dörfler)
XP Codec Pack (HKLM\...\XP Codec Pack) (Version:  - )
Yahoo! Install Manager (HKLM\...\YInstHelper) (Version:  - )
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )
Yahoo! Suche Schutzvorkehrung (HKLM\...\Yahoo! Search Defender) (Version:  - )
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{00021401-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.135\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.99\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.25.5\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.69\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{3050F4F5-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.79\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{32C3FEAE-0877-4767-8C20-62A5829A0945}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Roaming\Facebook\axfbootloader.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.23.9\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{5C4094D7-4213-4C40-9E33-16A2D2D69EF2}\InprocServer32 -> C:\Program Files\Sony\PlayStation Store\StoreDrmUtility.dll (Sony Computer Entertainment Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> "C:\Users\Nikos\AppData\Local\Google\Chrome\Application\39.0.2171.95\delegate_execute.exe" => Keine  (Der Dateneintrag hat 5 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.145\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.123\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.153\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{7057E952-BD1B-11D1-8919-00C04FC2C836}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.24.15\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.22.3\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.165\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{A5DC33CE-214B-4C26-8596-8A45456C9EB8}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{BEE9C324-3E00-11D4-823D-00D0B74C5265}\localserver32 -> C:\Program Files\Real\RealArcade\RNArcade.exe (RealNetworks)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.115\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{C98FE784-B96E-41e1-8399-1337AE3E539F}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.25.11\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{D7B70EE0-4340-11CF-B063-0020AFC2CD35}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{DA5F0C98-4A7B-4C92-915E-4BE1BC95DE99}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.25.11\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.22.5\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.111\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.24.7\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{00021401-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.135\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.99\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.5\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.27.5\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.69\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{3050F4F5-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.79\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{32C3FEAE-0877-4767-8C20-62A5829A0945}\InprocServer32 -> C:\Users\Nikos\AppData\Roaming\Facebook\axfbootloader.dll ( )
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.23.9\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{5C4094D7-4213-4C40-9E33-16A2D2D69EF2}\InprocServer32 -> C:\Program Files\Sony\PlayStation Store\StoreDrmUtility.dll (Sony Computer Entertainment Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Chrome\Application\47.0.2526.106\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.28.1\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.145\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.123\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.153\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{7057E952-BD1B-11D1-8919-00C04FC2C836}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.28.13\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.24.15\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.22.3\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.165\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{A5DC33CE-214B-4C26-8596-8A45456C9EB8}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{BEE9C324-3E00-11D4-823D-00D0B74C5265}\localserver32 -> C:\Program Files\Real\RealArcade\RNArcade.exe (RealNetworks)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.26.9\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.115\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{C98FE784-B96E-41e1-8399-1337AE3E539F}\InprocServer32 -> C:\Users\Nikos\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.11\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.28.15\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{D7B70EE0-4340-11CF-B063-0020AFC2CD35}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{DA5F0C98-4A7B-4C92-915E-4BE1BC95DE99}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.22.5\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.111\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.24.7\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InprocServer32 -> kein Dateipfad

==================== Wiederherstellungspunkte =========================

11-12-2015 00:00:07 Geplanter Prüfpunkt
11-12-2015 12:43:10 Windows Update
12-12-2015 11:46:03 Windows Update
13-12-2015 00:00:03 Geplanter Prüfpunkt
13-12-2015 12:23:16 Windows Update
14-12-2015 11:22:35 Windows Update
15-12-2015 00:00:04 Geplanter Prüfpunkt
15-12-2015 10:06:50 Windows Update
16-12-2015 10:54:22 Windows Update
17-12-2015 10:28:17 Windows Update
17-12-2015 21:39:52 Wiederherstellungsvorgang
17-12-2015 21:56:19 Windows Update
18-12-2015 09:18:02 Windows Update
19-12-2015 12:59:54 Windows Update
19-12-2015 18:06:55 Windows Update
19-12-2015 18:16:14 Windows Update
19-12-2015 19:23:52 Windows Update
20-12-2015 03:00:13 Windows Update
21-12-2015 10:41:37 Windows Update
21-12-2015 12:51:45 OpenOffice 4.1.2 wird installiert
21-12-2015 12:54:28 OpenOffice 4.1.2 wird installiert

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2006-11-02 11:23 - 2009-02-18 10:26 - 00000054 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
::1             localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00BE7185-5F1A-43C0-841C-E8AD68D8BBC4} - System32\Tasks\{10B97F12-AA7F-4903-A405-D74A04A02705} => pcalua.exe -a E:\SetupAssistant.exe -d E:\
Task: {11B0894E-EBCE-4AAB-8F8B-4013E73385A2} - System32\Tasks\{94080AF5-9C42-4005-81E6-24B1E650BC1E} => pcalua.exe -a C:\Users\Nikos\Downloads\unlocker1.8.7.exe -d C:\Users\Nikos\Downloads
Task: {12B11D5D-2993-47F4-9270-46E04933A8CF} - System32\Tasks\{F3E24BE1-F331-4D0D-BD46-503BDEE7717D} => pcalua.exe -a "C:\Users\Nikos\Desktop\ALLES FÃœR NDS\Lunar IPS.exe" -d "C:\Users\Nikos\Desktop\ALLES FÃœR NDS"
Task: {168BA2CF-94D6-474B-B659-3283CB39D762} - System32\Tasks\{240A4E2B-8314-403B-BF24-ADFDFE93354C} => pcalua.exe -a "C:\Users\Nikos\Desktop\Neuer Ordner (2)\Mobile_Partner_11.030.01.07.03.exe" -d "C:\Users\Nikos\Desktop\Neuer Ordner (2)"
Task: {16E4CC5F-7DF7-4BFC-92C0-9EC968B3B6BF} - System32\Tasks\{00BF5DC6-FDDC-48BF-9017-04EEC67AE43F} => pcalua.exe -a C:\Users\Nikos\Desktop\sw5_6520_eu.exe -d C:\Users\Nikos\Desktop
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {231E0501-6AC1-420F-8A83-EF999F81EAA7} - System32\Tasks\{DF09BE72-43DD-4305-9F7E-A1774FCDB454} => pcalua.exe -a C:\Users\Nikos\Desktop\XMediaRecode2053_setup.exe -d C:\Users\Nikos
Task: {2708CB5F-8F92-4B5C-83A6-E1A97D7E2EF9} - System32\Tasks\{99BABFB4-4F16-4BD4-A05B-BFF67E26FB78} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {2AEABF7F-795C-4666-8B09-18E661369557} - System32\Tasks\{120445C3-D540-456D-8DF0-70E4FF15F2B1} => pcalua.exe -a "C:\Users\Nikos\Desktop\Moorhuhn\Moorhuhn.DIRECTORS.CUT-Mohsen6558\Moorhuhn directors cut\Setup.exe" -d "C:\Users\Nikos\Desktop\Moorhuhn\Moorhuhn.DIRECTORS.CUT-Mohsen6558\Moorhuhn directors cut"
Task: {321CA7E7-C48A-4A10-8BF4-395321F9A4C8} - System32\Tasks\{B44C65CF-D43C-488A-B75E-A987F4403661} => pcalua.exe -a C:\Users\Nikos\Downloads\wmp11-windowsxp-x86-DE-DE.exe -d C:\Users\Nikos
Task: {34533105-4D81-4652-9399-B189F4B2FE73} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1865184633-4289980622-1215388488-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {364076C4-05DA-4B85-AD23-C7B6967E5EF1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
Task: {3BE9D675-0541-42C7-8ACF-D15A48FB9B5E} - System32\Tasks\{A138F0C9-67D3-44F5-BAB5-2B7BD156D5D2} => pcalua.exe -a "C:\Program Files\VistaCodecPack\Tools\InstalledCodec.exe" -d "C:\Program Files\VistaCodecPack\Tools\"
Task: {44D97E15-7636-481C-A83F-EA46F946D820} - System32\Tasks\{4CB191AA-F68D-49DB-A863-211EF758A25A} => pcalua.exe -a C:\PROGRA~1\MICROS~3\Office12\Moc.exe -d "C:\Users\Nikos\Desktop\Neuer Ordner" -c "C:\Users\Nikos\Desktop\Neuer Ordner\PresentationLoad-3D-Vorlagen.pptx"
Task: {515414C4-74D2-47E4-87E5-49E4DC94DA89} - System32\Tasks\{49ACCF4B-A098-495D-B44D-BC8B6B22F590} => pcalua.exe -a E:\setup.exe -d E:\
Task: {5517E4AF-4F3F-4775-A349-68F1318D2020} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe [2012-01-03] () <==== ACHTUNG
Task: {55783787-C5DE-4049-A0DC-0F43EF7F6694} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2010-06-14] (Hewlett-Packard Co.)
Task: {587F68AD-9635-47E2-B647-17F90CD838D1} - System32\Tasks\{8265807A-6E3A-42BF-87FD-BC6D234158EF} => pcalua.exe -a "C:\Program Files\eRightSoft\SUPER\Setup.exe" -d "C:\Program Files\eRightSoft\SUPER" -c /remove
Task: {6F3BEC83-FEB2-47C9-828E-811D071213FE} - System32\Tasks\{C79FFAE0-15D5-4CD4-A837-C2B4C989D0F7} => pcalua.exe -a C:\Users\Nikos\Desktop\CONVERTOREN\MagicDVDCopier471.exe -d C:\Users\Nikos\Desktop\CONVERTOREN
Task: {71439A45-A908-4FBD-9532-01BD7546FF86} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {74BDEF06-C4BF-4CB1-BD36-6D638DE3C525} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004Core => C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {76D771A3-F641-4632-86D4-5B046570B782} - System32\Tasks\{A8AD5988-D9CA-4A4E-9720-FE24DC271413} => pcalua.exe -a c:\Users\Nikos\Downloads\Setup-SopCast-3.0.3-2008-4-30.exe
Task: {828A5067-4CE7-4486-A184-C42486F77710} - System32\Tasks\{F097281D-838A-42E8-A844-C8ADA88F8AB9} => pcalua.exe -a J:\OO\DE\OOMediaRecoveryDeu.exe -d J:\OO\DE
Task: {87D918BE-41E3-4159-886B-5A3E0663557E} - System32\Tasks\{6733710C-AD59-4A51-A4E9-EE2E051299F6} => pcalua.exe -a "C:\Program Files\PCast\uninst.exe"
Task: {89654B80-80E6-42EE-8043-724DCFD1FD64} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004UA => C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8B062C8A-4FBF-4301-810A-2B561E597E27} - System32\Tasks\{B917E915-7176-416B-84AF-BB4B3928F942} => pcalua.exe -a E:\setup.exe -d E:\
Task: {8EAA433D-C477-4212-BD86-11E9CAE95FC6} - System32\Tasks\{68BA138E-CE37-4BB1-AE38-B9D802DE5949} => pcalua.exe -a C:\Users\Nikos\Downloads\mp4_Driver\setup.exe -d C:\Users\Nikos\Downloads\mp4_Driver
Task: {91DD65D7-2879-4B03-844F-CF93A2E889E2} - System32\Tasks\{A4B3955B-0085-4D2A-86DB-84BCC6717498} => pcalua.exe -a c:\Users\Nikos\Downloads\unlocker1.8.6.exe
Task: {A48CC989-C9EC-4341-90FD-D0D66BD5C933} - System32\Tasks\{09C787DC-5B2A-4639-892E-88B38736CBDC} => pcalua.exe -a C:\Windows\system32\BDEADMIN.CPL -c BDE-Verwaltung
Task: {AD4E1F21-77C3-40A8-9D3F-D2B8251EEAFC} - System32\Tasks\{9B8C3F0E-BFA7-487F-A081-B084CCF19051} => pcalua.exe -a "C:\Users\Nikos\Desktop\Neuer Ordner\Mobile_Partner_11.030.01.07.03.exe" -d "C:\Users\Nikos\Desktop\Neuer Ordner"
Task: {B0669124-F4BB-4830-896B-6DC9B2E67E60} - System32\Tasks\{2485666A-3E32-49BA-A08A-F99057EF1BF1} => pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {B3C8AECE-C0D6-4B02-A53D-5CC394AE0A0C} - System32\Tasks\{DC586420-D732-4F9C-A7A9-B8D002BE913B} => pcalua.exe -a C:\PROGRA~1\MICROS~3\OFFICE11\XLVIEW.EXE -d C:\Users\Nikos\Desktop -c /e
Task: {B708D72F-1990-4815-BD13-E9008EEAC32E} - System32\Tasks\{FF41816C-8E44-41D5-9BEA-B70EEBAD5032} => pcalua.exe -a C:\Users\Nikos\Desktop\CONVERTOREN\XMediaRecode2053_setup.exe -d C:\Users\Nikos\Desktop\CONVERTOREN
Task: {BDAA8694-C6F2-4808-9DE1-4CC263839631} - System32\Tasks\{CB70345E-703A-4568-A356-0E6220B64A31} => pcalua.exe -a C:\Users\Nikos\Downloads\Nero-9.2.6.0_trial.exe -d C:\Users\Nikos
Task: {BEBEE22A-268D-4AEA-A761-134B522FDB70} - System32\Tasks\{8E467004-6634-4237-9451-BF9CBACBC7E6} => pcalua.exe -a C:\Users\Nikos\Desktop\Slim1200_de.exe -d C:\Users\Nikos\Desktop
Task: {C0985CF5-FA42-43A9-BED4-F77CF93C4906} - System32\Tasks\{4C1E1956-1384-4CA0-904C-DF3140E27077} => pcalua.exe -a "C:\Users\Nikos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GYSQSP8D\GoogleToolbarInstaller[1].exe" -d C:\Users\Nikos
Task: {C0F5EDF9-B795-4E12-B225-F5868EFBC3EA} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1865184633-4289980622-1215388488-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {CB1FE278-9807-4AE8-B278-E4C6DFF9F439} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-22] (Google)
Task: {DB95491E-2E0B-4DCB-94E4-3281FE7D57E7} - System32\Tasks\{BE3C389D-1E10-4065-9A05-49F75A345419} => pcalua.exe -a C:\Users\Nikos\Desktop\mp4_Driver\setup.exe -d C:\Users\Nikos\Desktop\mp4_Driver
Task: {DF797DFE-3439-456B-9918-DAD666A1ED85} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {EE0B0FF5-AF20-4CCA-8BAE-A4EE63F04AC4} - System32\Tasks\{608EE20C-4384-4796-81DC-0F7910E95E88} => pcalua.exe -a "C:\Users\Nikos\Desktop\MP3 Player Utilities 4.15_www.MegaLeecher.Net\InstMsiW.exe" -d "C:\Users\Nikos\Desktop\MP3 Player Utilities 4.15_www.MegaLeecher.Net"
Task: {F81B7673-7CD7-417D-9362-A1058B1731CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004Core.job => C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004UA.job => C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1865184633-4289980622-1215388488-1004.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1865184633-4289980622-1215388488-1004.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Nikos\Downloads\Documents\eBay - Der weltweite Online-Marktplatz.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4
ShortcutWithArgument: C:\Users\Nikos\Desktop\DESKTOP\VistaCodecs\Common Tools\Make a Donation.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxps://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=thom007%40hotmail%2ecom&item_name=Vista%20Codec%20Package&no_shipping=2&no_note=1&tax=0&currency_code=USD&lc=CA&bn=PP%2dDonationsBF&charset=UTF%2d8
ShortcutWithArgument: C:\Users\Nikos\Desktop\DESKTOP\VistaCodecs\Common Tools\VistaCodecs HomePage.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://shark007.testbox.dk
ShortcutWithArgument: C:\Users\Nikos\Desktop\DESKTOP\PLAYER\MEDIONload.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.medionload.de
ShortcutWithArgument: C:\Users\Nikos\Desktop\DESKTOP\PLAYER\MEDIONmusic.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.medionmusic.com
ShortcutWithArgument: C:\Users\Nikos\Desktop\CONVERTOREN\VistaCodecs\Common Tools\Make a Donation.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxps://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=thom007%40hotmail%2ecom&item_name=Vista%20Codec%20Package&no_shipping=2&no_note=1&tax=0&currency_code=USD&lc=CA&bn=PP%2dDonationsBF&charset=UTF%2d8
ShortcutWithArgument: C:\Users\Nikos\Desktop\CONVERTOREN\VistaCodecs\Common Tools\VistaCodecs HomePage.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://shark007.testbox.dk

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2008-06-25 13:17 - 2008-06-07 08:09 - 00022832 _____ () C:\Windows\System32\win2pdfm.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2007-02-12 11:46 - 2007-02-12 11:46 - 00208896 _____ () C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
2009-12-31 13:33 - 2009-12-31 13:33 - 03391488 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_ed7d69e2\mscorlib.dll
2009-12-31 13:33 - 2009-12-31 13:33 - 01966080 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_f0970aa0\system.dll
2009-12-31 13:33 - 2009-12-31 13:33 - 03018752 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_ec1cfc11\system.windows.forms.dll
2009-12-31 13:33 - 2009-12-31 13:33 - 02088960 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_3dac4b7b\system.xml.dll
2008-02-19 14:14 - 2007-04-13 18:14 - 00006656 _____ () c:\program files\medion\medionbox\program\structconverter.dll
2009-09-17 10:31 - 2009-04-11 07:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll
2009-04-27 01:43 - 2008-10-20 21:18 - 00071096 _____ () C:\Program Files\CDBurnerXP\NMSAccessU.exe
2008-02-19 14:32 - 2007-01-09 10:25 - 00272024 ____N () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2008-02-19 15:49 - 2007-05-16 22:48 - 00421955 _____ () C:\Program Files\Sceneo\AbsolutTV\Services\PVR\tvtvRemote.dll
2008-04-05 22:13 - 2007-10-19 16:42 - 00290909 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
2008-04-05 22:13 - 2007-10-19 16:42 - 00094208 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLSchRecordMonitor.dll
2008-04-05 22:13 - 2007-12-12 10:21 - 00245858 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLCapEngine.dll
2008-04-05 22:13 - 2007-10-19 16:42 - 00032768 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLCapSvcps.dll
2008-04-05 22:13 - 2007-10-19 16:42 - 00114779 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
2008-04-05 22:13 - 2007-10-19 16:42 - 00114780 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLSchMgr.dll
2008-04-05 22:13 - 2007-10-19 16:42 - 00339968 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLTinyDB.dll
2007-06-27 10:13 - 2007-06-27 10:13 - 00268504 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
2007-06-27 10:14 - 2007-06-27 10:14 - 00325848 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\xmb_mediaserver.dll
2007-06-27 10:13 - 2007-06-27 10:13 - 00563416 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\xmb_client.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00070872 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\xmb_mediaspace.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00219352 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\xmb_import.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00041176 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_aggregate.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00030424 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_sync.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00025304 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_tunisauth.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00104664 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_tunists.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00088280 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_upnp.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00026328 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_upnppower.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00065240 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\xmb_upnppower.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00027864 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_xrturi.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00252120 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_zcardea.dll
2010-10-14 11:57 - 2010-10-14 11:57 - 00040960 _____ () C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-01-14 15:59 - 2009-10-07 21:28 - 00200704 _____ () C:\Program Files\ImageConverter Plus\gpgate.dll
2010-01-14 15:59 - 2009-10-07 21:22 - 01183744 _____ () C:\Program Files\ImageConverter Plus\FCRTL.dll
2008-04-04 12:30 - 2007-09-20 17:34 - 00129024 _____ () C:\Program Files\WinRAR\rarext.dll
2008-05-02 05:15 - 2008-05-02 05:15 - 00010240 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2008-10-01 14:24 - 2008-10-01 14:24 - 00147456 _____ () C:\Program Files\Steganos Safe OEM\ShellExtension.dll
2005-07-22 07:21 - 2005-07-22 07:21 - 00032768 _____ () C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\AmvTransform.dll
2010-01-14 15:59 - 2009-10-07 21:24 - 01339392 _____ () C:\Program Files\ImageConverter Plus\fcnv.dll
2010-01-14 15:59 - 2009-10-07 21:22 - 06803456 _____ () C:\Program Files\ImageConverter Plus\fpdf.dll
2010-01-14 15:59 - 2009-10-07 21:18 - 00020992 _____ () C:\Program Files\ImageConverter Plus\MemHandler.dll
2008-12-11 09:16 - 2008-12-11 09:16 - 00026112 _____ () C:\Program Files\Steganos Safe OEM\SteganosHotKeyService.exe
2010-10-23 01:53 - 2009-04-07 12:53 - 00030440 _____ () C:\Program Files\dcmsvc\dcmsvc.exe
2010-05-26 01:31 - 2010-04-01 13:09 - 00039936 _____ () C:\Program Files\phonostar-Player\phonostarTimer.exe
2010-05-26 01:31 - 2009-08-13 11:54 - 02013184 _____ () C:\Program Files\phonostar-Player\QtCore4.dll
2010-05-26 01:31 - 2009-06-20 06:51 - 07464448 _____ () C:\Program Files\phonostar-Player\QtGui4.dll
2010-05-26 01:31 - 2009-06-20 06:51 - 00179712 _____ () C:\Program Files\phonostar-Player\QtSql4.dll
2010-05-26 01:31 - 2009-06-20 07:55 - 00344576 _____ () C:\Program Files\phonostar-Player\plugins\sqldrivers\qsqlite4.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:0B9D8E22
AlternateDataStreams: C:\ProgramData\TEMP:242231A9
AlternateDataStreams: C:\ProgramData\TEMP:4B7BEAFF
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\Software\Classes\.exe:  =>  <===== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\elsteronline.de -> hxxps://www.elsteronline.de
IE trusted site: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\elsteronline.de -> hxxps://www.elsteronline.de

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Nikos\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: )
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{F3ECBA52-9DCC-47F6-A021-9E923C2C2B01}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe
FirewallRules: [{C6812261-0A3C-43C2-8949-9AE5157D671F}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe
FirewallRules: [{850CBDDC-B319-41D0-828D-5B182D38EBCB}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
FirewallRules: [{A96BB2BD-409A-42B9-A526-2B3717225E15}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
FirewallRules: [{9D595453-CD4A-4CFF-9FFD-136623996ED8}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
FirewallRules: [{7BF2D859-36AA-4EB2-B71E-A471BCEF5539}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
FirewallRules: [{8F2DF4FC-FD1C-4C40-8622-BE3D64349693}] => (Allow) LPort=9442
FirewallRules: [{16DA6AE4-DBA7-4F58-91FD-C8AACA268B63}] => (Allow) LPort=1900
FirewallRules: [{CF2CDCB5-D2F6-49D4-A33B-5EF67FA9D1DA}] => (Allow) C:\Program Files\HomeCinema\MakeDisc\MakeDisc.exe
FirewallRules: [{7F175D14-9107-4174-AD62-766C7D6740C8}] => (Allow) C:\Program Files\HomeCinema\PowerDirector\PDR.EXE
FirewallRules: [{391F82BA-B271-4FFF-9768-42063CB88C6B}] => (Allow) C:\Program Files\HomeCinema\PowerDVD\PowerDVD.EXE
FirewallRules: [{185FC6A3-2B03-4813-8182-41FD835D1941}] => (Allow) C:\Program Files\HomeCinema\TV Enhance\TVEnhance.exe
FirewallRules: [{ED2CFFBA-B70F-428F-9C7B-416B44412005}] => (Allow) C:\Program Files\HomeCinema\TV Enhance\TVEService.exe
FirewallRules: [TCP Query User{594F2DEB-9E25-4F0B-9E98-930738E75A4F}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{A039D724-C852-4BB2-9618-BD6FB4C2394B}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{D183A532-4BAF-4785-98FD-DA54FC227168}] => (Allow) C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe
FirewallRules: [{B43D804E-6FC9-42E0-BC4B-07748F7B3E8F}] => (Allow) C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe
FirewallRules: [{D87558D8-C545-43F3-B523-6C0990EE1B46}] => (Allow) C:\Program Files\Tobit ClipInc\Player\ClipInc-Player.exe
FirewallRules: [{7ED35175-BC8F-40D3-88FF-EF4850E2C87A}] => (Allow) C:\Program Files\Tobit ClipInc\Player\ClipInc-Player.exe
FirewallRules: [TCP Query User{D165D383-F47B-452B-BDC5-04FCC70D4172}C:\program files\real\realplayer\realplay.exe] => (Block) C:\program files\real\realplayer\realplay.exe
FirewallRules: [UDP Query User{89897771-CD2B-44BF-812C-6232B5D65788}C:\program files\real\realplayer\realplay.exe] => (Block) C:\program files\real\realplayer\realplay.exe
FirewallRules: [TCP Query User{AFAB67EF-B656-4F40-9C6C-9671417FC63A}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{A3231AEE-CAE4-46C7-A157-017A8E677939}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{BA16A689-B25D-499F-8531-4B40BF0F2C2B}C:\program files\sopcast\adv\sopadver.exe] => (Allow) C:\program files\sopcast\adv\sopadver.exe
FirewallRules: [UDP Query User{AD2E3A6D-A0DB-44A0-B6C7-61E4485683CD}C:\program files\sopcast\adv\sopadver.exe] => (Allow) C:\program files\sopcast\adv\sopadver.exe
FirewallRules: [TCP Query User{29D7F53B-E847-4AB3-801C-D5FFC541F079}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe
FirewallRules: [UDP Query User{C1201A86-06E2-4863-90B4-03AA7361CB67}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe
FirewallRules: [TCP Query User{E1507264-19F0-43EB-A3EF-77242D435ECA}C:\program files\real\realplayer\recordingmanager.exe] => (Allow) C:\program files\real\realplayer\recordingmanager.exe
FirewallRules: [UDP Query User{737DE753-82B2-4629-82FF-4F02087B28E5}C:\program files\real\realplayer\recordingmanager.exe] => (Allow) C:\program files\real\realplayer\recordingmanager.exe
FirewallRules: [TCP Query User{CC5E1C63-578B-4333-95D9-07B7B384E717}C:\program files\tvants\tvants.exe] => (Allow) C:\program files\tvants\tvants.exe
FirewallRules: [UDP Query User{6769E18A-6EFC-4726-A3F7-5CBB61CD132C}C:\program files\tvants\tvants.exe] => (Allow) C:\program files\tvants\tvants.exe
FirewallRules: [TCP Query User{BDB3F5D9-831C-4247-81C2-961CEF3E708B}C:\program files\tvuplayer\tvuplayer.exe] => (Block) C:\program files\tvuplayer\tvuplayer.exe
FirewallRules: [UDP Query User{5BB4A5B7-393A-49F0-9A8A-D21D088E1E59}C:\program files\tvuplayer\tvuplayer.exe] => (Block) C:\program files\tvuplayer\tvuplayer.exe
FirewallRules: [{9B7C19FA-D923-4F11-AAF0-237AEA9F73F4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D23F01CA-594F-4C03-B7B6-C57D358541CA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{5848E646-13E1-4DC9-80CD-0E8F9732EC59}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Block) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [UDP Query User{C982022C-A7D1-46FE-BDDE-83E797DAB6CD}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Block) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [TCP Query User{8BB77B86-275E-436A-BA43-5FDB65B04446}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Block) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [UDP Query User{D740A3D4-11A7-4589-897C-8367416022FB}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Block) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [TCP Query User{098A7C6B-0BF2-453B-B70F-CD6F2319B326}C:\users\nikos\downloads\keygen.magic.dvd.copier.4.7.1.45042.exe] => (Block) C:\users\nikos\downloads\keygen.magic.dvd.copier.4.7.1.45042.exe
FirewallRules: [UDP Query User{4AB7955B-115F-4BE7-9448-C77510362D77}C:\users\nikos\downloads\keygen.magic.dvd.copier.4.7.1.45042.exe] => (Block) C:\users\nikos\downloads\keygen.magic.dvd.copier.4.7.1.45042.exe
FirewallRules: [TCP Query User{25200373-2AE9-4DB3-8BD7-9632D5260B45}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe
FirewallRules: [UDP Query User{33C4E831-53C9-4302-80CE-1C77AD38AFE6}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe
FirewallRules: [TCP Query User{4FB1D683-B1F0-475F-8874-892326392BA3}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{2972BFAC-EF0F-463A-9764-795C17631725}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{6C0809A0-426D-4330-8A63-809774F297B8}C:\program files\phonostar-player\phonostar.exe] => (Allow) C:\program files\phonostar-player\phonostar.exe
FirewallRules: [UDP Query User{D01EFB15-45F2-4FD9-A082-DF63D020A56B}C:\program files\phonostar-player\phonostar.exe] => (Allow) C:\program files\phonostar-player\phonostar.exe
FirewallRules: [{AFCF677F-2F5D-4C13-A224-7D421F1118CE}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EAE71A81-0873-497A-AA9F-FA9650DABE27}] => (Allow) LPort=2869
FirewallRules: [{FC768887-DED2-4A0C-92FE-B5086FCC2932}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{CBD2B1A2-1BFD-44EF-B08D-8F91525089F4}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{97297122-7FF4-4439-8581-35655C5F5C98}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{52E46CD5-1D18-4AAF-9C1C-9CE50EE19552}] => (Allow) LPort=80
FirewallRules: [{E0F103B8-968D-4BBC-AD28-2FB01CBB97A8}] => (Allow) LPort=80
FirewallRules: [{FA2716BA-9FEB-47B9-91FC-EA990AE17B32}] => (Allow) LPort=80
FirewallRules: [TCP Query User{15C06BC4-4643-4EF0-A3DD-FF924FD04F8D}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{2B34AB91-9E92-4F7F-94B1-FEC1A1D3018E}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{7DDFCB58-FB5E-457F-AC35-3233EB654D0F}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{4F2EADE1-0719-49E9-8BCA-5622DF8B6269}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{7CA83392-865A-446D-BFE0-496A7C4505FF}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{984D0F7D-4EB7-4C0D-B883-6CF2B7625575}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{0D70E4CE-EA81-4C40-A763-0C870338BCD9}C:\program files\real\realplayer\realplay.exe] => (Block) C:\program files\real\realplayer\realplay.exe
FirewallRules: [UDP Query User{C3248F83-AA59-4556-908C-6B75D4DEA877}C:\program files\real\realplayer\realplay.exe] => (Block) C:\program files\real\realplayer\realplay.exe
FirewallRules: [TCP Query User{CD9B2571-4206-4F61-81EF-5A4FDC8E8ED9}C:\program files\sopcast\adv\sopadver.exe] => (Block) C:\program files\sopcast\adv\sopadver.exe
FirewallRules: [UDP Query User{F091261E-7637-4008-913F-0BB52616B39C}C:\program files\sopcast\adv\sopadver.exe] => (Block) C:\program files\sopcast\adv\sopadver.exe
FirewallRules: [TCP Query User{1AB9F065-D7BA-42B4-8389-21845D513865}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe
FirewallRules: [UDP Query User{FA859A85-2C38-4A4F-961C-A2AE38C11EB9}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe
FirewallRules: [{4347CA25-3756-4C02-977B-F0823F8A7015}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{25B3A4C1-24BF-4245-9CCC-C05D5DF8514E}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{055126E8-DA11-43EF-BDB7-4037918517EE}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{ED908A22-74AD-4FE4-800F-021C77BC5AAF}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{BB4B6292-B3EE-4DB5-A8E5-2C1A8E193826}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{891A0DF7-39C4-4788-A2E5-E6839CFF89C7}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [TCP Query User{C58B52A6-C708-43F2-B234-FAB16F3BABC4}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{71222D28-6D3B-4409-B1A5-FFDDC2F7115C}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{A94CDEEB-A61C-40BB-A3DD-DEEBA70F9953}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{EC10BB3F-B228-4A3E-BEBF-C3D094E29693}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{41B7C7AE-9FB4-4DBE-BB03-270A93A5A156}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2CCF94E4-2F3E-4DCC-AEF3-63A4C96028BD}] => (Allow) C:\Program Files\Bohemia Interactive\ArmA 2\arma2.exe
FirewallRules: [{5B8A4346-3F2F-4ABA-BA78-97FD3E04837C}] => (Allow) C:\Program Files\Bohemia Interactive\ArmA 2\arma2.exe
FirewallRules: [{5A3EEBA5-8AA7-4F3B-BC5B-678326C70CFF}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{7F06858D-9332-4822-8003-1BF015A67755}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{3425A507-6D5B-4594-A4D0-4CDE5AAF8F5A}C:\program files\xbmc\xbmc.exe] => (Block) C:\program files\xbmc\xbmc.exe
FirewallRules: [UDP Query User{680EC8A3-B0E1-4A54-915E-2D4EEE78F81E}C:\program files\xbmc\xbmc.exe] => (Block) C:\program files\xbmc\xbmc.exe
FirewallRules: [TCP Query User{F7F55C8C-DE9C-49EE-842C-B9F21AEAC413}C:\program files\xbmc\xbmc.exe] => (Block) C:\program files\xbmc\xbmc.exe
FirewallRules: [UDP Query User{79EC5FE0-F5AD-4F2F-AD48-E3313DF0B4CA}C:\program files\xbmc\xbmc.exe] => (Block) C:\program files\xbmc\xbmc.exe
FirewallRules: [{2CDF1437-3AF3-4FA1-B375-C2C3CFEF1D88}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D28A83B8-9674-4DE1-AE97-D4DE7344A1E2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{73C70069-08AB-4797-9FD2-C84C0BFB9E17}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A65FD6B1-AA90-499F-9D27-8A0CD6EE7F40}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\PPMate\ppmate.exe] => Enabled:PPMate

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/21/2015 12:52:33 PM) (Source: MsiInstaller) (EventID: 1013) (User: Nikos-PC)
Description: Produkt: OpenOffice 4.1.2 -- Bitte beenden Sie OpenOffice 4.1.2 und den OpenOffice 4.1.2-Schnellstarter, bevor Sie fortfahren. Falls Sie ein Mehrbenutzersystem benutzen, stellen Sie sicher, dass kein anderer Nutzer  OpenOffice 4.1.2 geöffnet hat.

Error: (12/21/2015 10:47:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16723, Zeitstempel 0x5644f76f, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.19514, Zeitstempel 0x561e7b93, Ausnahmecode 0xc0000374, Fehleroffset 0x000b0a78,
Prozess-ID 0x13d0, Anwendungsstartzeit iexplore.exe0.

Error: (12/21/2015 10:43:51 AM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 1.1 - Update "{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\Windows\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log enthalten.

Error: (12/21/2015 10:43:51 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 1.1 -- Fehler 1606.Zugriff auf die Netzwerkadresse "%APPDATA%\" war nicht möglich.

Error: (12/21/2015 10:43:51 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 1.1 -- Fehler 1606.Zugriff auf die Netzwerkadresse "%APPDATA%\" war nicht möglich.

Error: (12/21/2015 10:36:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/20/2015 12:46:16 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\NIKOS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FAOEN3CU.DEFAULT\SAFEBROWSING-BACKUP> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (12/20/2015 12:42:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/20/2015 03:02:36 AM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 1.1 - Update "{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\Windows\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log enthalten.

Error: (12/20/2015 03:02:36 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 1.1 -- Fehler 1606.Zugriff auf die Netzwerkadresse "%APPDATA%\" war nicht möglich.


Systemfehler:
=============
Error: (12/21/2015 10:47:15 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: 0x80070643Sicherheitsupdate für Microsoft .NET Framework 1.1 SP1 unter Windows XP, Windows Vista und Windows Server 2008 x86 (KB2833941){343E12E8-8772-4A72-9982-570122E959DB}203

Error: (12/21/2015 10:46:10 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner Fehler ist im Speicher-Manager aufgetreten.

Error: (12/21/2015 10:46:05 AM) (Source: netbt) (EventID: 4321) (User: )
Description: Der Name "NIKOS-PC       :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.33
registriert werden. Der Computer mit IP-Adresse 169.254.202.191 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (12/21/2015 10:46:05 AM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{5B99534D-2400-4DC0-9113-8BECB8EC9273} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (12/21/2015 10:46:02 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Die IP-Adresslease 0.0.0.0 für die Netzwerkkarte mit der Netzwerkadresse 0015AF5DCF5E wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).

Error: (12/21/2015 10:46:01 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Die IP-Adresslease 0.0.0.0 für die Netzwerkkarte mit der Netzwerkadresse 0015AF5DCF5E wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).

Error: (12/21/2015 10:46:00 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Die IP-Adresslease 0.0.0.0 für die Netzwerkkarte mit der Netzwerkadresse 0015AF5DCF5E wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).

Error: (12/21/2015 10:45:58 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Die IP-Adresslease 0.0.0.0 für die Netzwerkkarte mit der Netzwerkadresse 0015AF5DCF5E wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).

Error: (12/21/2015 10:45:57 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Die IP-Adresslease 0.0.0.0 für die Netzwerkkarte mit der Netzwerkadresse 0015AF5DCF5E wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).

Error: (12/21/2015 10:45:56 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Die IP-Adresslease 0.0.0.0 für die Netzwerkkarte mit der Netzwerkadresse 0015AF5DCF5E wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Prozentuale Nutzung des RAM: 63%
Installierter physikalischer RAM: 3069.45 MB
Verfügbarer physikalischer RAM: 1123.36 MB
Summe virtueller Speicher: 6341.89 MB
Verfügbarer virtueller Speicher: 3663.05 MB

==================== Laufwerke ================================

Drive c: (BOOT) (Fixed) (Total:445.76 GB) (Free:143.27 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:6.52 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A2150798)
Partition 1: (Active) - (Size=445.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)

==================== Ende vom Addition.txt ============================
         

Alt 21.12.2015, 17:15   #2
karaiskaki
 
Heitmann Metallhandel  Makros Virus - Standard

Heitmann Metallhandel Makros Virus



[CODE]
FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:20-12-2015
durchgeführt von Nikos (Administrator) auf NIKOS-PC (21-12-2015 16:46:22)
Gestartet von C:\Users\Nikos\Desktop
Geladene Profile: IUSR_NMPR & Nikos (Verfügbare Profile: IUSR_NMPR & Nikos)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Empolis GmbH) C:\Program Files\Common Files\Gnab\Service\ServiceController.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Empolis GmbH) C:\Program Files\Medion\MEDIONbox\Program\GCS.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
() C:\Program Files\CDBurnerXP\NMSAccessU.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Buhl Data Service GmbH) C:\Program Files\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe
(Rocket Division Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
() C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
() C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
() C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
(Yahoo! Inc) C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
(CyberLink Corp.) C:\Program Files\HomeCinema\TV Enhance\TVEService.exe
(ODSoft multimedia) C:\Program Files\Sceneo\AbsolutTV\Services\ODSBC\ODSBCApp.exe
(Cyberlink Corp.) C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
() C:\Program Files\Steganos Safe OEM\SteganosHotKeyService.exe
(RealNetworks, Inc.) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
() C:\Program Files\dcmsvc\dcmsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files\phonostar-Player\phonostarTimer.exe
(Safer Networking Limited) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avscan.exe
(Microsoft Corporation) C:\Windows\System32\ntvdm.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [YSearchProtection] => C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [111856 2009-02-03] (Yahoo! Inc)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdc.exe [563080 2007-01-24] (Microsoft Corporation)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [UpdatePPShortCut] => C:\Program Files\HomeCinema\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM\...\Run: [TVEService] => C:\Program Files\HomeCinema\TV Enhance\TVEService.exe [155648 2007-10-19] (CyberLink Corp.)
HKLM\...\Run: [TVBroadcast] => C:\Program Files\Sceneo\AbsolutTV\SERVICES\ODSBC\ODSBCApp.exe [797696 2007-08-08] (ODSoft multimedia)
HKLM\...\Run: [toolbar_eula_launcher] => C:\Program Files\GoogleEULA\EULALauncher.exe [16896 2007-02-09] ( )
HKLM\...\Run: [RemoteControl] => C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe [71216 2007-02-09] (Cyberlink Corp.)
HKLM\...\Run: [NvSvc] => RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NSLauncher] => C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe [3100672 2007-09-07] ()
HKLM\...\Run: [NMSSupport] => C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe [439512 2007-06-27] (Intel Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-09] (Intel Corporation)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [220160 2008-04-03] (Google)
HKLM\...\Run: [CCUTRAYICON] => C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe [215256 2007-06-27] (Intel(R) Corporation)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [111936 2008-09-03] (Apple Inc.)
HKLM\...\Run: [SAFEOEM HotKeys] => C:\Program Files\Steganos Safe OEM\SteganosHotKeyService.exe [26112 2008-12-11] ()
HKLM\...\Run: [TkBellExe] => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [202256 2010-10-14] (RealNetworks, Inc.)
HKLM\...\Run: [dcmsvc] => C:\Program Files\dcmsvc\dcmsvc.exe [30440 2009-04-07] ()
HKLM\...\Run: [Cm106Sound] => RunDll32 cm106.cpl,CMICtrlWnd
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [ApnUpdater] => C:\Program Files\Ask.com\Updater\Updater.exe [1391272 2012-01-03] (Ask)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [ApnTBMon] => C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1558480 2013-07-26] (APN)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\Run: [NPSStartup] => [X]
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-05] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-15] (Nero AG)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Run: [YSearchProtection] => C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [111856 2009-02-03] (Yahoo! Inc)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-06-24] (Google Inc.)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Run: [Search Protection] => C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [111856 2009-02-03] (Yahoo! Inc)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Run: [phonostarTimer] => C:\Program Files\phonostar-Player\phonostarTimer.exe [39936 2010-04-01] ()
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {15ca7099-9380-11e0-9207-c68156decc91} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {7bf933e2-20a0-11e0-89c9-ecb57d8f8c57} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\Start.hta
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {7dce98f1-939b-11e0-b139-8f82e272fcf4} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {cdf9533a-938c-11e0-9797-e65ff4982107} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {cdf95348-938c-11e0-9797-d0b990c9d355} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {cdf95360-938c-11e0-9797-89ee9383e3d5} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-06-24] (Google Inc.)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-15] (Nero AG)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [YSearchProtection] => C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [111856 2009-02-03] (Yahoo! Inc)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [phonostarTimer] => C:\Program Files\phonostar-Player\phonostarTimer.exe [39936 2010-04-01] ()
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [Google Update] => C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [{0D60629E-6757-4B1A-1A32-7835EEAA2F15}] => C:\Users\Nikos\AppData\Roaming\Yhtop\ogirafh.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [AutoStartNPSAgent] => C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\RunOnce: [Adobe Speed Launcher] => 1418941746
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {15ca7099-9380-11e0-9207-c68156decc91} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {7bf933e2-20a0-11e0-89c9-ecb57d8f8c57} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\Start.hta
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {7dce98f1-939b-11e0-b139-8f82e272fcf4} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {9879ed16-2ff9-11e3-91a7-94094ca61297} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\Start.hta
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {cdf9533a-938c-11e0-9797-e65ff4982107} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {cdf95348-938c-11e0-9797-d0b990c9d355} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {cdf95360-938c-11e0-9797-89ee9383e3d5} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {e457e27e-f28a-11e0-beb6-95a08ebf4934} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {e457e288-f28a-11e0-beb6-eee2e2166bed} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {e457e29a-f28a-11e0-beb6-8936c160e657} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {e457e2a4-f28a-11e0-beb6-a3c51c88021e} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssBranded.scr [8139264 2008-01-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2008-06-22]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\Users\Nikos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Warner Bros.lnk [2010-10-23]
ShortcutTarget: Warner Bros.lnk -> C:\Program Files\Warner Bros. Digital Copy Manager\Warner Bros. Digital Copy Manager.exe (Keine Datei)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-11-24] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5B99534D-2400-4DC0-9113-8BECB8EC9273}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5C3F7A78-9AC4-4A54-B0DF-4F12F7C29A6C}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{CAD71E9E-1831-483C-B9E3-9F2820B5E4F8}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130863806944982000&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=fp-yie9
URLSearchHook: HKLM - livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll (Conduit Ltd.)
URLSearchHook: HKLM - FileConverter 1.3 Toolbar - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 - livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 - livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 - FileConverter 1.3 Toolbar - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.)
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1576177
SearchScopes: HKU\.DEFAULT -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> {98D25937-10C2-49A3-B17B-893D6733D12D} URL = hxxp://www.flickr.com/search/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1576177
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> {15003506-EE97-481D-85CA-0AE23947A486} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=23FA1492-7E55-44C2-9AAD-7D29996CCDA4&apn_sauid=0ECEB9CE-D835-48FF-9843-8204B8D5D9E4
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> {98D25937-10C2-49A3-B17B-893D6733D12D} URL = hxxp://www.flickr.com/search/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-tyc8
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> {F57C662B-F287-47DE-900D-3502FF7E098A} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3241949
BHO: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll [2010-03-23] (Yahoo! Inc.)
BHO: QuickStores-Toolbar -> {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} -> C:\Windows\system32\mscoree.dll [2009-11-08] (Microsoft Corporation)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-10-14] (RealPlayer)
BHO: Avira SearchFree Toolbar plus Web Protection -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2013-07-26] (APN LLC.)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO: FileConverter 1.3 Toolbar -> {78e516ef-11de-47a1-8364-a99b917ec5ee} -> C:\Program Files\FileConverter_1.3\prxtbFile.dll [2011-05-09] (Conduit Ltd.)
BHO: Speckie -> {8CE7F568-67FA-4432-BA39-F5AFD68E7B8B} -> C:\Users\Nikos\AppData\Roaming\Speckie\bin32\Speckie32.dll [2013-06-02] (Versoworks Pty Ltd)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
BHO: livetvbar Toolbar -> {ad55c869-668e-457c-b270-0cfb2f61116f} -> C:\Program Files\livetvbar\tblive.dll [2008-07-10] (Conduit Ltd.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.)
BHO: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-01-03] (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
BHO: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll [2010-03-23] (Yahoo! Inc)
Toolbar: HKLM - livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll [2008-07-10] (Conduit Ltd.)
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll [2010-03-23] (Yahoo! Inc.)
Toolbar: HKLM - QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - C:\Windows\system32\mscoree.dll [2009-11-08] (Microsoft Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-01-03] (Ask)
Toolbar: HKLM - FileConverter 1.3 Toolbar - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files\FileConverter_1.3\prxtbFile.dll [2011-05-09] (Conduit Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2013-07-26] (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> livetvbar Toolbar - {AD55C869-668E-457C-B270-0CFB2F61116F} - C:\Program Files\livetvbar\tblive.dll [2008-07-10] (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> livetvbar Toolbar - {AD55C869-668E-457C-B270-0CFB2F61116F} - C:\Program Files\livetvbar\tblive.dll [2008-07-10] (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> FileConverter 1.3 Toolbar - {78E516EF-11DE-47A1-8364-A99B917EC5EE} - C:\Program Files\FileConverter_1.3\prxtbFile.dll [2011-05-09] (Conduit Ltd.)
DPF: {162247AF-26A7-44FC-A93A-69506EA244F3} hxxps://account.maxdome.de/presentation/script/HWTest.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {924C1588-90C3-4910-B6CA-D57A1C0418FE} hxxp://de.bookmarks.yahoo.com/YbConvFav.CAB
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F3D4C08D-3616-43F0-9E29-44C749B0664B} hxxp://whkd.dvrdns.org/JpegInst.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default
FF DefaultSearchUrl: hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Google
FF Homepage: hxxps://de.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2008-03-19] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [Keine Datei]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-10] (Google)
FF Plugin: @real.com/nppl3260;version=6.0.12.732 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2010-10-14] (RealNetworks, Inc.)
FF Plugin: @real.com/npracplug;version=1.0.0.0 -> C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll [2005-04-27] (RealNetworks)
FF Plugin: @real.com/nprjplug;version=1.0.3.732 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2010-10-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=1.0.0.0 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2010-10-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.732 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2010-10-14] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin: @veetle.com/vbp;version=0.9.17 -> C:\Program Files\Veetle\VLCBroadcast\npvbp.dll [2010-03-23] (Veetle Inc)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files\Veetle\plugins\npVeetle.dll [2010-10-16] (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll [2010-09-21] (Veetle Inc)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-07-30] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1865184633-4289980622-1215388488-1004: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\Nikos\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll [2010-03-06] ( )
FF Plugin HKU\S-1-5-21-1865184633-4289980622-1215388488-1004: @tools.google.com/Google Update;version=3 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-1865184633-4289980622-1215388488-1004: @tools.google.com/Google Update;version=9 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF user.js: detected! => C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\user.js [2012-04-06]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32dsw.dll [2008-03-19] (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npgcplug.dll [2008-09-27] (RealNetworks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2010-10-14] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-06-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2013-06-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2013-06-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2013-06-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2013-06-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npracplug.dll [2005-04-27] (RealNetworks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2010-10-14] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2010-10-14] (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\searchplugins\userlogos.xml [2009-01-06]
FF SearchPlugin: C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\searchplugins\webssearches.xml [2015-01-09]
FF Extension: Low Quality Flash - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\extensions\low_quality_flash@pie2k.com [2015-05-30]
FF Extension: Greek Translator - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\extensions\{A17292E8-DE0B-11DA-BCE2-92ABFC5AF602}.xpi [2015-05-30]
FF Extension: Avira Browser Safety - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\abs@avira(233).com [2015-12-15]
FF Extension: AnyColor - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\anycolor.pavlos256@gmail.com [2010-08-22] [ist nicht signiert]
FF Extension: German Dictionary - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-06-08] [ist nicht signiert]
FF Extension: Greek Spelling dictionary - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\el-GR@dictionaries.addons.mozilla.org [2015-12-19] [ist nicht signiert]
FF Extension: Fast Dial - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\fastdial@telega.phpnet.us [2015-11-21]
FF Extension: Video Downloader Professional - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\ffext_basicvideoext@startpage24.xpi [2015-05-29]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\ich@maltegoetz.de.xpi [2015-07-27]
FF Extension: YouTube™ Flash® Player - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2015-11-28]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2015-12-01]
FF Extension: YesScript - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\yesscript@userstyles.org.xpi [2015-05-30]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-27] [ist nicht signiert]
FF Extension: Flash Game Maximizer - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{258735dc-6743-4805-95fc-f95941fffdad}.xpi [2015-05-30]
FF Extension: Google Toolbar for Firefox - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011-04-23] [ist nicht signiert]
FF Extension: Google Toolbar for Firefox - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(169) [2008-06-23] [ist nicht signiert]
FF Extension: Google Toolbar for Firefox - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(95) [2011-04-18] [ist nicht signiert]
FF Extension: Flashblock - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-11-29]
FF Extension: eBay Sidebar for Firefox - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi [2015-05-30]
FF Extension: NoScript - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-23]
FF Extension: iMacros for Firefox - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}(132) [2013-09-13] [ist nicht signiert]
FF Extension: DownloadHelper - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(123) [2013-09-15] [ist nicht signiert]
FF Extension: DownloadHelper - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(133) [2013-09-14] [ist nicht signiert]
FF Extension: DownloadHelper - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(881) [2009-04-10] [ist nicht signiert]
FF Extension: Video DownloadHelper - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
FF Extension: Adblock Plus - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16]
FF Extension: GooglePreview - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}(68) [2009-05-07] [ist nicht signiert]
FF Extension: FoxLingo - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} [2012-11-10] [ist nicht signiert]
FF Extension: Kein Name - C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de [2015-12-19] [ist nicht signiert]
FF Extension: Kein Name - C:\Program Files\Mozilla Firefox\extensions\{ad55c869-668e-457c-b270-0cfb2f61116f} [2015-12-19] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-07-15] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-10-14] [ist nicht signiert]
FF HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] - C:\Program Files\BullGuard Software\BullGuard\antispam\tbspamfilter => nicht gefunden
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2013-10-25]

Chrome: 
=======
CHR Profile: C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (a2zLyrics-1) - C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\afeodekfkejjgjigfnhhifffljmhnpfn [2013-09-14]
CHR Extension: (YouTube) - C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18]
CHR Extension: (Google-Suche) - C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2011-10-05]
CHR Extension: (Google Mail) - C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18]
CHR HKLM\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2013-07-26]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2010-10-14]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [223448 2007-06-27] (Intel(R) Corporation)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [930944 2015-12-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [466408 2015-12-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1222952 2015-12-05] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
S2 ClipInc001; C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe [1412608 2008-04-30] () [Datei ist nicht signiert]
S3 DHTRACE; C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [39640 2007-06-27] (Intel(R) Corporation)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2007-02-12] () [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files\ALDI Foto Service Nord\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [Datei ist nicht signiert]
R2 GnabService; c:\program files\common files\gnab\service\servicecontroller.exe [36864 2007-04-13] (Empolis GmbH) [Datei ist nicht signiert]
S3 GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe [69120 2008-04-03] (Google) [Datei ist nicht signiert]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-02-28] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-02-28] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [59096 2007-06-27] (Intel(R) Corporation)
R2 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [268504 2007-06-27] ()
R2 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [157912 2007-06-27] (Intel(R) Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2008-10-20] ()
R2 NMSCore; C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [317656 2007-06-27] (Intel(R) Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [Datei ist nicht signiert]
R2 QualityManager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [272600 2007-06-27] (Intel(R) Corporation)
R2 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [446680 2007-06-27] (Intel(R) Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [Datei ist nicht signiert]
S3 SoundMovieServer; C:\Windows\system32\snmvtsvc.exe [184320 2008-04-17] (SoundMovieServer) [Datei ist nicht signiert]
R2 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1681408 2007-08-16] (Buhl Data Service GmbH) [Datei ist nicht signiert]
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [Datei ist nicht signiert]
R2 TVECapSvc; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [290909 2007-10-19] () [Datei ist nicht signiert]
R2 TVESched; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [114779 2007-10-19] () [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [Datei ist nicht signiert]
S2 BGLiveSvc; "C:\Program Files\BullGuard Software\BullGuard\BullGuardUpdate.exe" [X]
S2 BgMainSvc; C:\Program Files\BullGuard Software\BullGuard\BsMain.dll [X]
S2 BsFileScan; C:\Program Files\BullGuard Software\BullGuard\BsFileScan.dll [X]
S2 BsMailProxy; C:\Program Files\BullGuard Software\BullGuard\BsMailProxy.dll [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [1302368 2008-01-08] (NXP Semiconductors Germany GmbH)
S3 ASPI; C:\Windows\System32\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [Datei ist nicht signiert]
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278984 2008-09-10] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106968 2015-12-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136272 2015-12-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 BdFileSpy; C:\Windows\system32\drivers\BdFileSpy.sys [50896 2008-04-03] (BullGuard Ltd.)
S3 CH341SER; C:\Windows\System32\Drivers\CH341SER.SYS [39696 2011-11-05] (www.winchiphead.com) [Datei ist nicht signiert]
R3 DrmCDriverV32; C:\Windows\System32\drivers\DrmCDriverV32.sys [23096 2008-04-17] (Windows (R) Codename Longhorn DDK provider)
R3 DrmCVideo32; C:\Windows\System32\DRIVERS\DrmCVideo32.sys [3768 2008-04-17] (Windows (R) 2000 DDK provider)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [Datei ist nicht signiert]
R3 IntelDH; C:\Windows\System32\Drivers\IntelDH.sys [5632 2008-02-20] (Intel Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2008-09-10] ()
R3 MovRVDrv32; C:\Windows\System32\DRIVERS\MovRVDrv32.sys [3768 2008-04-17] (Windows (R) 2000 DDK provider)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [554496 2007-09-21] (Ralink Technology Corp.)
R2 nmsunidr; C:\Windows\System32\DRIVERS\nmsunidr.sys [5376 2007-02-18] (Gteko Ltd.)
S3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1131136 2007-04-03] (Philips Semiconductors GmbH)
R1 SLEE_16_DRIVER; C:\Windows\system32\drivers\Sleen16.sys [79104 2008-10-01] (Softwareentwicklung Remus - ArchiCrypt )
R3 SndTDriverV32; C:\Windows\System32\drivers\SndTDriverV32.sys [23096 2008-04-17] (Windows (R) Codename Longhorn DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [685816 2008-04-27] () [Datei ist nicht signiert]
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-06-09] (Avira Operations GmbH & Co. KG)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [25088 2007-04-25] (The OpenVPN Project)
S3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [26784 2007-12-11] (RapidSolution Software AG)
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [14552 2007-06-27] ()
S3 USBMULCD; C:\Windows\System32\drivers\CM106.sys [1499648 2008-09-10] (C-Media Electronics Inc)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
U3 a4houb3n; C:\Windows\system32\Drivers\a4houb3n.sys [0 ] (Microsoft Corporation) <==== ACHTUNG (Null Byte Datei/Ordner)
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCASp50; System32\Drivers\PCASp50.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2008-05-02] () [Datei ist nicht signiert]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
U5 usbser; C:\Windows\System32\Drivers\usbser.sys [28160 2008-01-21] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-21 16:46 - 2015-12-21 16:47 - 00052101 _____ C:\Users\Nikos\Desktop\FRST.txt
2015-12-21 12:57 - 2015-12-21 12:58 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2015-12-21 12:47 - 2015-12-21 12:48 - 164803434 _____ C:\Users\Nikos\Downloads\Apache_OpenOffice_4.1.2_Win_x86_install_de.exe
2015-12-21 12:03 - 2015-12-21 16:46 - 00000000 ____D C:\FRST
2015-12-21 12:01 - 2015-12-21 12:01 - 01721344 _____ (Farbar) C:\Users\Nikos\Desktop\FRST.exe
2015-12-19 13:08 - 2015-12-19 15:39 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-12-16 20:33 - 2015-12-16 20:33 - 01304503 _____ C:\Users\Nikos\Downloads\Neues aus Uhlenhorst - Elternbrief 2015-12-14.pdf
2015-12-15 18:37 - 2015-12-15 18:37 - 00165905 _____ C:\Users\Nikos\Downloads\Rechnung-201529324-28275.pdf
2015-12-10 11:56 - 2015-11-06 18:05 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-10 11:56 - 2015-11-06 17:32 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-12-10 11:56 - 2015-11-06 17:32 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-12-10 11:56 - 2015-11-06 17:32 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-12-10 11:56 - 2015-11-06 17:32 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-12-10 11:56 - 2015-11-06 16:27 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-12-10 11:56 - 2015-11-06 16:26 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-12-10 11:56 - 2015-11-06 16:24 - 02068480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-10 11:56 - 2015-11-06 16:20 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-10 11:56 - 2015-11-06 16:20 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-12-10 11:56 - 2015-11-06 16:19 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-10 11:54 - 2015-11-02 18:04 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-10 11:52 - 2015-11-10 18:03 - 01208832 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-10 11:52 - 2015-11-10 18:03 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-10 11:52 - 2015-11-05 08:34 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-10 11:52 - 2015-11-05 08:26 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 13:30 - 2015-12-10 12:59 - 00322560 _____ C:\Users\Nikos\Downloads\Documents\Gewinn 2015.xls
2015-12-09 11:52 - 2015-11-12 21:39 - 01814528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 11:52 - 2015-11-12 21:37 - 12389376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 11:52 - 2015-11-12 21:36 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 11:52 - 2015-11-12 21:34 - 09753088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 11:52 - 2015-11-12 21:34 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 11:52 - 2015-11-12 21:33 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 11:52 - 2015-11-12 21:32 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 11:52 - 2015-11-12 21:32 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-12-09 11:52 - 2015-11-12 21:31 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 11:52 - 2015-11-12 21:31 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 11:52 - 2015-11-12 21:31 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 11:52 - 2015-11-12 21:31 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 11:52 - 2015-11-12 21:31 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 11:52 - 2015-11-12 21:31 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-12-05 22:36 - 2015-12-05 22:36 - 01190616 _____ (Adobe Systems Incorporated) C:\Users\Nikos\Downloads\flashplayer19_a_install.exe
2015-12-01 13:09 - 2015-12-01 13:09 - 00000000 ____D C:\premium(0)
2015-11-28 22:22 - 2015-11-28 22:22 - 01190616 _____ (Adobe Systems Incorporated) C:\Users\Nikos\Downloads\flashplayer19_ha_install.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-21 16:44 - 2012-04-08 19:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-21 16:36 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-21 16:36 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-21 16:15 - 2011-10-04 23:38 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004UA.job
2015-12-21 15:52 - 2009-12-19 18:23 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-21 13:19 - 2009-03-24 10:11 - 00001052 _____ C:\Windows\Tasks\Google Software Updater.job
2015-12-21 12:58 - 2013-09-02 17:39 - 00000000 ____D C:\Program Files\OpenOffice 4
2015-12-21 12:03 - 2006-11-02 12:18 - 00000000 ____D C:\Windows
2015-12-21 10:41 - 2008-04-03 18:39 - 00000000 ____D C:\Users\Nikos\AppData\Local\ApplicationHistory
2015-12-21 10:40 - 2009-12-19 18:23 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-21 10:38 - 2014-03-17 23:08 - 00000438 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-12-21 10:36 - 2009-07-22 16:25 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-12-21 10:36 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-21 01:03 - 2008-09-08 17:14 - 00000012 _____ C:\Windows\bthservsdp.dat
2015-12-21 01:03 - 2006-11-02 14:01 - 00032530 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-20 01:14 - 2011-10-04 23:38 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004Core.job
2015-12-19 15:39 - 2012-04-24 22:06 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-12-19 13:07 - 2008-10-03 12:31 - 01618774 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-19 13:07 - 2008-01-21 08:15 - 00702178 _____ C:\Windows\system32\perfh007.dat
2015-12-19 13:07 - 2008-01-21 08:15 - 00158346 _____ C:\Windows\system32\perfc007.dat
2015-12-19 13:07 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\inf
2015-12-17 22:18 - 2014-08-20 21:20 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-17 22:18 - 2013-08-08 19:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-17 21:49 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\Msdtc
2015-12-17 21:47 - 2008-04-03 18:38 - 00000000 ____D C:\Users\Nikos
2015-12-17 21:47 - 2008-02-20 13:07 - 00000000 ___HD C:\Users\IUSR_NMPR
2015-12-17 21:47 - 2006-11-02 11:22 - 73924608 _____ C:\Windows\system32\config\software_previous
2015-12-17 21:47 - 2006-11-02 11:22 - 47972352 _____ C:\Windows\system32\config\components_previous
2015-12-17 21:47 - 2006-11-02 11:22 - 43778048 _____ C:\Windows\system32\config\system_previous
2015-12-17 21:47 - 2006-11-02 11:22 - 00524288 _____ C:\Windows\system32\config\default_previous
2015-12-17 21:47 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\security_previous
2015-12-17 21:47 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2015-12-17 21:46 - 2014-04-29 09:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Premium Reihe · Business Line
2015-12-17 21:46 - 2014-04-29 09:03 - 00000000 ____D C:\premium
2015-12-17 21:46 - 2012-08-03 19:23 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-12-17 21:46 - 2011-10-04 23:40 - 00000000 ____D C:\Users\Nikos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-17 21:46 - 2008-04-03 18:39 - 00000000 ____D C:\Users\Nikos\AppData\Local\TVEnhance
2015-12-17 21:46 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\spool
2015-12-17 21:46 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\registration
2015-12-17 21:22 - 2015-01-14 09:28 - 00000000 ____D C:\Users\Nikos\Desktop\willy.tel rechnung
2015-12-16 14:26 - 2012-10-20 19:34 - 00000000 ____D C:\Users\Nikos\Desktop\SINTAGES
2015-12-15 18:36 - 2008-04-04 00:23 - 00000000 ____D C:\Users\Nikos\AppData\Local\Adobe
2015-12-11 13:12 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2015-12-11 12:35 - 2006-11-02 13:47 - 00435264 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-11 12:31 - 2008-06-24 14:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-11 01:55 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2015-12-10 11:58 - 2010-06-04 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-10 11:52 - 2013-08-16 08:51 - 00000000 ____D C:\Windows\system32\MRT
2015-12-10 11:35 - 2006-11-02 11:24 - 137798368 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-12-09 19:45 - 2014-12-30 23:58 - 00296960 _____ C:\Users\Nikos\Downloads\Documents\Gewinn 2014.xls
2015-12-09 14:44 - 2012-04-08 19:07 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-12-09 14:44 - 2011-05-15 15:26 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-12-05 19:58 - 2015-01-10 00:57 - 00136272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-12-05 19:58 - 2015-01-10 00:57 - 00106968 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-12-02 13:25 - 2009-10-03 00:54 - 00247976 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2010-05-25 19:40 - 2010-05-25 19:40 - 145988770 _____ () C:\Program Files\openofficeorg1.cab
2010-05-25 19:43 - 2010-05-25 19:43 - 3099136 _____ () C:\Program Files\openofficeorg32.msi
2010-05-25 19:41 - 2010-05-25 19:41 - 0460088 _____ () C:\Program Files\setup.exe
2010-05-25 18:46 - 2010-05-25 18:46 - 0000290 _____ () C:\Program Files\setup.ini
2012-12-03 18:29 - 2012-12-03 18:29 - 0000288 _____ () C:\Users\Nikos\AppData\Roaming\.backup.dm
2010-05-14 02:38 - 2010-05-14 02:45 - 0001028 _____ () C:\Users\Nikos\AppData\Roaming\AVIEncoder.wff
2008-12-11 21:53 - 2009-01-03 20:59 - 0000000 _____ () C:\Users\Nikos\AppData\Roaming\AVSDVDPlayer.m3u
2008-04-06 19:57 - 2014-03-24 00:25 - 0000196 _____ () C:\Users\Nikos\AppData\Roaming\Default.PLS
2009-01-02 13:24 - 2009-01-04 17:45 - 0081920 _____ () C:\Users\Nikos\AppData\Roaming\ezpinst.exe
2008-06-05 17:51 - 2011-09-25 20:41 - 0087608 _____ () C:\Users\Nikos\AppData\Roaming\inst.exe
2008-06-05 17:51 - 2011-09-25 20:41 - 0007887 _____ () C:\Users\Nikos\AppData\Roaming\pcouffin.cat
2008-06-05 17:51 - 2011-09-25 20:41 - 0001144 _____ () C:\Users\Nikos\AppData\Roaming\pcouffin.inf
2008-06-05 17:51 - 2011-09-25 20:41 - 0000055 _____ () C:\Users\Nikos\AppData\Roaming\pcouffin.log
2008-06-05 17:51 - 2011-09-25 20:41 - 0047360 _____ (VSO Software) C:\Users\Nikos\AppData\Roaming\pcouffin.sys
2008-04-03 20:12 - 2013-09-14 11:07 - 0000460 _____ () C:\Users\Nikos\AppData\Roaming\wklnhst.dat
2011-01-19 13:57 - 2015-11-02 19:45 - 0001188 _____ () C:\Users\Nikos\AppData\Local\crc32list11.txt
2008-04-03 23:34 - 2015-07-19 18:01 - 0008268 _____ () C:\Users\Nikos\AppData\Local\d3d9caps.dat
2008-04-04 22:21 - 2015-11-03 13:37 - 0146432 _____ () C:\Users\Nikos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-04-03 18:39 - 2008-04-03 18:39 - 0000093 _____ () C:\Users\Nikos\AppData\Local\fusioncache.dat
2008-05-19 11:27 - 2008-05-19 11:27 - 0000022 _____ () C:\ProgramData\60a7806a-0eea-424c-a464-20f4730cd631
2008-04-08 17:59 - 2008-04-08 17:59 - 0000305 _____ () C:\ProgramData\addr_file.html
2008-04-03 19:18 - 2010-01-22 19:35 - 0021183 _____ () C:\ProgramData\hpzinstall.log
2010-05-14 15:19 - 2010-05-21 01:07 - 0034901 _____ () C:\ProgramData\nvModes.001
2010-05-14 15:19 - 2010-05-21 01:07 - 0034901 _____ () C:\ProgramData\nvModes.dat
2008-04-25 20:34 - 2008-04-25 20:34 - 0004977 _____ () C:\ProgramData\ywasvxup.hvs

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Public\dcmsvcsetup.exe
C:\Users\Public\invokesi.exe


Einige Dateien in TEMP:
====================
C:\Users\Nikos\AppData\Local\Temp\AskSLib.dll
C:\Users\Nikos\AppData\Local\Temp\avgnt.exe
C:\Users\Nikos\AppData\Local\Temp\GdiPlus.dll
C:\Users\Nikos\AppData\Local\Temp\NPSInstallerProxyMessageBoxHookDll.dll
C:\Users\Nikos\AppData\Local\Temp\sfareca00001.dll
C:\Users\Nikos\AppData\Local\Temp\sfextra.dll
C:\Users\Nikos\AppData\Local\Temp\tbedrs.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-21 10:50

==================== Ende vom FRST.txt ============================
         
--- --- ---
__________________


Alt 29.12.2015, 21:52   #3
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Heitmann Metallhandel  Makros Virus - Standard

Heitmann Metallhandel Makros Virus





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.


Los geht's:

Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
__________________

Alt 30.12.2015, 13:11   #4
karaiskaki
 
Heitmann Metallhandel  Makros Virus - Standard

TDSS Scan



Hallo Jürgen , herzlichen Dank das du mir bei meinem Problem helfen möchtest. Ich habe den Scan ausgeführt und stelle das Ergebnis hier ein.
Code:
ATTFilter
12:58:38.0357 0x1298  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
12:58:58.0622 0x1298  ============================================================
12:58:58.0622 0x1298  Current date / time: 2015/12/30 12:58:58.0622
12:58:58.0622 0x1298  SystemInfo:
12:58:58.0622 0x1298  
12:58:58.0622 0x1298  OS Version: 6.0.6002 ServicePack: 2.0
12:58:58.0622 0x1298  Product type: Workstation
12:58:58.0637 0x1298  ComputerName: NIKOS-PC
12:58:58.0637 0x1298  UserName: Nikos
12:58:58.0637 0x1298  Windows directory: C:\Windows
12:58:58.0637 0x1298  System windows directory: C:\Windows
12:58:58.0637 0x1298  Processor architecture: Intel x86
12:58:58.0637 0x1298  Number of processors: 4
12:58:58.0637 0x1298  Page size: 0x1000
12:58:58.0637 0x1298  Boot type: Normal boot
12:58:58.0637 0x1298  ============================================================
12:58:59.0355 0x1298  KLMD registered as C:\Windows\system32\drivers\34945187.sys
12:58:59.0823 0x1298  System UUID: {EFFC1020-C4F3-1FC1-CC30-B017428EE614}
12:59:00.0837 0x1298  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:59:00.0915 0x1298  ============================================================
12:59:00.0915 0x1298  \Device\Harddisk0\DR0:
12:59:00.0915 0x1298  MBR partitions:
12:59:00.0915 0x1298  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x37B83800
12:59:00.0946 0x1298  \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x37B8420D, BlocksNum 0x2800A34
12:59:00.0946 0x1298  ============================================================
12:59:01.0009 0x1298  C: <-> \Device\Harddisk0\DR0\Partition1
12:59:01.0055 0x1298  D: <-> \Device\Harddisk0\DR0\Partition2
12:59:01.0055 0x1298  ============================================================
12:59:01.0055 0x1298  Initialize success
12:59:01.0055 0x1298  ============================================================
13:00:29.0026 0x07cc  ============================================================
13:00:29.0026 0x07cc  Scan started
13:00:29.0026 0x07cc  Mode: Manual; SigCheck; TDLFS; 
13:00:29.0026 0x07cc  ============================================================
13:00:29.0026 0x07cc  KSN ping started
13:00:31.0881 0x07cc  KSN ping finished: true
13:00:35.0375 0x07cc  ================ Scan system memory ========================
13:00:35.0375 0x07cc  System memory - ok
13:00:35.0375 0x07cc  ================ Scan services =============================
13:00:35.0578 0x07cc  [ 651C54AC4EC5C5397C5AFF5D575CA45B, FDEC7CB01158981A6093C72F6E57246FACD02F8BC53481EEF08124A045BCB512 ] 3xHybrid        C:\Windows\system32\DRIVERS\3xHybrid.sys
13:00:35.0921 0x07cc  3xHybrid - ok
13:00:35.0999 0x07cc  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
13:00:36.0046 0x07cc  ACPI - ok
13:00:36.0187 0x07cc  [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:00:36.0218 0x07cc  AdobeARMservice - ok
13:00:36.0343 0x07cc  [ C3E7E1F3C85A6788F3BA078BA214341E, A3D72ACE045730DC1C8A6F4E3937C5C765AB447BF7C573BEC53DE8148EB4A1C8 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:00:36.0389 0x07cc  AdobeFlashPlayerUpdateSvc - ok
13:00:36.0499 0x07cc  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:00:36.0592 0x07cc  adp94xx - ok
13:00:36.0655 0x07cc  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:00:36.0686 0x07cc  adpahci - ok
13:00:36.0733 0x07cc  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
13:00:36.0748 0x07cc  adpu160m - ok
13:00:36.0779 0x07cc  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:00:36.0811 0x07cc  adpu320 - ok
13:00:36.0857 0x07cc  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:00:36.0998 0x07cc  AeLookupSvc - ok
13:00:37.0060 0x07cc  [ 4A0978779958D8FE8F5849F452BCC812, C57002A721F3DCAFB00CF4DEC57E9E761393BDB471ACEAFFDBD1ABA9AE308598 ] AFD             C:\Windows\system32\drivers\afd.sys
13:00:37.0154 0x07cc  AFD - ok
13:00:37.0216 0x07cc  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:00:37.0247 0x07cc  agp440 - ok
13:00:37.0294 0x07cc  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
13:00:37.0325 0x07cc  aic78xx - ok
13:00:37.0435 0x07cc  [ CF86F64A1AEA27E5FA97E697BF70346D, 51B5C707AEC67C9686925567710F70C62AE8CD640B132A05BA51A446E10D873E ] AlertService    C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
13:00:37.0466 0x07cc  AlertService - ok
13:00:37.0497 0x07cc  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
13:00:37.0653 0x07cc  ALG - ok
13:00:37.0684 0x07cc  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
13:00:37.0715 0x07cc  aliide - ok
13:00:37.0731 0x07cc  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
13:00:37.0762 0x07cc  amdagp - ok
13:00:37.0778 0x07cc  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
13:00:37.0793 0x07cc  amdide - ok
13:00:37.0840 0x07cc  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
13:00:37.0903 0x07cc  AmdK7 - ok
13:00:37.0934 0x07cc  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:00:37.0981 0x07cc  AmdK8 - ok
13:00:38.0105 0x07cc  [ D1CC2C50CC47D9973E801567418EA41D, D217D6978FE9EBDFED5C4970F8EB2474450E0376FA65FE6243C1CCCD3075A18D ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
13:00:38.0215 0x07cc  AntiVirMailService - ok
13:00:38.0277 0x07cc  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
13:00:38.0339 0x07cc  AntiVirSchedulerService - ok
13:00:38.0480 0x07cc  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
13:00:38.0542 0x07cc  AntiVirService - ok
13:00:38.0651 0x07cc  [ 5B948452C2BADBD7C6575E0CC29AE80B, 7236A776531D1245BE567C6ACA1C578F41457D7A0B717C2DEDA433FF6FF4D1CE ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
13:00:38.0807 0x07cc  AntiVirWebService - ok
13:00:38.0917 0x07cc  [ D41231AECFEE88973D56AEC2EE5B962D, BB41C9E436186155E5340780564FC52A36481E474C42965B5BBC57B6C42ADA38 ] APNMCP          C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
13:00:38.0948 0x07cc  APNMCP - ok
13:00:39.0010 0x07cc  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
13:00:39.0088 0x07cc  Appinfo - ok
13:00:39.0322 0x07cc  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:00:39.0338 0x07cc  Apple Mobile Device - ok
13:00:39.0385 0x07cc  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
13:00:39.0416 0x07cc  arc - ok
13:00:39.0494 0x07cc  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:00:39.0525 0x07cc  arcsas - ok
13:00:39.0603 0x07cc  [ E54E27976E2C5A6465D44C10B1D87AC0, B410F9D324633E14019B6762D1E61B69F365BDB318AA24A516FCA662E0502293 ] ASPI            C:\Windows\System32\DRIVERS\ASPI32.sys
13:00:39.0634 0x07cc  ASPI - detected UnsignedFile.Multi.Generic ( 1 )
13:00:42.0536 0x07cc  Detect skipped due to KSN trusted
13:00:42.0536 0x07cc  ASPI - ok
13:00:42.0661 0x07cc  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
13:00:42.0770 0x07cc  aspnet_state - ok
13:00:42.0848 0x07cc  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:00:42.0895 0x07cc  AsyncMac - ok
13:00:42.0957 0x07cc  [ 2D9C903DC76A66813D350A562DE40ED9, 82609F01A08C6842E4C17C077BB641C1429C0E6657964B7F2D114035E1BDCBF3 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:00:42.0973 0x07cc  atapi - ok
13:00:43.0051 0x07cc  [ 3C4B9850A2631C2263507400D029057B, A3DFF043B92C2F8C533BA609FB9FB20CF132E9D516449877CC2EDD75F1D6BC5C ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
13:00:43.0097 0x07cc  atksgt - ok
13:00:43.0207 0x07cc  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:00:43.0300 0x07cc  AudioEndpointBuilder - ok
13:00:43.0316 0x07cc  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
13:00:43.0347 0x07cc  Audiosrv - ok
13:00:43.0409 0x07cc  [ 0F0030B2C9AABCC8D1E70F1A1E9674D8, B4384E3F0BE7E68630212A7D81CD171233BB242F9720893638D0A6B496F98E6C ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
13:00:43.0441 0x07cc  avgntflt - ok
13:00:43.0503 0x07cc  [ 48C94CD2D3DC713C2DF1BBA93386F4CB, 20DFAAEAF8F81F84A9F5614ECEBCED0D08BBB6874078BC32D53273F064A0103A ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
13:00:43.0534 0x07cc  avipbb - ok
13:00:43.0643 0x07cc  [ 2027E82463B6F6BB4D2A5BAF09202BA8, 7E61DEAC45F710F62C388177B43D99F3C39B89CEFCEFCC581DF12201C8CDB23C ] Avira.ServiceHost C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
13:00:43.0675 0x07cc  Avira.ServiceHost - ok
13:00:43.0753 0x07cc  [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
13:00:43.0768 0x07cc  avkmgr - ok
13:00:43.0940 0x07cc  [ A2494901E7226B356B8C1005C45F1C5F, A4A7076D40B012BB415C4B661B8C45671B853330746E278D080EC96596EEECBE ] BBSvc           C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe
13:00:43.0971 0x07cc  BBSvc - ok
13:00:44.0080 0x07cc  [ 63B1CBBAE4790B5BAC98F01BF9449722, 0A49B9FCEF33B38132B0AB8A9D7591A46856E82BC2123841E27A895817D92695 ] BBUpdate        C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe
13:00:44.0127 0x07cc  BBUpdate - ok
13:00:44.0143 0x07cc  [ 49EA1829AD8FE3BC7E56B81EC4922BE5, 43A79CEB613D04F6F67D40D57935CF4CC86C0A7EFD4487BD147463DE299C0602 ] BdFileSpy       C:\Windows\system32\drivers\BdFileSpy.sys
13:00:44.0174 0x07cc  BdFileSpy - ok
13:00:44.0221 0x07cc  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:00:44.0267 0x07cc  Beep - ok
13:00:44.0345 0x07cc  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
13:00:44.0470 0x07cc  BFE - ok
13:00:44.0470 0x07cc  BGLiveSvc - ok
13:00:44.0501 0x07cc  BgMainSvc - ok
13:00:44.0735 0x07cc  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
13:00:44.0860 0x07cc  BITS - ok
13:00:44.0891 0x07cc  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
13:00:44.0969 0x07cc  blbdrive - ok
13:00:45.0079 0x07cc  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:00:45.0172 0x07cc  Bonjour Service - ok
13:00:45.0219 0x07cc  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:00:45.0313 0x1770  Object required for P2P: [ C3E7E1F3C85A6788F3BA078BA214341E ] AdobeFlashPlayerUpdateSvc
13:00:45.0391 0x07cc  bowser - ok
13:00:45.0469 0x07cc  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
13:00:45.0547 0x07cc  BrFiltLo - ok
13:00:45.0578 0x07cc  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
13:00:45.0640 0x07cc  BrFiltUp - ok
13:00:45.0749 0x07cc  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
13:00:45.0843 0x07cc  Browser - ok
13:00:45.0874 0x07cc  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
13:00:46.0155 0x07cc  Brserid - ok
13:00:46.0171 0x07cc  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
13:00:46.0264 0x07cc  BrSerWdm - ok
13:00:46.0280 0x07cc  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
13:00:46.0358 0x07cc  BrUsbMdm - ok
13:00:46.0373 0x07cc  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
13:00:46.0451 0x07cc  BrUsbSer - ok
13:00:46.0483 0x07cc  BsFileScan - ok
13:00:46.0483 0x07cc  BsMailProxy - ok
13:00:46.0514 0x07cc  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:00:46.0561 0x07cc  BTHMODEM - ok
13:00:46.0623 0x07cc  [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] BthServ         C:\Windows\System32\bthserv.dll
13:00:46.0732 0x07cc  BthServ - ok
13:00:46.0763 0x07cc  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:00:46.0795 0x07cc  cdfs - ok
13:00:46.0826 0x07cc  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:00:46.0857 0x07cc  cdrom - ok
13:00:46.0888 0x07cc  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
13:00:46.0935 0x07cc  CertPropSvc - ok
13:00:46.0982 0x07cc  [ 4798C1AD22BAF6FF25451E2194E034D1, 1E2DD8EB6CC1095F8113448724354567AA8CEAC269391CC72B7ADCBF657CD53A ] CH341SER        C:\Windows\system32\Drivers\CH341SER.SYS
13:00:47.0013 0x07cc  CH341SER - detected UnsignedFile.Multi.Generic ( 1 )
13:00:48.0667 0x1770  Object send P2P result: true
13:00:48.0667 0x1770  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
13:00:49.0868 0x07cc  Detect skipped due to KSN trusted
13:00:49.0868 0x07cc  CH341SER - ok
13:00:50.0086 0x07cc  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
13:00:50.0164 0x07cc  circlass - ok
13:00:50.0258 0x07cc  [ 5D9311526801643000D7032A83B18B12, C5A98868A41446617B3A27C6C4AAFA4E7C093E253E8C1DD5DBFE6FAE21991209 ] CLFS            C:\Windows\system32\CLFS.sys
13:00:50.0273 0x07cc  CLFS - ok
13:00:50.0383 0x07cc  ClipInc001 - ok
13:00:50.0492 0x07cc  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:00:50.0507 0x07cc  clr_optimization_v2.0.50727_32 - ok
13:00:50.0554 0x07cc  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:00:50.0773 0x07cc  clr_optimization_v4.0.30319_32 - ok
13:00:50.0788 0x07cc  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:00:50.0819 0x07cc  cmdide - ok
13:00:50.0866 0x07cc  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
13:00:50.0882 0x07cc  Compbatt - ok
13:00:50.0897 0x07cc  COMSysApp - ok
13:00:50.0944 0x07cc  [ 75FA19142531CBF490770C2988A7DB64, C673F2EED5D0EED307A67119D20A91C8818A53A3CB616E2984876B07E5C62547 ] cpuz134         C:\Windows\system32\drivers\cpuz134_x32.sys
13:00:50.0975 0x07cc  cpuz134 - ok
13:00:50.0991 0x07cc  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:00:51.0022 0x07cc  crcdisk - ok
13:00:51.0038 0x07cc  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
13:00:51.0085 0x07cc  Crusoe - ok
13:00:51.0178 0x07cc  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:00:51.0241 0x07cc  CryptSvc - ok
13:00:51.0303 0x07cc  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:00:51.0459 0x07cc  DcomLaunch - ok
13:00:51.0506 0x07cc  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:00:51.0615 0x07cc  DfsC - ok
13:00:51.0755 0x07cc  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
13:00:51.0818 0x1770  Object send P2P result: true
13:00:51.0818 0x1770  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
13:00:51.0958 0x07cc  DFSR - ok
13:00:52.0052 0x07cc  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
13:00:52.0114 0x07cc  Dhcp - ok
13:00:52.0208 0x07cc  [ 2C56880D37785CF2C07B0309CEBB0A7D, 872A32C15492B6885DEDCCD7A7557FCBE0B049875A60C83969A6DA0EA6DA4528 ] DHTRACE         C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe
13:00:52.0223 0x07cc  DHTRACE - ok
13:00:52.0286 0x07cc  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
13:00:52.0317 0x07cc  disk - ok
13:00:52.0411 0x07cc  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:00:52.0489 0x07cc  Dnscache - ok
13:00:52.0535 0x07cc  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
13:00:52.0598 0x07cc  dot3svc - ok
13:00:52.0676 0x07cc  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
13:00:52.0754 0x07cc  DPS - ok
13:00:52.0816 0x07cc  [ 28B42D80CE943A98C6BCEA67263CBDFF, 4368D630D3A5919C78C9C6311807F6B1A53F6A8B023433272151CE229923FC8D ] DQLWinService   C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
13:00:52.0863 0x07cc  DQLWinService - detected UnsignedFile.Multi.Generic ( 1 )
13:00:52.0925 0x02a8  Object required for P2P: [ 2027E82463B6F6BB4D2A5BAF09202BA8 ] Avira.ServiceHost
13:00:54.0829 0x1770  Object send P2P result: true
13:00:55.0858 0x07cc  Detect skipped due to KSN trusted
13:00:55.0858 0x07cc  DQLWinService - ok
13:00:55.0921 0x07cc  [ C88EAD1E773C444F6ABBA21D01A83408, 1673A65615C0FF1F21898AF018970A33F80120397CDED26554FCDC91F03378FA ] DrmCDriverV32   C:\Windows\system32\drivers\DrmCDriverV32.sys
13:00:55.0936 0x07cc  DrmCDriverV32 - ok
13:00:55.0967 0x07cc  [ CB48C23769C56977EC3DE6DF0C6DBB8C, ADDD846C1AF8BEDE2370A99C46C2A0AF8348DCF6B2BD29568E0E16A36E3E079D ] DrmCVideo32     C:\Windows\system32\DRIVERS\DrmCVideo32.sys
13:00:55.0983 0x07cc  DrmCVideo32 - ok
13:00:56.0030 0x07cc  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:00:56.0077 0x02a8  Object send P2P result: true
13:00:56.0092 0x07cc  drmkaud - ok
13:00:56.0155 0x07cc  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:00:56.0264 0x07cc  DXGKrnl - ok
13:00:56.0342 0x07cc  [ 476D9F2F0789CDE89ACEE2A2FB21EC5A, ADE01C948B0DEF4B7C4D20C5548CC58CDB61DF7C4DA7F5CE3D21564806046D51 ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
13:00:56.0389 0x07cc  e1express - ok
13:00:56.0513 0x07cc  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
13:00:56.0560 0x07cc  E1G60 - ok
13:00:56.0591 0x07cc  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
13:00:56.0607 0x07cc  EapHost - ok
13:00:56.0685 0x07cc  [ 9BAB89DBB27891DEEF6E1F1B589A6ED4, 61BE4A6394ED5C99CB84B720F6AA6B97C7FE71A7A04D822F6EE99AB084C55606 ] Ecache          C:\Windows\system32\drivers\ecache.sys
13:00:56.0701 0x07cc  Ecache - ok
13:00:56.0779 0x07cc  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:00:56.0857 0x07cc  ehRecvr - ok
13:00:56.0872 0x07cc  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
13:00:56.0935 0x07cc  ehSched - ok
13:00:56.0950 0x07cc  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
13:00:56.0997 0x07cc  ehstart - ok
13:00:57.0044 0x07cc  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:00:57.0091 0x07cc  elxstor - ok
13:00:57.0169 0x07cc  [ E798C0BDFA4913CCF8A646D29BB34796, 7CDB2BCCDD8A8A70C6248C327A357EA3488C7ADED32D4F89B933ED72AE12B73B ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
13:00:57.0247 0x07cc  EMDMgmt - ok
13:00:57.0278 0x07cc  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:00:57.0371 0x07cc  ErrDev - ok
13:00:57.0465 0x07cc  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
13:00:57.0574 0x07cc  EventSystem - ok
13:00:57.0605 0x07cc  ewusbnet - ok
13:00:57.0637 0x07cc  [ 57C171EA22F0A7F068FCB0CAEDD1E8E7, 9AAF39AA22372FB8582C1422581C08E61444BF843E1CE2E199EB00FBEA6F9C06 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
13:00:57.0683 0x07cc  ew_hwusbdev - ok
13:00:57.0746 0x07cc  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:00:57.0824 0x07cc  exfat - ok
13:00:57.0855 0x07cc  [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:00:57.0902 0x07cc  fastfat - ok
13:00:57.0902 0x07cc  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:00:57.0995 0x07cc  fdc - ok
13:00:58.0027 0x07cc  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
13:00:58.0073 0x07cc  fdPHost - ok
13:00:58.0105 0x07cc  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:00:58.0183 0x07cc  FDResPub - ok
13:00:58.0229 0x07cc  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:00:58.0245 0x07cc  FileInfo - ok
13:00:58.0261 0x07cc  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:00:58.0307 0x07cc  Filetrace - ok
13:00:58.0463 0x07cc  [ 167D24A045499EBEF438F231976158DF, 237F1495BA79D9082D6B383FE9AC5C6154A6F76F181000401F5790236EB57301 ] FirebirdServerMAGIXInstance C:\Program Files\ALDI Foto Service Nord\Common\Database\bin\fbserver.exe
13:00:58.0682 0x07cc  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 )
13:01:01.0646 0x07cc  Detect skipped due to KSN trusted
13:01:01.0646 0x07cc  FirebirdServerMAGIXInstance - ok
13:01:01.0661 0x07cc  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:01:01.0708 0x07cc  flpydisk - ok
13:01:01.0802 0x07cc  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:01:01.0833 0x07cc  FltMgr - ok
13:01:01.0958 0x07cc  [ 61AC5BF24A155C95F865290F046F91EF, 89F6A96F5CBD04390CF0509DDC22E4FDC1F8AB862F23957D583A757C1E51C20B ] FontCache       C:\Windows\system32\FntCache.dll
13:01:02.0145 0x07cc  FontCache - ok
13:01:02.0223 0x07cc  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:01:02.0254 0x07cc  FontCache3.0.0.0 - ok
13:01:02.0317 0x07cc  [ CBE5F69A5E5B918225F420BA748F3742, 930C81195346239A7843CAE140896698675E8025BF32C3E71D2BDDA53FAB0264 ] FsUsbExDisk     C:\Windows\system32\FsUsbExDisk.SYS
13:01:02.0379 0x07cc  FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
13:01:05.0265 0x07cc  Detect skipped due to KSN trusted
13:01:05.0265 0x07cc  FsUsbExDisk - ok
13:01:05.0312 0x07cc  [ 96633419F4A1E37ACB89B45EBCCFE001, 53DC59D8EB89F380BC2DBB009EDFFD66552D68B8606187A75FEF64707267E4F9 ] FsUsbExService  C:\Windows\system32\FsUsbExService.Exe
13:01:05.0359 0x07cc  FsUsbExService - ok
13:01:05.0405 0x07cc  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:01:05.0468 0x07cc  Fs_Rec - ok
13:01:05.0483 0x07cc  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:01:05.0515 0x07cc  gagp30kx - ok
13:01:05.0577 0x07cc  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\Drivers\GEARAspiWDM.sys
13:01:05.0593 0x07cc  GEARAspiWDM - ok
13:01:05.0639 0x07cc  [ 51B2D8629E1A0F463682F365D56325CB, A0D5290F1D30AF12305F54DAB46F94FB63BF902E7B9238352E5EC3A9ED42C184 ] GnabService     c:\program files\common files\gnab\service\servicecontroller.exe
13:01:05.0671 0x07cc  GnabService - detected UnsignedFile.Multi.Generic ( 1 )
13:01:08.0635 0x07cc  Detect skipped due to KSN trusted
13:01:08.0635 0x07cc  GnabService - ok
13:01:08.0775 0x07cc  [ 33EFD5039EA1BFA623D8BB9FB787CB0F, 5A89579BBA9EFE973054CE3485B9D6319D5D04A0411C8233AD7B926F05F8CC8F ] GoogleDesktopManager C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
13:01:08.0853 0x07cc  GoogleDesktopManager - detected UnsignedFile.Multi.Generic ( 1 )
13:01:11.0770 0x07cc  Detect skipped due to KSN trusted
13:01:11.0770 0x07cc  GoogleDesktopManager - ok
13:01:12.0067 0x07cc  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
13:01:12.0191 0x07cc  gpsvc - ok
13:01:12.0285 0x07cc  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
13:01:12.0332 0x07cc  gupdate - ok
13:01:12.0379 0x07cc  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
13:01:12.0394 0x07cc  gupdatem - ok
13:01:12.0503 0x07cc  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
13:01:12.0535 0x07cc  gusvc - ok
13:01:12.0597 0x07cc  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:01:12.0644 0x07cc  HdAudAddService - ok
13:01:12.0706 0x07cc  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:01:12.0815 0x07cc  HDAudBus - ok
13:01:12.0862 0x07cc  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:01:12.0940 0x07cc  HidBth - ok
13:01:12.0971 0x07cc  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:01:13.0049 0x07cc  HidIr - ok
13:01:13.0081 0x07cc  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
13:01:13.0127 0x07cc  hidserv - ok
13:01:13.0143 0x07cc  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:01:13.0174 0x07cc  HidUsb - ok
13:01:13.0190 0x07cc  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:01:13.0237 0x07cc  hkmsvc - ok
13:01:13.0252 0x07cc  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
13:01:13.0283 0x07cc  HpCISSs - ok
13:01:13.0393 0x07cc  [ 682358F730B84B63E09C6B4EDC1DE7AE, D05287004BABA571005C435CB643081DDC60E1CC0362A1BEB04E01E945BD2001 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
13:01:13.0424 0x07cc  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
13:01:16.0778 0x07cc  Detect skipped due to KSN trusted
13:01:16.0778 0x07cc  hpqcxs08 - ok
13:01:16.0840 0x07cc  [ 2E7BEE4AA776CF1C37836B26D1D29403, 14763BD5936A059F91FF5EBE5E6535FE4C9B351DF3D3BD8C248DDA3642AE64C5 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
13:01:16.0918 0x07cc  hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
13:01:19.0711 0x07cc  Detect skipped due to KSN trusted
13:01:19.0711 0x07cc  hpqddsvc - ok
13:01:19.0757 0x07cc  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:01:19.0835 0x07cc  HTTP - ok
13:01:19.0913 0x07cc  [ 2F23ABA465B24A57E8664A124A53CC15, E2B5A605E4E4B71AA57D0911A60B277E1787D6C5D8EDED767A6BCBCF46B26893 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
13:01:20.0007 0x07cc  huawei_enumerator - ok
13:01:20.0054 0x07cc  hwdatacard - ok
13:01:20.0085 0x07cc  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
13:01:20.0116 0x07cc  i2omp - ok
13:01:20.0210 0x07cc  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:01:20.0257 0x07cc  i8042prt - ok
13:01:20.0350 0x07cc  [ 9BCF5972C941B4B5CB60DED03CB9E300, 96D9410DA54DEC58A440F30F1FD426BDA959A9DF29882EA53EC4FE8F8DF315E9 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
13:01:20.0428 0x07cc  IAANTMON - ok
13:01:20.0459 0x07cc  [ 28AAE599496B4930B3F19026F2083BC4, 7C3531D645E5DA86C62C1CB9256450A19D27A454D89ECF5AE7AF9820B89553E8 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
13:01:20.0475 0x07cc  iaStor - ok
13:01:20.0506 0x07cc  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
13:01:20.0584 0x07cc  iaStorV - ok
13:01:20.0709 0x07cc  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
13:01:20.0756 0x07cc  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
13:01:23.0564 0x07cc  Detect skipped due to KSN trusted
13:01:23.0564 0x07cc  IDriverT - ok
13:01:23.0720 0x07cc  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:01:23.0876 0x07cc  idsvc - ok
13:01:23.0907 0x07cc  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:01:23.0923 0x07cc  iirsp - ok
13:01:24.0001 0x07cc  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
13:01:24.0157 0x07cc  IKEEXT - ok
13:01:24.0172 0x07cc  IntcAzAudAddService - ok
13:01:24.0203 0x07cc  [ 7F440F8CED849FCDFA85BB3521B4F048, 1E2B295DE14B7DD704D637546F164CCCF068755227A0FBE30C14044A731FFFF5 ] IntelDH         C:\Windows\system32\Drivers\IntelDH.sys
13:01:24.0281 0x07cc  IntelDH - ok
13:01:24.0328 0x07cc  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
13:01:24.0359 0x07cc  intelide - ok
13:01:24.0406 0x07cc  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:01:24.0453 0x07cc  intelppm - ok
13:01:24.0500 0x07cc  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:01:24.0547 0x07cc  IPBusEnum - ok
13:01:24.0562 0x07cc  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:01:24.0625 0x07cc  IpFilterDriver - ok
13:01:24.0687 0x07cc  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:01:24.0781 0x07cc  iphlpsvc - ok
13:01:24.0781 0x07cc  IpInIp - ok
13:01:24.0796 0x07cc  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
13:01:24.0874 0x07cc  IPMIDRV - ok
13:01:24.0921 0x07cc  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
13:01:24.0952 0x07cc  IPNAT - ok
13:01:25.0046 0x07cc  [ 066F2BBE2EEC9A42B065B552BF356B4E, AE86DB5BFD4748C54C0C224E7FBEA3C032F1071A39303DF35AA04869D3950B7A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:01:25.0155 0x07cc  iPod Service - ok
13:01:25.0186 0x07cc  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:01:25.0217 0x07cc  IRENUM - ok
13:01:25.0249 0x07cc  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:01:25.0264 0x07cc  isapnp - ok
13:01:25.0311 0x07cc  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
13:01:25.0342 0x07cc  iScsiPrt - ok
13:01:25.0420 0x07cc  [ 50ADB2883F8874AA6632A67CD410F27F, 1AFFA1C56ED0C50F2E4BB215426FB3727CB516C89F5A945A55662CE93CB64353 ] ISSM            C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
13:01:25.0451 0x07cc  ISSM - ok
13:01:25.0467 0x07cc  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
13:01:25.0483 0x07cc  iteatapi - ok
13:01:25.0514 0x07cc  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
13:01:25.0545 0x07cc  iteraid - ok
13:01:25.0576 0x07cc  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:01:25.0576 0x07cc  kbdclass - ok
13:01:25.0732 0x07cc  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:01:25.0795 0x07cc  kbdhid - ok
13:01:25.0873 0x07cc  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
13:01:25.0982 0x07cc  KeyIso - ok
13:01:26.0060 0x07cc  [ C89E473697B67F0E3AE9211ADBD43278, DECC1CA1E0FB0CDE384F29F5FC5D234C2C923999EB98FE1F88CDCA37859116A3 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:01:26.0153 0x07cc  KSecDD - ok
13:01:26.0231 0x07cc  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:01:26.0309 0x07cc  KtmRm - ok
13:01:26.0356 0x07cc  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:01:26.0434 0x07cc  LanmanServer - ok
13:01:26.0497 0x07cc  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:01:26.0590 0x07cc  LanmanWorkstation - ok
13:01:26.0653 0x07cc  [ 4127E8B6DDB4090E815C1F8852C277D3, A5BC1F65FA6D8952CDDA08320ADDF0E4394E10AE4780017C8C86AC5E68DF83F8 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
13:01:26.0684 0x07cc  lirsgt - ok
13:01:26.0699 0x07cc  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:01:26.0746 0x07cc  lltdio - ok
13:01:26.0793 0x07cc  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:01:26.0855 0x07cc  lltdsvc - ok
13:01:26.0902 0x07cc  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:01:26.0965 0x07cc  lmhosts - ok
13:01:27.0011 0x07cc  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:01:27.0043 0x07cc  LSI_FC - ok
13:01:27.0105 0x07cc  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:01:27.0136 0x07cc  LSI_SAS - ok
13:01:27.0199 0x07cc  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:01:27.0214 0x07cc  LSI_SCSI - ok
13:01:27.0261 0x07cc  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
13:01:27.0292 0x07cc  luafv - ok
13:01:27.0386 0x07cc  [ 9A3741D5412AB81B86992915E3ECD3E9, 2EFBD6441981698031E7999ED980D7BE16ADE1DA4C28EF16634A90C8E8241B9C ] M1 Server       C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
13:01:27.0417 0x07cc  M1 Server - ok
13:01:27.0511 0x07cc  [ 6AD27B01272F966C9611A398961FCF15, D74121D5F87CBDF5BC121665AF35BF304DBAE345EF3DB442D2791119C0603C4D ] MCLServiceATL   C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
13:01:27.0526 0x07cc  MCLServiceATL - ok
13:01:27.0573 0x07cc  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:01:27.0589 0x07cc  Mcx2Svc - ok
13:01:27.0651 0x07cc  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
13:01:27.0667 0x07cc  megasas - ok
13:01:27.0729 0x07cc  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
13:01:27.0791 0x07cc  MegaSR - ok
13:01:27.0869 0x07cc  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
13:01:27.0901 0x07cc  MMCSS - ok
13:01:27.0916 0x07cc  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
13:01:27.0963 0x07cc  Modem - ok
13:01:27.0994 0x07cc  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:01:28.0041 0x07cc  monitor - ok
13:01:28.0072 0x07cc  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:01:28.0088 0x07cc  mouclass - ok
13:01:28.0150 0x07cc  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:01:28.0213 0x07cc  mouhid - ok
13:01:28.0244 0x07cc  [ 3EAE06B0D9E32A3D45DC3E07F1FBFA97, 0C56D92C5131D60AF2FCCF071976F2932A2C544C5EC4C2A5476E99CDE17FF08C ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
13:01:28.0259 0x07cc  MountMgr - ok
13:01:28.0337 0x07cc  [ CB48C23769C56977EC3DE6DF0C6DBB8C, ADDD846C1AF8BEDE2370A99C46C2A0AF8348DCF6B2BD29568E0E16A36E3E079D ] MovRVDrv32      C:\Windows\system32\DRIVERS\MovRVDrv32.sys
13:01:28.0353 0x07cc  MovRVDrv32 - ok
13:01:28.0462 0x07cc  [ 9763F3C17AC8C095C4419482BD1484BA, 5E329D63ADF7ADAF615DF45F7A0C1E9528B1A5CEE50B6340CEE8584EFE285FB9 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:01:28.0478 0x07cc  MozillaMaintenance - ok
13:01:28.0525 0x07cc  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:01:28.0556 0x07cc  mpio - ok
13:01:28.0571 0x07cc  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:01:28.0618 0x07cc  mpsdrv - ok
13:01:28.0649 0x07cc  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:01:28.0696 0x07cc  MpsSvc - ok
13:01:28.0712 0x07cc  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
13:01:28.0743 0x07cc  Mraid35x - ok
13:01:28.0790 0x07cc  [ B0584CA7DEF55929FDB5169BD28B2484, AF6A7E404FEB29F7F3428D0AF6682195E5E8ED106996A04E6947DBD575696546 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:01:28.0868 0x07cc  MRxDAV - ok
13:01:28.0899 0x07cc  [ 1B864548B2ACEC1C0BB29B615CC42978, E1DA3E6764A2C7072D99F2F093E5F40DB6DC809701B59C155C6B4EE327AB9E41 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:01:28.0961 0x07cc  mrxsmb - ok
13:01:28.0993 0x07cc  [ 3F39B02EEDC5B8A0ED896EA1CDF7245F, 41C1DCD82F964A398B7C3D44178DBF7C8AF1C2DBC5F2D944BE6B00E909FE083B ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:01:29.0055 0x07cc  mrxsmb10 - ok
13:01:29.0086 0x07cc  [ D0670EC8E5AD3FA5BE372BF70AC0EABF, BD2D1BA151FD5409EAA41ECCBEB863FE52FF7C2D92349961FEE736D66970748E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:01:29.0149 0x07cc  mrxsmb20 - ok
13:01:29.0180 0x07cc  [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:01:29.0211 0x07cc  msahci - ok
13:01:29.0227 0x07cc  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:01:29.0258 0x07cc  msdsm - ok
13:01:29.0289 0x07cc  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
13:01:29.0398 0x07cc  MSDTC - ok
13:01:29.0414 0x07cc  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:01:29.0461 0x07cc  Msfs - ok
13:01:29.0476 0x07cc  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:01:29.0507 0x07cc  msisadrv - ok
13:01:29.0554 0x07cc  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:01:29.0632 0x07cc  MSiSCSI - ok
13:01:29.0632 0x07cc  msiserver - ok
13:01:29.0710 0x07cc  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:01:29.0757 0x07cc  MSKSSRV - ok
13:01:29.0788 0x07cc  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:01:29.0835 0x07cc  MSPCLOCK - ok
13:01:29.0866 0x07cc  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:01:29.0913 0x07cc  MSPQM - ok
13:01:29.0975 0x07cc  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:01:30.0007 0x07cc  MsRPC - ok
13:01:30.0053 0x07cc  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:01:30.0085 0x07cc  mssmbios - ok
13:01:30.0100 0x07cc  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:01:30.0147 0x07cc  MSTEE - ok
13:01:30.0163 0x07cc  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:01:30.0178 0x07cc  Mup - ok
13:01:30.0209 0x07cc  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
13:01:30.0303 0x07cc  napagent - ok
13:01:30.0381 0x07cc  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:01:30.0475 0x07cc  NativeWifiP - ok
13:01:30.0537 0x07cc  [ DEC4B200C459FA929B0A764E79904B79, 40261D7D0BEE45E6E3F4F25D7ACAB00744BAF5D515B6D84B41A25ED22380DC13 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:01:30.0599 0x07cc  NDIS - ok
13:01:30.0615 0x07cc  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:01:30.0662 0x07cc  NdisTapi - ok
13:01:30.0693 0x07cc  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:01:30.0724 0x07cc  Ndisuio - ok
13:01:30.0771 0x07cc  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:01:30.0802 0x07cc  NdisWan - ok
13:01:30.0818 0x07cc  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:01:30.0849 0x07cc  NDProxy - ok
13:01:31.0114 0x07cc  [ 6D4028D458EAAA1782099750790DC8C9, 0D863A61D049235D5BBEC998185814B798674AD861DEBF0C903D28E310CE2768 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
13:01:31.0270 0x07cc  Nero BackItUp Scheduler 3 - ok
13:01:31.0348 0x07cc  [ 51C6D8BFBD4EA5B62A1BA7F4469250D3, 29ACA9D8A5426333F75858D9D3960A4DCDDA4ACC986B3E9E37D255E4FAECDB7C ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
13:01:31.0364 0x07cc  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
13:01:35.0435 0x07cc  Detect skipped due to KSN trusted
13:01:35.0435 0x07cc  Net Driver HPZ12 - ok
13:01:35.0513 0x07cc  [ 9213AA35BCA94EB79D366DA254E4BDF5, 5E1C71BEB6CFFF5A6F149E9FE6E169D087A6CBE63A504FEE8D42170284952F85 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl.sys
13:01:35.0591 0x07cc  Netaapl - ok
13:01:35.0654 0x07cc  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:01:35.0701 0x07cc  NetBIOS - ok
13:01:35.0732 0x07cc  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
13:01:35.0779 0x07cc  netbt - ok
13:01:35.0794 0x07cc  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
13:01:35.0810 0x07cc  Netlogon - ok
13:01:35.0888 0x07cc  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
13:01:35.0997 0x07cc  Netman - ok
13:01:36.0340 0x07cc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:01:36.0481 0x07cc  NetMsmqActivator - ok
13:01:36.0481 0x07cc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:01:36.0496 0x07cc  NetPipeActivator - ok
13:01:36.0559 0x07cc  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
13:01:36.0621 0x07cc  netprofm - ok
13:01:36.0777 0x07cc  [ 9BA2F93E4F01EC58E722B36639E0CE5D, 4741CCBDABD3DB390827FA543B5397C626DA58119ACCE0663F2B60DF6B1F0394 ] netr28u         C:\Windows\system32\DRIVERS\netr28u.sys
13:01:36.0917 0x07cc  netr28u - ok
13:01:36.0964 0x07cc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:01:36.0980 0x07cc  NetTcpActivator - ok
13:01:36.0980 0x07cc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:01:36.0995 0x07cc  NetTcpPortSharing - ok
13:01:37.0120 0x07cc  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:01:37.0136 0x07cc  nfrd960 - ok
13:01:37.0198 0x07cc  [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:01:37.0292 0x07cc  NlaSvc - ok
13:01:37.0432 0x07cc  [ D36107465E716CF2335A25C54B6D11C2, B4A3415B221FC12A58F2067358CFB124D48C359363D5A1FDC784F655D73D0405 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
13:01:37.0495 0x07cc  NMIndexingService - ok
13:01:37.0619 0x07cc  [ FD306FBCCE7ADB1077B709742E7148E9, B1D4704F27B09F8EBF2DF55EDDC003E6480643CBB1806B0487DF1535BE374CF1 ] NMSAccessU      C:\Program Files\CDBurnerXP\NMSAccessU.exe
13:01:37.0635 0x07cc  NMSAccessU - ok
13:01:37.0697 0x07cc  [ 5384D7A64E7B6011E98D68F69DCFC980, 3D433201702E435DDEC95BAB47A0CB393C670FC5587A3A86986772B025A0B455 ] NMSCore         C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
13:01:37.0744 0x07cc  NMSCore - ok
13:01:37.0807 0x07cc  [ DFEABB7CFFFADEA4A912AB95BDC3177A, 9A93956CF826F419ACB2B3CA8809917E345ACFD43B102EAB18DB46F49859D1C7 ] nmsunidr        C:\Windows\system32\DRIVERS\nmsunidr.sys
13:01:37.0838 0x07cc  nmsunidr - ok
13:01:37.0869 0x07cc  [ 696B37EA78F9D9767A2F18BA0304A51A, B73C145B8584FEEBF24D84444AE488B98E5917C8ED2F63EC8C0606B5FD2E9BD6 ] nmwcd           C:\Windows\system32\drivers\nmwcd.sys
13:01:37.0916 0x07cc  nmwcd - ok
13:01:38.0009 0x07cc  [ BBB6010FC01D9239D88FCDF133E03FF0, D6FDCE6FAB35E190BC3B8DB6C3B20DF9944B51254F90B3CF06C1BF6AD15FFF0B ] nmwcdc          C:\Windows\system32\drivers\nmwcdc.sys
13:01:38.0072 0x07cc  nmwcdc - ok
13:01:38.0197 0x07cc  [ 4C3726467D67483F054C88F058E9C153, 5E9A77947B353AC075F4489F49A8F4D2345048A2DB7B79FE49290F05D9773C59 ] nmwcdcj         C:\Windows\system32\drivers\nmwcdcj.sys
13:01:38.0259 0x07cc  nmwcdcj - ok
13:01:38.0321 0x07cc  [ 4C3726467D67483F054C88F058E9C153, 5E9A77947B353AC075F4489F49A8F4D2345048A2DB7B79FE49290F05D9773C59 ] nmwcdcm         C:\Windows\system32\drivers\nmwcdcm.sys
13:01:38.0353 0x07cc  nmwcdcm - ok
13:01:38.0415 0x07cc  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:01:38.0493 0x07cc  Npfs - ok
13:01:38.0524 0x07cc  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
13:01:38.0555 0x07cc  nsi - ok
13:01:38.0587 0x07cc  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:01:38.0618 0x07cc  nsiproxy - ok
13:01:38.0727 0x07cc  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:01:38.0914 0x07cc  Ntfs - ok
13:01:38.0945 0x07cc  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
13:01:39.0070 0x07cc  ntrigdigi - ok
13:01:39.0117 0x07cc  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
13:01:39.0164 0x07cc  Null - ok
13:01:39.0491 0x07cc  [ DEE64F4EBB969D809DAE699A8E092A99, 9999063B5851A5D7ABEAC6F30F91B9C8BE4C456208A5DA9E75E128F274CA1CEA ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:01:40.0162 0x07cc  nvlddmkm - ok
13:01:40.0240 0x07cc  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:01:40.0256 0x07cc  nvraid - ok
13:01:40.0303 0x07cc  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:01:40.0318 0x07cc  nvstor - ok
13:01:40.0381 0x07cc  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:01:40.0412 0x07cc  nv_agp - ok
13:01:40.0412 0x07cc  NwlnkFlt - ok
13:01:40.0412 0x07cc  NwlnkFwd - ok
13:01:40.0505 0x07cc  [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
13:01:40.0568 0x07cc  ohci1394 - ok
13:01:40.0630 0x07cc  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:01:40.0661 0x07cc  ose - ok
13:01:40.0739 0x07cc  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
13:01:40.0927 0x07cc  p2pimsvc - ok
13:01:40.0942 0x07cc  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:01:41.0005 0x07cc  p2psvc - ok
13:01:41.0036 0x07cc  [ 8A79FDF04A73428597E2CAF9D0D67850, DB438FDE5510AB2F350ED1AC4CF0E99D3CC665FE46533A438A8FDA4DAF950F93 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
13:01:41.0129 0x07cc  Parport - ok
13:01:41.0145 0x07cc  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:01:41.0176 0x07cc  partmgr - ok
13:01:41.0207 0x07cc  [ 6C580025C81CAF3AE9E3617C22CAD00E, 64F9061196462085E5DCD3ACB97A0D8FC67CA9A96DDD6E2103AFFF1593AE236A ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
13:01:41.0285 0x07cc  Parvdm - ok
13:01:41.0317 0x07cc  PCASp50 - ok
13:01:41.0348 0x07cc  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:01:41.0410 0x07cc  PcaSvc - ok
13:01:41.0488 0x07cc  [ 175CC28DCF819F78CAA3FBD44AD9E52A, C00F17040440E5C10439FF8110368A7813BD197E96338FD3703C86E399E27128 ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
13:01:41.0519 0x07cc  pccsmcfd - ok
13:01:41.0566 0x07cc  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
13:01:41.0597 0x07cc  pci - ok
13:01:41.0644 0x07cc  [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:01:41.0675 0x07cc  pciide - ok
13:01:41.0707 0x07cc  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:01:41.0738 0x07cc  pcmcia - ok
13:01:41.0800 0x07cc  [ 5B6C11DE7E839C05248CED8825470FEF, DB57DFD02C18461B1B383DF759730FFEE9C7FA8577E1679FD4740A590303EE79 ] pcouffin        C:\Windows\system32\Drivers\pcouffin.sys
13:01:41.0863 0x07cc  pcouffin - ok
13:01:41.0925 0x07cc  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:01:42.0050 0x07cc  PEAUTH - ok
13:01:42.0159 0x07cc  [ 9F2F541C52CD7A452E235E885F7D95DE, 9FFA4C13027191BE412B1F887F17427F21E75FB46A5F2D78FA65EB22D3C619FC ] Ph3xIB32        C:\Windows\system32\DRIVERS\Ph3xIB32.sys
13:01:42.0346 0x07cc  Ph3xIB32 - ok
13:01:42.0471 0x07cc  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
13:01:42.0627 0x07cc  pla - ok
13:01:42.0705 0x07cc  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:01:42.0861 0x07cc  PlugPlay - ok
13:01:42.0970 0x07cc  [ 79834AA2FBF9FE81EEBB229024F6F7FC, 4E243765C11AE9B5D003C3220B8AA0C4671B2627221D2323F80189CA3A307FEF ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
13:01:43.0033 0x07cc  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
13:01:46.0231 0x07cc  Detect skipped due to KSN trusted
13:01:46.0231 0x07cc  Pml Driver HPZ12 - ok
13:01:46.0293 0x07cc  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
13:01:46.0324 0x07cc  PNRPAutoReg - ok
13:01:46.0371 0x07cc  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
13:01:46.0589 0x07cc  PNRPsvc - ok
13:01:46.0683 0x07cc  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:01:46.0792 0x07cc  PolicyAgent - ok
13:01:46.0917 0x07cc  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:01:46.0979 0x07cc  PptpMiniport - ok
13:01:47.0026 0x07cc  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
13:01:47.0073 0x07cc  Processor - ok
13:01:47.0120 0x07cc  [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:01:47.0182 0x07cc  ProfSvc - ok
13:01:47.0213 0x07cc  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
13:01:47.0245 0x07cc  ProtectedStorage - ok
13:01:47.0385 0x07cc  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
13:01:47.0463 0x07cc  PSched - ok
13:01:47.0541 0x07cc  [ D86B4A68565E444D76457F14172C875A, 06B1CF81A62B3DAA8D0C5A8B88C56A504DE8E9278C520F754AF363A6676C58B0 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
13:01:47.0572 0x07cc  PxHelp20 - ok
13:01:47.0650 0x07cc  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:01:47.0791 0x07cc  ql2300 - ok
13:01:47.0947 0x07cc  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:01:47.0978 0x07cc  ql40xx - ok
13:01:48.0009 0x07cc  [ 938A882B718866E24CA5F71DFC925866, CC0469F59ECD47C0201931AB94B7330FAACF1FDC87F4415BC80FAB349AFEE621 ] QualityManager  C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
13:01:48.0040 0x07cc  QualityManager - ok
13:01:48.0103 0x07cc  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
13:01:48.0181 0x07cc  QWAVE - ok
13:01:48.0243 0x07cc  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:01:48.0290 0x07cc  QWAVEdrv - ok
13:01:48.0383 0x07cc  [ EEAC7AAC7EEEDA9DE346BB2E0403F549, 06940A685D057C9D1926D39D378FD36246BF4F71B4F3BEA3AF0CC05D037B7F87 ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
13:01:48.0399 0x07cc  RapiMgr - ok
13:01:48.0415 0x07cc  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:01:48.0477 0x07cc  RasAcd - ok
13:01:48.0539 0x07cc  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
13:01:48.0602 0x07cc  RasAuto - ok
13:01:48.0664 0x07cc  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:01:48.0742 0x07cc  Rasl2tp - ok
13:01:48.0820 0x07cc  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
13:01:48.0851 0x07cc  RasMan - ok
13:01:48.0945 0x07cc  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:01:48.0976 0x07cc  RasPppoe - ok
13:01:49.0023 0x07cc  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:01:49.0039 0x07cc  RasSstp - ok
13:01:49.0085 0x07cc  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:01:49.0148 0x07cc  rdbss - ok
13:01:49.0179 0x07cc  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:01:49.0226 0x07cc  RDPCDD - ok
13:01:49.0257 0x07cc  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
13:01:49.0351 0x07cc  rdpdr - ok
13:01:49.0351 0x07cc  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:01:49.0397 0x07cc  RDPENCDD - ok
13:01:49.0429 0x07cc  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:01:49.0491 0x07cc  RDPWD - ok
13:01:49.0538 0x07cc  [ A8430231E1A06828210248C79755BF9C, 001460B2795C55DBF94E3540E4C5D2081C328C5308D55EEC9D91CDD4BCC0E3E6 ] Remote UI Service C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
13:01:49.0553 0x07cc  Remote UI Service - ok
13:01:49.0616 0x07cc  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:01:49.0663 0x07cc  RemoteAccess - ok
13:01:49.0694 0x07cc  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:01:49.0741 0x07cc  RemoteRegistry - ok
13:01:49.0865 0x07cc  [ 17E0BEF5CA5C9CE52CC8082AC6EBC449, F05A32DA0A62144AAE78A3A9173F21F52FAED4E39F9250B3E1B11066760B2576 ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
13:01:49.0881 0x07cc  RichVideo - ok
13:01:49.0928 0x07cc  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
13:01:49.0990 0x07cc  RpcLocator - ok
13:01:50.0084 0x07cc  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
13:01:50.0146 0x07cc  RpcSs - ok
13:01:50.0209 0x07cc  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:01:50.0303 0x07cc  rspndr - ok
13:01:50.0459 0x07cc  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
13:01:50.0475 0x07cc  SamSs - ok
13:01:50.0600 0x07cc  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:01:50.0615 0x07cc  sbp2port - ok
13:01:50.0756 0x07cc  [ 794D4B48DFB6E999537C7C3947863463, 93DA8AA20D6B02A3360E7F56150F126E75266E9372E6409D42B89DA588EF49C3 ] SBSDWSCService  C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
13:01:50.0865 0x07cc  SBSDWSCService - ok
13:01:50.0990 0x07cc  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:01:51.0036 0x07cc  SCardSvr - ok
13:01:51.0099 0x07cc  [ F79CC0F814748E15538BF4D808030739, 396E94A309AFB163791095A25950CB7D85EEC43B416E1E7F056F430E1B719F4D ] Schedule        C:\Windows\system32\schedsvc.dll
13:01:51.0239 0x07cc  Schedule - ok
13:01:51.0286 0x07cc  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:01:51.0317 0x07cc  SCPolicySvc - ok
13:01:51.0473 0x07cc  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:01:51.0567 0x07cc  SDRSVC - ok
13:01:51.0598 0x07cc  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:01:51.0660 0x07cc  secdrv - ok
13:01:51.0676 0x07cc  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
13:01:51.0723 0x07cc  seclogon - ok
13:01:51.0738 0x07cc  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
13:01:51.0785 0x07cc  SENS - ok
13:01:51.0816 0x07cc  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:01:51.0848 0x07cc  Serenum - ok
13:01:51.0894 0x07cc  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:01:51.0926 0x07cc  Serial - ok
13:01:51.0957 0x07cc  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:01:51.0988 0x07cc  sermouse - ok
13:01:52.0097 0x07cc  [ 9D38320BB32230349379DF5DDBBF7FCE, 8AAA8B0B60E65F596C3276DCCD0D8146B40172B6D509B597EDFDA46AC8A72A4C ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
13:01:52.0160 0x07cc  ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
13:01:55.0030 0x07cc  Detect skipped due to KSN trusted
13:01:55.0030 0x07cc  ServiceLayer - ok
13:01:55.0077 0x07cc  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:01:55.0124 0x07cc  SessionEnv - ok
13:01:55.0155 0x07cc  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:01:55.0186 0x07cc  sffdisk - ok
13:01:55.0217 0x07cc  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:01:55.0264 0x07cc  sffp_mmc - ok
13:01:55.0295 0x07cc  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:01:55.0373 0x07cc  sffp_sd - ok
13:01:55.0451 0x07cc  [ C33BFBD6E9E41FCD9FFEF9729E9FAED6, 490C29DC9E9FE8D5010E6DB18DE7DA808BCE84F014CFDEE0530735CBED788073 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
13:01:55.0545 0x07cc  sfloppy - ok
13:01:55.0592 0x07cc  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:01:55.0670 0x07cc  SharedAccess - ok
13:01:55.0732 0x07cc  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:01:55.0841 0x07cc  ShellHWDetection - ok
13:01:55.0872 0x07cc  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
13:01:55.0904 0x07cc  sisagp - ok
13:01:55.0919 0x07cc  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
13:01:55.0950 0x07cc  SiSRaid2 - ok
13:01:55.0966 0x07cc  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:01:55.0997 0x07cc  SiSRaid4 - ok
13:01:56.0060 0x07cc  [ 4723512C035A3A880DB4657705466240, 1FD6712B43C12FC4EF2E1D52EE87885C9AFBD66EF9CB306B69D39D23AA2C736C ] SLEE_16_DRIVER  C:\Windows\system32\drivers\Sleen16.sys
13:01:56.0091 0x07cc  SLEE_16_DRIVER - ok
13:01:56.0294 0x07cc  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
13:01:56.0652 0x07cc  slsvc - ok
13:01:56.0699 0x07cc  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
13:01:56.0762 0x07cc  SLUINotify - ok
13:01:56.0777 0x07cc  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:01:56.0808 0x07cc  Smb - ok
13:01:56.0855 0x07cc  [ C88EAD1E773C444F6ABBA21D01A83408, 1673A65615C0FF1F21898AF018970A33F80120397CDED26554FCDC91F03378FA ] SndTDriverV32   C:\Windows\system32\drivers\SndTDriverV32.sys
13:01:56.0886 0x07cc  SndTDriverV32 - ok
13:01:56.0902 0x07cc  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:01:56.0933 0x07cc  SNMPTRAP - ok
13:01:56.0996 0x07cc  [ A0BFE0335DBE0D1EA371964EBC6719CE, 493248D7B9BB66CAB1FBB026BAA2CAE3E3911634B097372A1FF9C653915F573B ] SoundMovieServer C:\Windows\system32\snmvtsvc.exe
13:01:57.0027 0x07cc  SoundMovieServer - detected UnsignedFile.Multi.Generic ( 1 )
13:01:59.0897 0x07cc  Detect skipped due to KSN trusted
13:01:59.0897 0x07cc  SoundMovieServer - ok
13:01:59.0944 0x07cc  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:01:59.0960 0x07cc  spldr - ok
13:01:59.0991 0x07cc  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
13:02:00.0069 0x07cc  Spooler - ok
13:02:00.0147 0x07cc  [ D390675B8CE45E5FB359338E5E649329, D10D750EC3FEA62A202EED163F534F2B7EDB2951A4908EA07BDE75D31C1250F2 ] sptd            C:\Windows\system32\Drivers\sptd.sys
13:02:00.0147 0x07cc  Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: D390675B8CE45E5FB359338E5E649329, sha256: D10D750EC3FEA62A202EED163F534F2B7EDB2951A4908EA07BDE75D31C1250F2
13:02:00.0147 0x07cc  sptd - detected LockedFile.Multi.Generic ( 1 )
13:02:03.0002 0x07cc  Detect skipped due to KSN trusted
13:02:03.0002 0x07cc  sptd - ok
13:02:03.0033 0x07cc  [ DC7E6FCD8C51AEF8FF3F2E23C786014A, 02852FC293359BA89155367FA7D3A69922EC2574E5B85C842517272768BE8808 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:02:03.0111 0x07cc  srv - ok
13:02:03.0142 0x07cc  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:02:03.0204 0x07cc  srv2 - ok
13:02:03.0345 0x07cc  [ BF94A7553EF257D70CB2287BF7A3BCE1, 69CDF6E564592718D032D0E4C83F8150178E32C0A84F3A87A3A87FB6B0AB3474 ] srvcPVR         C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe
13:02:03.0501 0x07cc  srvcPVR - detected UnsignedFile.Multi.Generic ( 1 )
13:02:06.0293 0x07cc  Detect skipped due to KSN trusted
13:02:06.0293 0x07cc  srvcPVR - ok
13:02:06.0730 0x07cc  [ 8AE0783E3EDCED90D4B2961887056A2B, D24168259988576B13EB2A4B2C11622A736174DDF11F6718D9A0DC9837F50EA5 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:02:06.0808 0x07cc  srvnet - ok
13:02:06.0870 0x07cc  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:02:06.0902 0x07cc  SSDPSRV - ok
13:02:06.0948 0x07cc  [ 424566865D82AA4BD8D6546C1F2065FA, 37B4C04C7C0EE0F3347A9E9F35B095478299F7324CA87AAE487BF989B0E6AE03 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
13:02:06.0964 0x07cc  ssmdrv - ok
13:02:07.0058 0x07cc  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:02:07.0120 0x07cc  SstpSvc - ok
13:02:07.0167 0x07cc  [ 3F0164FBC0BD1ADBD02DF9759181451A, 8BDAA0373BD16B38407F93FE5C697481D4D88C72B1931D6A7B9F80C0276242B9 ] ss_bbus         C:\Windows\system32\DRIVERS\ss_bbus.sys
13:02:07.0182 0x07cc  ss_bbus - ok
13:02:07.0245 0x07cc  [ B89D62206034E5FE573C80A24DD55675, 26D12E2A7CB538DDEEA7B764242E9EAE25E0A46293AE3608E6B7DD71AECBA901 ] ss_bmdfl        C:\Windows\system32\DRIVERS\ss_bmdfl.sys
13:02:07.0260 0x07cc  ss_bmdfl - ok
13:02:07.0292 0x07cc  [ 1ED0FCEA586FE2A416EE15196E5631DD, AF1EBAD7D580BF85ACD6C6287892DE4E7A679852887B9E866A032B1DDCF26183 ] ss_bmdm         C:\Windows\system32\DRIVERS\ss_bmdm.sys
13:02:07.0323 0x07cc  ss_bmdm - ok
13:02:07.0432 0x07cc  [ B1691AF4A072CB674D600DB16DD7308E, 214E35001E7BA10E8C329CE8904E900AA54F9B35C5329F2FF20E3156D6F21A8E ] StarWindServiceAE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
13:02:07.0494 0x07cc  StarWindServiceAE - detected UnsignedFile.Multi.Generic ( 1 )
13:02:10.0349 0x07cc  Detect skipped due to KSN trusted
13:02:10.0349 0x07cc  StarWindServiceAE - ok
13:02:10.0661 0x07cc  [ EF70B3D22B4BFFDA6EA851ECB063EFAA, 1666572F8F988805C3A2E949FA6B060B35B72DBB115B86F4CFC710FB6A86C3E3 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
13:02:10.0770 0x07cc  StillCam - ok
13:02:10.0880 0x07cc  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
13:02:11.0020 0x07cc  stisvc - ok
13:02:11.0067 0x07cc  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:02:11.0082 0x07cc  swenum - ok
13:02:11.0223 0x07cc  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
13:02:11.0363 0x07cc  swprv - ok
13:02:11.0379 0x07cc  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
13:02:11.0410 0x07cc  Symc8xx - ok
13:02:11.0426 0x07cc  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
13:02:11.0457 0x07cc  Sym_hi - ok
13:02:11.0488 0x07cc  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
13:02:11.0519 0x07cc  Sym_u3 - ok
13:02:11.0582 0x07cc  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
13:02:11.0722 0x07cc  SysMain - ok
13:02:11.0738 0x07cc  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:02:11.0769 0x07cc  TabletInputService - ok
13:02:11.0816 0x07cc  [ FC73B46C3C76C9F1F7EC82749C0C48F3, 983DA78F429C424A21F3B985DE90F46585802EE1726109600AEC8A8B2DEA02A5 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
13:02:11.0925 0x07cc  tap0901 - ok
13:02:11.0987 0x07cc  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:02:12.0096 0x07cc  TapiSrv - ok
13:02:12.0159 0x07cc  [ 5D8C820E2D885C25FFC6BBC5D4FE073C, 1C2DB18B0727C816BED424AED629B07C2E94B121157528709A1386FF1AA8BC25 ] tbhsd           C:\Windows\system32\drivers\tbhsd.sys
13:02:12.0174 0x07cc  tbhsd - ok
13:02:12.0190 0x07cc  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
13:02:12.0237 0x07cc  TBS - ok
13:02:12.0611 0x07cc  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:02:12.0720 0x07cc  Tcpip - ok
13:02:12.0752 0x07cc  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
13:02:12.0798 0x07cc  Tcpip6 - ok
13:02:12.0845 0x07cc  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:02:12.0923 0x07cc  tcpipreg - ok
13:02:12.0939 0x07cc  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:02:13.0001 0x07cc  TDPIPE - ok
13:02:13.0017 0x07cc  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:02:13.0064 0x07cc  TDTCP - ok
13:02:13.0126 0x07cc  [ EC565DFA3D9C45D8083B72DEC5B33710, BC4F41795AF98FD87F8CC92F946E6896BAC1925A35C3E5E159E8BF4E6A34A35D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:02:13.0188 0x07cc  tdx - ok
13:02:13.0220 0x07cc  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:02:13.0235 0x07cc  TermDD - ok
13:02:13.0313 0x07cc  [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService     C:\Windows\System32\termsrv.dll
13:02:13.0438 0x07cc  TermService - ok
13:02:13.0485 0x07cc  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
13:02:13.0500 0x07cc  Themes - ok
13:02:13.0516 0x07cc  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
13:02:13.0547 0x07cc  THREADORDER - ok
13:02:13.0594 0x07cc  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
13:02:13.0625 0x07cc  TrkWks - ok
13:02:13.0688 0x07cc  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:02:13.0719 0x07cc  TrustedInstaller - ok
13:02:13.0766 0x07cc  [ B56368B25A51CEBDA77E6B20764F07F2, 29E09EEA0714278F9AB7BAE508994B9A0563FEE984A4B7423AE71B7FF577A406 ] TSHWMDTCP       C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys
13:02:13.0781 0x07cc  TSHWMDTCP - ok
13:02:13.0859 0x07cc  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:02:13.0906 0x07cc  tssecsrv - ok
13:02:13.0968 0x07cc  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
13:02:14.0015 0x07cc  tunmp - ok
13:02:14.0124 0x07cc  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:02:14.0156 0x07cc  tunnel - ok
13:02:14.0296 0x07cc  [ DEC8ACEBD9CD1F3DD6F4F3A6308D8B94, 222B6E8E6D014D6640D3A70F4D2FE1DF6D12B2DDA916B20D986AA7C500CB9DF9 ] TVECapSvc       C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
13:02:14.0358 0x07cc  TVECapSvc - detected UnsignedFile.Multi.Generic ( 1 )
13:02:17.0556 0x07cc  Detect skipped due to KSN trusted
13:02:17.0556 0x07cc  TVECapSvc - ok
13:02:17.0588 0x07cc  [ 7A5A6987397F78B1606BDB5C407D3574, ABE717BE2EE0431819D48CC320AD85E97D7C009A8A094F7B5FB8A7B909E47844 ] TVESched        C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
13:02:17.0603 0x07cc  TVESched - detected UnsignedFile.Multi.Generic ( 1 )
13:02:20.0489 0x07cc  Detect skipped due to KSN trusted
13:02:20.0489 0x07cc  TVESched - ok
13:02:20.0520 0x07cc  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:02:20.0536 0x07cc  uagp35 - ok
13:02:20.0598 0x07cc  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:02:20.0661 0x07cc  udfs - ok
13:02:20.0739 0x07cc  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:02:20.0786 0x07cc  UI0Detect - ok
13:02:20.0848 0x07cc  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:02:20.0864 0x07cc  uliagpkx - ok
13:02:21.0051 0x07cc  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
13:02:21.0176 0x07cc  uliahci - ok
13:02:21.0207 0x07cc  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
13:02:21.0238 0x07cc  UlSata - ok
13:02:21.0269 0x07cc  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
13:02:21.0300 0x07cc  ulsata2 - ok
13:02:21.0332 0x07cc  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:02:21.0378 0x07cc  umbus - ok
13:02:21.0456 0x07cc  [ 88BD96A1BAEED33EE8BDF9499C07A841, 1C4DA1B34FE52B8022AB23CBF18D6B16635283625BB2D08E6524292E6009773A ] UMPass          C:\Windows\system32\DRIVERS\umpass.sys
13:02:21.0488 0x07cc  UMPass - ok
13:02:21.0597 0x07cc  [ 4847639D852763EE39415C929470F672, 75CF9471BA3EA54E5BE66CD7612DA134B3370D7C3FBA8B2682093C03A0AD87B5 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
13:02:21.0644 0x07cc  UnlockerDriver5 - detected UnsignedFile.Multi.Generic ( 1 )
13:02:24.0483 0x07cc  Detect skipped due to KSN trusted
13:02:24.0483 0x07cc  UnlockerDriver5 - ok
13:02:24.0576 0x07cc  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
13:02:24.0654 0x07cc  upnphost - ok
13:02:24.0654 0x07cc  upperdev - ok
13:02:24.0779 0x07cc  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
13:02:24.0842 0x07cc  USBAAPL - ok
13:02:24.0904 0x07cc  [ 32DB9517628FF0D070682AAB61E688F0, F9EF8D0D55DABF00E79B0EFE689C6662430B59093A6C7EACB2069DC70B1FDCC5 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
13:02:24.0935 0x07cc  usbaudio - ok
13:02:24.0982 0x07cc  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:02:25.0044 0x07cc  usbccgp - ok
13:02:25.0122 0x07cc  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:02:25.0232 0x07cc  usbcir - ok
13:02:25.0294 0x07cc  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:02:25.0310 0x07cc  usbehci - ok
13:02:25.0388 0x07cc  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:02:25.0403 0x07cc  usbhub - ok
13:02:25.0528 0x07cc  [ BDAA43CABB4C2BF03F25A550F13D1D5A, 7D1FD53C8566C96C9B67C1622887601A30A3105554B1E3FB056B54E1792F4F74 ] USBMULCD        C:\Windows\system32\drivers\CM106.sys
13:02:25.0731 0x07cc  USBMULCD - ok
13:02:25.0746 0x07cc  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:02:25.0824 0x07cc  usbohci - ok
13:02:25.0887 0x07cc  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:02:25.0934 0x07cc  usbprint - ok
13:02:25.0996 0x07cc  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
13:02:26.0058 0x07cc  usbscan - ok
13:02:26.0090 0x07cc  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:02:26.0121 0x07cc  USBSTOR - ok
13:02:26.0136 0x07cc  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:02:26.0168 0x07cc  usbuhci - ok
13:02:26.0214 0x07cc  [ 228F444F9AF0D3B9ECA9FC3F4FEB12F2, D29C9A0ED5602BCD529A0D7F538DFA8771B1CAC6F433AA686C3A4917DC596369 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
13:02:26.0261 0x07cc  usb_rndisx - ok
13:02:26.0308 0x07cc  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
13:02:26.0324 0x07cc  UxSms - ok
13:02:26.0370 0x07cc  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
13:02:26.0448 0x07cc  vds - ok
13:02:26.0464 0x07cc  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:02:26.0511 0x07cc  vga - ok
13:02:26.0526 0x07cc  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:02:26.0573 0x07cc  VgaSave - ok
13:02:26.0604 0x07cc  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
13:02:26.0636 0x07cc  viaagp - ok
13:02:26.0682 0x07cc  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
13:02:26.0729 0x07cc  ViaC7 - ok
13:02:26.0745 0x07cc  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
13:02:26.0776 0x07cc  viaide - ok
13:02:26.0823 0x07cc  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:02:26.0838 0x07cc  volmgr - ok
13:02:26.0916 0x07cc  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:02:26.0963 0x07cc  volmgrx - ok
13:02:27.0057 0x07cc  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:02:27.0088 0x07cc  volsnap - ok
13:02:27.0135 0x07cc  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:02:27.0182 0x07cc  vsmraid - ok
13:02:27.0291 0x07cc  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
13:02:27.0509 0x07cc  VSS - ok
13:02:27.0603 0x07cc  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
13:02:27.0681 0x07cc  W32Time - ok
13:02:27.0712 0x07cc  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:02:27.0774 0x07cc  WacomPen - ok
13:02:27.0806 0x07cc  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
13:02:27.0852 0x07cc  Wanarp - ok
13:02:27.0852 0x07cc  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:02:27.0884 0x07cc  Wanarpv6 - ok
13:02:27.0930 0x07cc  [ 3F2B5D989666786E57BB0D8D35B84052, CA110107B2D4EEB61F329D4D7B2C38A4847EBF99C4C69AFD813F42E55A8F6C6C ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
13:02:27.0993 0x07cc  WcesComm - ok
13:02:28.0055 0x07cc  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:02:28.0164 0x07cc  wcncsvc - ok
13:02:28.0227 0x07cc  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:02:28.0258 0x07cc  WcsPlugInService - ok
13:02:28.0383 0x07cc  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
13:02:28.0414 0x07cc  Wd - ok
13:02:28.0476 0x07cc  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:02:28.0554 0x07cc  Wdf01000 - ok
13:02:28.0601 0x07cc  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:02:28.0664 0x07cc  WdiServiceHost - ok
13:02:28.0664 0x07cc  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:02:28.0710 0x07cc  WdiSystemHost - ok
13:02:28.0929 0x07cc  [ BB77BAA3E7FD8F1A5D092A96D37B5A2D, 880C37347091224DFB7C442252FE4A29FD7002DA6A8BA994B8CEAABC5E535593 ] WebClient       C:\Windows\System32\webclnt.dll
13:02:29.0007 0x07cc  WebClient - ok
13:02:29.0038 0x07cc  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:02:29.0132 0x07cc  Wecsvc - ok
13:02:29.0163 0x07cc  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:02:29.0241 0x07cc  wercplsupport - ok
13:02:29.0272 0x07cc  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:02:29.0288 0x07cc  WerSvc - ok
13:02:29.0350 0x07cc  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
13:02:29.0381 0x07cc  WinDefend - ok
13:02:29.0381 0x07cc  WinHttpAutoProxySvc - ok
13:02:29.0553 0x07cc  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:02:29.0600 0x07cc  Winmgmt - ok
13:02:29.0662 0x07cc  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:02:29.0865 0x07cc  WinRM - ok
13:02:29.0912 0x07cc  [ 676F4B665BDD8053EAA53AC1695B8074, 98521FCB6B6B33DD8BF38A703745053481681C7981DFE5A59116D6BDE187D6F6 ] winusb          C:\Windows\system32\DRIVERS\winusb.sys
13:02:29.0958 0x07cc  winusb - ok
13:02:30.0005 0x07cc  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:02:30.0161 0x07cc  Wlansvc - ok
13:02:30.0302 0x07cc  [ 0A70F4022EC2E14C159EFC4F69AA2477, FF248136576F9803762C54DE5439D3411B52DCBC95B93176A5DAB857967D9AC4 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:02:30.0426 0x07cc  wlidsvc - ok
13:02:30.0473 0x07cc  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
13:02:30.0536 0x07cc  WmiAcpi - ok
13:02:30.0645 0x07cc  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:02:30.0692 0x07cc  wmiApSrv - ok
13:02:30.0785 0x07cc  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
13:02:30.0926 0x07cc  WMPNetworkSvc - ok
13:02:31.0019 0x07cc  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:02:31.0128 0x07cc  WPCSvc - ok
13:02:31.0191 0x07cc  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:02:31.0253 0x07cc  WPDBusEnum - ok
13:02:31.0316 0x07cc  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
13:02:31.0378 0x07cc  WpdUsb - ok
13:02:31.0721 0x07cc  [ C108DC20ACE05072350DBB6934E277FB, 548E6ABE4C4ADE48260FFDC7BADFD1697972EA3AE94D6576498C8A183D8CE0C8 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:02:31.0862 0x07cc  WPFFontCache_v0400 - ok
13:02:31.0924 0x07cc  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:02:31.0971 0x07cc  ws2ifsl - ok
13:02:32.0096 0x07cc  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
13:02:32.0158 0x07cc  wscsvc - ok
13:02:32.0158 0x07cc  WSearch - ok
13:02:32.0283 0x07cc  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:02:32.0548 0x07cc  wuauserv - ok
13:02:32.0626 0x07cc  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:02:32.0704 0x07cc  WudfPf - ok
13:02:32.0798 0x07cc  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:02:32.0844 0x07cc  WUDFRd - ok
13:02:32.0860 0x07cc  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:02:32.0907 0x07cc  wudfsvc - ok
13:02:32.0969 0x07cc  [ AB2D77BF7222B007717ABB61B15F9AE2, 9495D99385C91115583F6CD0E26B39D4F04FB3472EA53ADE51DA03043468A896 ] X10Hid          C:\Windows\system32\Drivers\x10hid.sys
13:02:32.0985 0x07cc  X10Hid - ok
13:02:33.0047 0x07cc  [ 5A0C788C5BC5F2C993CB60940ADCF95E, FEEC158466040A6528E7FC8D33706B50D2F03479E0B62DF8F06B69A1A850A9FB ] x10nets         C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
13:02:33.0047 0x07cc  x10nets - detected UnsignedFile.Multi.Generic ( 1 )
13:02:35.0964 0x07cc  Detect skipped due to KSN trusted
13:02:35.0964 0x07cc  x10nets - ok
13:02:36.0042 0x07cc  [ 6BBF7A3BAB8FFDCCF82057FA2AAE2B7B, 2F667F6170F120F038122A6567C59836D5EC0FC966244DECDF974E0D25509C72 ] XUIF            C:\Windows\system32\Drivers\x10ufx2.sys
13:02:36.0058 0x07cc  XUIF - ok
13:02:36.0167 0x07cc  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
13:02:36.0245 0x07cc  YahooAUService - ok
13:02:36.0308 0x07cc  ================ Scan global ===============================
13:02:36.0339 0x07cc  [ 2F2DFC846D75D680B9018823A8B5EF07, DBC823CF0C659B6D7482CB080CD042EC6BBAEDB6297DB712CADA1BCEAA8A95C8 ] C:\Windows\system32\basesrv.dll
13:02:36.0370 0x07cc  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
13:02:36.0417 0x07cc  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
13:02:36.0510 0x07cc  [ 4F0A7910FC7D8A66433FA9961EEF8BB5, 2086EDEE8CF9CC9BDBDC03018F7C28BB56172F941CB4D6F3D857BCF82B32FB6B ] C:\Windows\system32\services.exe
13:02:36.0588 0x07cc  [ Global ] - ok
13:02:36.0588 0x07cc  ================ Scan MBR ==================================
13:02:36.0635 0x07cc  [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk0\DR0
13:02:39.0927 0x07cc  \Device\Harddisk0\DR0 - ok
13:02:39.0927 0x07cc  ================ Scan VBR ==================================
13:02:39.0942 0x07cc  [ 05CA5B56D43E26DD118003F58BFC862F ] \Device\Harddisk0\DR0\Partition1
13:02:39.0974 0x07cc  \Device\Harddisk0\DR0\Partition1 - ok
13:02:40.0052 0x07cc  [ 31F51494F70A39A435A249B0812FE7F0 ] \Device\Harddisk0\DR0\Partition2
13:02:40.0052 0x07cc  \Device\Harddisk0\DR0\Partition2 - ok
13:02:40.0052 0x07cc  ================ Scan generic autorun ======================
13:02:40.0145 0x07cc  [ 70189D91A5347F5E34039D06C7E58419, 82313ED72199FD14E0694917102B25F4BBECE996025D2656237912CEE4E88740 ] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
13:02:40.0161 0x07cc  YSearchProtection - ok
13:02:40.0239 0x07cc  [ D96CDA05732F68C5FDB3C547C939C98A, 2DEED829B5FB379813579E79D5E316015D99E28F6C1228CC3E5AA3E7D3B6169A ] C:\Windows\WindowsMobile\wmdc.exe
13:02:40.0364 0x07cc  Windows Mobile-based device management - ok
13:02:40.0457 0x07cc  [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
13:02:40.0660 0x07cc  Windows Defender - ok
13:02:40.0769 0x07cc  [ AAD52179D4A526AD4A705B87C6E4F72A, 0015F316DD2E73D5D2434DAC7CAB47050B21BF8CAE23482302A0E1982EF8A3BD ] C:\Program Files\HomeCinema\PowerProducer\MUITransfer\MUIStartMenu.exe
13:02:40.0832 0x07cc  UpdatePPShortCut - ok
13:02:40.0847 0x07cc  [ 777122001931D8C1375EAFE63E1E49D4, 0C2B6812F839B12E75D03FC9D0078DD3CAF5B5754D8B7B55247D2EFDF22CD314 ] C:\Program Files\HomeCinema\TV Enhance\TVEService.exe
13:02:40.0878 0x07cc  TVEService - detected UnsignedFile.Multi.Generic ( 1 )
13:02:43.0733 0x07cc  Detect skipped due to KSN trusted
13:02:43.0733 0x07cc  TVEService - ok
13:02:43.0796 0x07cc  [ 5DC38F4967408D27AF8CDC5F4C8BC9C4, C369B5FB0614B8BD08CA3F4A947CF87DE6DA2FC8D22255A72F520D555026C685 ] C:\Program Files\Sceneo\AbsolutTV\SERVICES\ODSBC\ODSBCApp.exe
13:02:43.0842 0x07cc  TVBroadcast - detected UnsignedFile.Multi.Generic ( 1 )
13:02:46.0962 0x07cc  Detect skipped due to KSN trusted
13:02:46.0962 0x07cc  TVBroadcast - ok
13:02:47.0072 0x07cc  [ ED84CE5E33F3D60F1619805103B264E4, D81AA689C97AFDD510E93BD126C70F2146159CA3AF45DAD4D9B9A7DF8D18816E ] C:\Program Files\GoogleEULA\EULALauncher.exe
13:02:47.0150 0x07cc  toolbar_eula_launcher - detected UnsignedFile.Multi.Generic ( 1 )
13:02:49.0989 0x07cc  Detect skipped due to KSN trusted
13:02:49.0989 0x07cc  toolbar_eula_launcher - ok
13:02:50.0067 0x07cc  [ 70F5699709AB92E4D846A401AC90B827, AABDA97C8DC12A2AD6E7038FD715FFC6B1C6EF59541472DA06E70D382855DA07 ] C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe
13:02:50.0067 0x07cc  RemoteControl - ok
13:02:50.0067 0x07cc  NvSvc - ok
13:02:50.0082 0x07cc  NvMediaCenter - ok
13:02:50.0082 0x07cc  NvCplDaemon - ok
13:02:50.0410 0x07cc  [ D83EB2B71ECE7D606225F8EA1F3A68A2, F8FFD0F406FA1F5F836D25DEEA02DC9EA915839FB7F4757D08F31F19B3E99922 ] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
13:02:50.0753 0x07cc  NSLauncher - detected UnsignedFile.Multi.Generic ( 1 )
13:02:53.0967 0x07cc  Detect skipped due to KSN trusted
13:02:53.0967 0x07cc  NSLauncher - ok
13:02:54.0045 0x07cc  [ FEC7A0C94B73E46AFEEEEDF53548AAEA, F36F9EC8BE4E7FA8B0DDE701E1361884141BB77925382ECA56D2AFDEDD5E61E3 ] C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
13:02:54.0060 0x07cc  NMSSupport - ok
13:02:54.0170 0x07cc  [ 8112D0DACAE746290FC87B3A980FA719, 43CA8CED6AB58EDD97AD476C791D49C7ECD40EB8DA627E8412C0A27699A58F01 ] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
13:02:54.0248 0x07cc  NeroFilterCheck - ok
13:02:54.0294 0x07cc  [ DEFA4CE02AFF4C3BEFD4B764C73A7362, 719099A4BC6FD87D69EA873792CE67DFB3CC04D3DA8A387D4483FEB1D5086990 ] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
13:02:54.0310 0x07cc  IAAnotif - ok
13:02:54.0544 0x07cc  [ 2184D55F4A9D8C2CC60EEBAC11AD7062, 7465D01F49A3A7DC2BB90E44CA87AC251FD8BF6FF138C9C805973BC64B78C3DE ] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
13:02:54.0606 0x07cc  Google Desktop Search - detected UnsignedFile.Multi.Generic ( 1 )
13:02:57.0571 0x07cc  Detect skipped due to KSN trusted
13:02:57.0571 0x07cc  Google Desktop Search - ok
13:02:57.0618 0x07cc  [ D3E15273940EB78870146BF7592666D3, DFFAE151BF045BD24D6C624D0F8BAB13ACC873FE7F3B46CBE646C887AD6DC255 ] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
13:02:57.0634 0x07cc  CCUTRAYICON - ok
13:02:57.0681 0x07cc  [ 3C59CB80D1849128C14FF2B3245419BE, E9670D00AD3F090093DF6150097EC51D03099B6078957B1F98A36EB56E62B3DE ] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
13:02:57.0712 0x07cc  AppleSyncNotifier - ok
13:02:57.0774 0x07cc  [ 5B6A63D976E58A785605D889F8ABCD5C, 8EC34F0AEA59EADB29A572BB6B9CD36164B629E9DA8B36D83D7BA7CF88CD2A8F ] C:\Program Files\Steganos Safe OEM\SteganosHotKeyService.exe
13:02:57.0774 0x07cc  SAFEOEM HotKeys - detected UnsignedFile.Multi.Generic ( 1 )
13:03:00.0769 0x07cc  Detect skipped due to KSN trusted
13:03:00.0769 0x07cc  SAFEOEM HotKeys - ok
13:03:01.0191 0x07cc  [ E2724029D3648C2EB226D16678727FA9, F779BC636AA7DF0C303D20BF9450B75EEBFDBB53D1414DF0E7B26C42A17C0581 ] C:\Program Files\Common Files\Real\Update_OB\realsched.exe
13:03:01.0206 0x07cc  TkBellExe - ok
13:03:01.0331 0x07cc  [ 36143067E041A98083FB204DAC49293C, A1E4A46E3A4B904FAC363C285EBF8D5D9838F12A83078DAF6D599E67434E816F ] C:\Program Files\dcmsvc\dcmsvc.exe
13:03:01.0393 0x07cc  dcmsvc - detected UnsignedFile.Multi.Generic ( 1 )
13:03:04.0279 0x07cc  Detect skipped due to KSN trusted
13:03:04.0279 0x07cc  dcmsvc - ok
13:03:04.0279 0x07cc  Cm106Sound - ok
13:03:04.0716 0x07cc  [ 4D83DC461F8F4370274CF6E9AC9A34F4, E84F573534C0AC02C9D3329A09F31E594A782FE9BEFB69DFA337D5505135D694 ] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
13:03:04.0747 0x07cc  HP Software Update - ok
13:03:04.0981 0x07cc  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:03:05.0184 0x07cc  Sidebar - ok
13:03:05.0200 0x07cc  WindowsWelcomeCenter - ok
13:03:05.0262 0x07cc  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:03:05.0356 0x07cc  Sidebar - ok
13:03:05.0371 0x07cc  WindowsWelcomeCenter - ok
13:03:05.0403 0x07cc  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:03:05.0496 0x07cc  Sidebar - ok
13:03:05.0496 0x07cc  WindowsWelcomeCenter - ok
13:03:05.0590 0x07cc  [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
13:03:05.0621 0x07cc  ehTray.exe - ok
13:03:05.0699 0x07cc  [ 6105A469CEEA62D6BF5B08E854C306EC, 830561AF4E24285C4D684E69A96DEB34230D046A499F3DF8396D3842EB33BE26 ] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
13:03:05.0730 0x07cc  BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - ok
13:03:05.0793 0x07cc  [ 70189D91A5347F5E34039D06C7E58419, 82313ED72199FD14E0694917102B25F4BBECE996025D2656237912CEE4E88740 ] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
13:03:05.0808 0x07cc  YSearchProtection - ok
13:03:05.0886 0x07cc  [ E616A6A6E91B0A86F2F6217CDE835FFE, 411671C4B2BB4DB3F02A21C199A5479F31394165704736A549B53245B94577F7 ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
13:03:05.0902 0x07cc  swg - ok
13:03:05.0917 0x07cc  [ 70189D91A5347F5E34039D06C7E58419, 82313ED72199FD14E0694917102B25F4BBECE996025D2656237912CEE4E88740 ] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
13:03:05.0933 0x07cc  Search Protection - ok
13:03:06.0027 0x07cc  [ BB025F5C1E3F35DFC05EC66CBFEEAEBE, EFAEBFFC978BDD43486EE74D8A35E97578BAF630838FA20475C873094C3B4FF4 ] C:\Program Files\phonostar-Player\phonostarTimer.exe
13:03:06.0027 0x07cc  phonostarTimer - detected UnsignedFile.Multi.Generic ( 1 )
13:03:08.0928 0x07cc  Detect skipped due to KSN trusted
13:03:08.0928 0x07cc  phonostarTimer - ok
13:03:09.0537 0x07cc  [ E616A6A6E91B0A86F2F6217CDE835FFE, 411671C4B2BB4DB3F02A21C199A5479F31394165704736A549B53245B94577F7 ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
13:03:09.0552 0x07cc  swg - ok
13:03:09.0646 0x07cc  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
13:03:09.0708 0x07cc  Sidebar - ok
13:03:09.0771 0x07cc  [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
13:03:09.0786 0x07cc  ehTray.exe - ok
13:03:09.0833 0x07cc  [ 6105A469CEEA62D6BF5B08E854C306EC, 830561AF4E24285C4D684E69A96DEB34230D046A499F3DF8396D3842EB33BE26 ] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
13:03:09.0864 0x07cc  BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - ok
13:03:09.0895 0x07cc  [ 70189D91A5347F5E34039D06C7E58419, 82313ED72199FD14E0694917102B25F4BBECE996025D2656237912CEE4E88740 ] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
13:03:09.0911 0x07cc  YSearchProtection - ok
13:03:09.0927 0x07cc  [ BB025F5C1E3F35DFC05EC66CBFEEAEBE, EFAEBFFC978BDD43486EE74D8A35E97578BAF630838FA20475C873094C3B4FF4 ] C:\Program Files\phonostar-Player\phonostarTimer.exe
13:03:09.0927 0x07cc  phonostarTimer - detected UnsignedFile.Multi.Generic ( 1 )
13:03:09.0927 0x07cc  Detect skipped due to KSN trusted
13:03:09.0927 0x07cc  phonostarTimer - ok
13:03:10.0816 0x07cc  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe
13:03:10.0847 0x07cc  Google Update - ok
13:03:10.0878 0x07cc  {0D60629E-6757-4B1A-1A32-7835EEAA2F15} - ok
13:03:11.0081 0x07cc  [ 896A1DB9A972AD2339C2E8569EC926D1, EDB395CA46F79BC6668427DF05DCD163F2BC874DDBB6484D0A30448F6C9D08E2 ] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
13:03:11.0284 0x07cc  SpybotSD TeaTimer - ok
13:03:11.0409 0x07cc  [ 1E377D64DACD4E4656C86241CE5A1233, F0AE582DBCF2525F580DA6D441B4F24BAE551CD35C0F2B19B2B0127787F2AE3A ] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
13:03:11.0502 0x07cc  AutoStartNPSAgent - ok
13:03:11.0892 0x07cc  [ 5C35525CEBE7B59FAFA05D5E98D7EDEF, 456BDD801C621B6DE4B2862F846145C6143B19B45BD6459DD29B045879E76562 ] C:\Program Files\CCleaner\CCleaner.exe
13:03:12.0282 0x07cc  CCleaner Monitoring - ok
13:03:12.0298 0x07cc  Adobe Speed Launcher - ok
13:03:12.0298 0x07cc  Waiting for KSN requests completion. In queue: 3
13:03:13.0312 0x07cc  Waiting for KSN requests completion. In queue: 3
13:03:14.0326 0x07cc  Waiting for KSN requests completion. In queue: 3
13:03:15.0340 0x07cc  Waiting for KSN requests completion. In queue: 3
13:03:16.0463 0x07cc  AV detected via SS2: Avira Antivirus, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
13:03:16.0557 0x07cc  Win FW state via NFP2: enabled ( trusted )
13:03:19.0630 0x07cc  ============================================================
13:03:19.0630 0x07cc  Scan finished
13:03:19.0630 0x07cc  ============================================================
13:03:19.0630 0x1218  Detected object count: 0
13:03:19.0630 0x1218  Actual detected object count: 0
         

Alt 30.12.2015, 18:46   #5
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Heitmann Metallhandel  Makros Virus - Standard

Heitmann Metallhandel Makros Virus



Schritt 1

Bitte deinstalliere folgende Programme:

Ask Toolbar
Ask Toolbar Updater


Versuche es bei Windows Vista zunächst über Systemsteuerung/Programme deinstallieren.

Sollte das nicht gehen, lade Dir bitte Revo Uninstallerhier herunter. Entpacke die zip-Datei auf den Desktop. Anleitung
  • Starte die Revouninstaller.exe
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den oben angegebenen Programmen und wähle sie einzeln aus.
    Klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

Wenn Du ein Programm nicht deinstallieren kannst, mach mit dem nächsten weiter.
Auch wenn am Ende noch Programme übrig geblieben sind, führe den nächsten Schritt aus:

Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 3

  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Gehe zurück zum Armaturenbrett und klicke auf "Jetzt scannen".
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben und poste mir das Log.

Schritt 4



Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 30.12.2015, 23:15   #6
karaiskaki
 
Heitmann Metallhandel  Makros Virus - Standard

Logdateien



Hallo Jürgen, ich habe alles so wie du es beschrieben hast ausgeführt und poste jetzt das Resultat. Gruß Niko
Code:
ATTFilter
# AdwCleaner v5.026 - Bericht erstellt am 30/12/2015 um 20:22:29
# Aktualisiert am 21/12/2015 von Xplode
# Datenbank : 2015-12-30.1 [Server]
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Benutzername : Nikos - NIKOS-PC
# Gestartet von : C:\Users\Nikos\Desktop\AdwCleaner_5.026.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****

[-] Dienst Gelöscht : APNMCP
[-] Dienst Gelöscht : YahooAUService

***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Premium
[-] Ordner Gelöscht : C:\Program Files\Ask.com
[-] Ordner Gelöscht : C:\Program Files\AskPartnerNetwork
[-] Ordner Gelöscht : C:\Program Files\Conduit
[-] Ordner Gelöscht : C:\Program Files\Free Video Converter
[-] Ordner Gelöscht : C:\Program Files\FileConverter_1.3
[-] Ordner Gelöscht : C:\Program Files\Free FLV Converter
[-] Ordner Gelöscht : C:\Program Files\Yahoo!\Companion
[-] Ordner Gelöscht : C:\Program Files\a2zLyrics-1
[-] Ordner Gelöscht : C:\Program Files\Mozilla Firefox\Extensions\quickstores@quickstores.de
[-] Ordner Gelöscht : C:\Program Files\Common Files\Tobit
[-] Ordner Gelöscht : C:\ProgramData\apn
[-] Ordner Gelöscht : C:\ProgramData\AskPartnerNetwork
[-] Ordner Gelöscht : C:\ProgramData\Yahoo! Companion
[-] Ordner Gelöscht : C:\ProgramData\AE53F947A4C978AC0000AE534AF97DD0
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free FLV Converter
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Local\eSupport.com
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Local\Temp\apn
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Local\Temp\OCS
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\LocalLow\AskToolbar
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\LocalLow\Conduit
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\LocalLow\FileConverter_1.3
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Roaming\Desktopicon
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Roaming\OpenCandy
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Roaming\QuickStoresToolbar
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Roaming\Tobit
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Roaming\download Manager
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Roaming\Yahoo!\Companion
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Conduit
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\ConduitCommon
[-] Ordner Gelöscht : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[-] Ordner Gelöscht : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
[-] Ordner Gelöscht : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Nikos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk
[-] Datei Gelöscht : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\searchplugins\webssearches.xml
[-] Datei Gelöscht : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\user.js
[-] Datei Gelöscht : C:\Users\Nikos\Downloads\Documents\eBay.lnk

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****

[-] Geplante Aufgabe Gelöscht : Scheduled Update for Ask Toolbar

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\YMERemote.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3241949
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BD125908-5F10-409F-9C01-F2207CA18887}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-00A7-7A786E7484D7}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-00A7-7A786E7484D7}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{41564952-412D-5637-00A7-7A786E7484D7}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
[-] Schlüssel Gelöscht : HKCU\Software\APN
[-] Schlüssel Gelöscht : HKCU\Software\Ask.com
[-] Schlüssel Gelöscht : HKCU\Software\AskPartnerNetwork
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Softonic
[-] Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
[-] Schlüssel Gelöscht : HKCU\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKCU\Software\Yahoo\YFriendsBar
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Conduit
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\APN
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\AskToolbar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Yahoo\Companion
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\QuickStores-Toolbar_is1
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Yahoo! Companion
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Free FLV Converter_is1
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AppDataLow\Software\AskToolbar
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\AppDataLow\Software\Conduit
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\QuickStores-Toolbar_is1
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Yahoo! Companion
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Free FLV Converter_is1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{15003506-EE97-481D-85CA-0AE23947A486}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F57C662B-F287-47DE-900D-3502FF7E098A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

***** [ Internetbrowser ] *****

[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177..clientLogIsEnabled", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.AllowNonPrivacy", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.AppTrackingLastCheckTime", "Tue Mar 29 2011 09:16:26 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.BrowserCompStateIsOpen_129995099749948850", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.BrowserCompStateIsOpen_1366729289000", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.BrowserCompStateIsOpen_1367225781000", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.BrowserCompStateIsOpen_758950620983444994", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.CT1576177.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT1576177&octid=CT1576177&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_I[...]
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.CTID", "CT1576177");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.CTPBaseServerUrl", "hxxp://services.conduit.com/");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.CommunityChanged", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.ConfigurationLastCheckTime", "Tue Sep 10 2013 22:30:35 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.CurrentServerDate", "10-9-2013");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.DialogsAlignMode", "LTR");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.DialogsGetterLastCheckTime", "Wed Sep 04 2013 20:20:31 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.DownloadReferralCookieData", "");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedLastCount128508549850888256", 648);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate12836143", "Thu Jan 05 2012 01:05:54 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate12836169", "Thu Jan 05 2012 01:05:54 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate12836350", "Thu Jan 05 2012 01:05:54 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128508548073075583", "Thu Jan 05 2012 00:05:53 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128509399572900867", "Thu Jan 05 2012 00:05:52 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128520346481669642", "Thu Jan 05 2012 00:05:52 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128520346607919643", "Thu Jan 05 2012 00:05:52 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128520346740887833", "Thu Jan 05 2012 00:05:52 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128520346908231605", "Thu Jan 05 2012 00:05:52 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128520347046512856", "Thu Jan 05 2012 00:05:53 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128520347157919107", "Thu Jan 05 2012 00:05:52 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128559567960307092", "Thu Jan 05 2012 00:05:54 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128649541022275416", "Thu Jan 05 2012 00:05:53 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128649541978837520", "Thu Jan 05 2012 00:05:53 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128649542595712988", "Thu Jan 05 2012 00:05:53 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128649543096806600", "Thu Jan 05 2012 00:05:53 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128649544518056351", "Thu Jan 05 2012 00:05:53 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128649545412118848", "Thu Jan 05 2012 00:05:53 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128649545904306583", "Thu Jan 05 2012 00:05:54 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128649546330556825", "Thu Jan 05 2012 00:05:54 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128649550407275424", "Thu Jan 05 2012 00:05:54 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128649552058993934", "Thu Jan 05 2012 00:05:54 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedPollDate128649558703994539", "Thu Jan 05 2012 00:05:54 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedTTL128508548073075583", 5);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedTTL128509399572900867", 10);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedTTL128649541022275416", 5);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedTTL128649542595712988", 5);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedTTL128649543096806600", 5);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FeedTTL128649546330556825", 30);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FirstServerDate", "26-5-2010");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FirstTime", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FirstTimeFF3", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.FirstTimeSettingsDone", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.GroupingServerCheckInterval", 1440);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.HasUserGlobalKeys", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.HomePageProtectorEnabled", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.HomepageBeforeUnload", "hxxp://www.yahoo.com/");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.Initialize", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.InitializeCommonPrefs", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.InstallationAndCookieDataSentCount", 3);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.InstalledDate", "Wed May 26 2010 12:37:15 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.InvalidateCache", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.IsAlertDBUpdated", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.IsGrouping", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.IsMulticommunity", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LanguagePackLastCheckTime", "Tue Sep 10 2013 20:54:40 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LanguagePackReloadInterval", "24");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LanguagePackReloadIntervalMM", 1440);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin", "Wed Sep 10 2008 22:22:02 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_2.5.6.0", "Sat Aug 21 2010 22:59:54 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_2.7.2.0", "Wed Mar 23 2011 10:57:20 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_3.12.2.3", "Mon May 21 2012 11:34:35 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_3.13.0.6", "Thu Aug 02 2012 00:22:46 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_3.14.1.0", "Wed Aug 29 2012 16:24:48 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_3.15.1.0", "Wed Nov 07 2012 09:38:48 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_3.16.0.3", "Sun Feb 10 2013 19:07:18 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_3.18.0.7", "Wed Jul 31 2013 20:20:39 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_3.19.0.3", "Sun Sep 08 2013 20:35:35 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_3.20.0.4", "Tue Sep 10 2013 21:27:08 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_3.3.2.1", "Wed Mar 23 2011 19:37:00 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_3.3.3.2", "Tue Mar 29 2011 19:07:24 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LastLogin_3.8.1.0", "Thu Jan 05 2012 00:05:51 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LatestVersion", "3.20.0.4");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.Locale", "en-us");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.LoginCache", 4);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.MCDetectTooltipHeight", "83");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.MCDetectTooltipWidth", "295");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.MyStuffEnabledAtInstallation", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.RadioIsPodcast", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.RadioLastCheckTime", "Thu Jan 05 2012 00:05:52 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.RadioLastUpdateIPServer", "3");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.RadioLastUpdateServer", "129012499909130000");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.RadioMediaID", "12836178");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.RadioMediaType", "Media Player");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.RadioMenuSelectedID", "EBRadioMenu_CT1576177_RECENT12836178");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.RadioShrinked", "expanded");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.RadioStationName", "LATINO%20FM%2099.5%20FM%20EN%20");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.RadioStationURL", "hxxp://92.48.107.35:8000");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.RadioVolume", "100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SHRINK_TOOLBAR", 1);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchAPILastCheckTime", "Tue Sep 10 2013 22:30:35 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchEngine", "Searchhxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT1576177&octid=EB_ORIGINAL_CTID&SearchSource=1");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchEngineBeforeUnload", "Google");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchFromAddressBarIsInit", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchInNewTabEnabled", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchInNewTabIntervalMM", 1440);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchInNewTabLastCheckTime", "Sun Sep 08 2013 19:56:01 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchInNewTabURLFromSearchAPI", "hxxp://search.conduit.com/?ctid=CT1576177&octid=CT1576177&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_ID");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchProtectorEnabled", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SearchProtectorToolbarDisabled", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.Server", "hxxp://users.conduit.com");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.ServiceMapLastCheckTime", "Tue Sep 10 2013 20:54:40 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SettingsCheckIntervalMin", 120);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SettingsLastCheckTime", "Tue Sep 10 2013 23:07:26 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.SettingsLastUpdate", "1378814414");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.ThirdPartyComponentsInterval", 504);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.ThirdPartyComponentsLastCheck", "Thu Jan 05 2012 00:05:50 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.ThirdPartyComponentsLastUpdate", "1312887586");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.ToolbarAlignMode", "SYSTEM");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.ToolbarName", "livetvbar");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1576177");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.UserID", "UN20080910222201619");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.ValidationData_Search", 2);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.ValidationData_Toolbar", 2);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.VusualLastUpdateTime", "1220482279");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.alertChannelId", "17096");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.backendstorage.ytapp_dailyactivity", "31333031343038323636303133");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.backendstorage.ytapp_lifetimesent", "54525545");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.clientLogIsEnabled", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.countryCode", "DE");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.globalFirstTimeInfoLastCheckTime", "Thu Jan 05 2012 00:05:59 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.homepageProtectorEnableByLogin", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.initDone", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.isAppTrackingManagerOn", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.myStuffEnabled", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.myStuffPublihserMinWidth", 400);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.myStuffServiceIntervalMM", 1440);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.oldAppsList", "128499901691512797,128526810339013103,111,129132563179527150,1000082,129012429519069342,129000154842475804,129001851961462505,128823022784200226,129217881225944372,[...]
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.revertSettingsEnabled", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.searchProtectorDialogDelayInSec", 10);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.searchProtectorEnableByLogin", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.testingCtid", "");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.toolbarAppMetaDataLastCheckTime", "Tue Sep 10 2013 20:54:40 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.toolbarContextMenuLastCheckTime", "Thu Jan 05 2012 00:05:58 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CT1576177.usagesFlag", 2);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT1576177/CT1576177", "\"568ffad0ef2ac873207bda2c8cdd2bef3\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/17096/16748/DE", "\"0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1576177", "\"1367226862\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us", "wVmmvqqOMqrv5xct1cJIHg==");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us", "0uSPYx+Kl2jpu8sJZMeHjw==");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us", "Dclc8oo4TTv7+mAkSlUSWg==");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us", "K4Vqu91uAzWURlxJRdXJOg==");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"07879643d3acc1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.2.1", "\"0652eeacc6cb1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"0652eeacc6cb1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"80b45d28468cd1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"2a1a0d7b586ce1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.19.0.3", "\"2a1a0d7b586ce1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.2.1", "\"0652eeacc6cb1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.1.0", "\"80ee9485875dcc1:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1576177", "\"9971ee9815a5fc569766cf6ddcaaca8e\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634356118310000000");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT1576177/CT1576177", "\"1321973063\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Midnight/equalizer_dead.gif", "\"03e383867bc91:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Midnight/minimize.gif", "\"0e685fa27bc91:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Midnight/play.gif", "\"02faea337c7c91:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Midnight/stop.gif", "\"03a54d7f47ac91:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Midnight/vol.gif", "\"049b47644c7c91:0\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"e6cb2dbb148781178bcd9e41415ce096\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"9220c1862b1d15f7fafbc60936de2b8d\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.EngineHiddenByUser", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.EngineOwner", "");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.EngineOwnerGuid", "{ad55c869-668e-457c-b270-0cfb2f61116f}");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.EngineOwnerToolbarId", "livetvbar");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.IsEngineShown", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Nikos\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\faoen3cu.default\\conduitCommon\\modules\\3.8.1.0");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.1.0");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwner", "CT1576177");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{ad55c869-668e-457c-b270-0cfb2f61116f}");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "livetvbar");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT1576177");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Thu Apr 14 2011 21:20:56 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Jun 20 2011 16:47:57 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.locale", "en");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Jun 20 2011 16:47:49 GMT+0200");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.showTrayIcon", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.alert.userId", "1185c161-d0ad-452a-8980-1b6c2af67694");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Jan 05 2012 00:05:58 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.globalUserId", "e400709b-eb0c-47f7-be51-596f5ebcd5fe");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.killedEngine", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Jan 05 2012 00:05:58 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu Jan 05 2012 01:06:07 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.locale", "en");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Jan 05 2012 00:05:51 GMT+0100");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.notifications.userId", "6543a03e-0f4f-4309-8fb4-79ec3b454c2b");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("CommunityToolbar.undefined", "");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "Ask.com");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.AVIRA-V7.apn.tldcache", "{\"date\":1449341833294,\"domainList\":[\"ac\",\"com.ac\",\"edu.ac\",\"gov.ac\",\"net.ac\",\"mil.ac\",\"org.ac\",\"ad\",\"nom.ad\",\"ae\",\"co.ae\",\"net[...]
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.AVIRA-V7.first_launch_url", "\"hxxp://search.avira.com/launch/6.html?locale={locale}\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.AVIRA-V7.homepage", "\"hxxp://avira.search.ask.com/\"");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.AVIRA-V7.newTabSearchURL", "\"hxxp://www.search.ask.com/web?o=&p2=&tpid=AVIRA-V7&gct=tab&apn_uid=&apn_ptnrs=&apn_dtid=&apn_dbr=&itbv=&doi=&trgb=&tbv=&crxv=&pf=&pt=&psv=&q=%7Bquer[...]
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.AVIRA-V7.searchURL", "\"hxxp://www.search.ask.com/web?o=&p2=&tpid=AVIRA-V7&gct=bar&apn_uid=&apn_ptnrs=&apn_dtid=&apn_dbr=&itbv=&doi=&trgb=&tbv=&crxv=&pf=&pt=&psv=&q=%7Bquery%7D\"[...]
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.enabledItems", "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3,anycolor.pavlos256@gmail.com:0.3.3,{b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4,fastdial@telega.phpnet.us:3.4,{3112ca[...]
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.engine@conduit.com.install-event-fired", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.foxlingo.addit.defaultAddons", "{ \"software\": {\"35\": {\"id\": \"35\",\"title\": \"ConnectBar\",\"type\": \"XPI\",\"url\": \"hxxp://connectbar.net/connectbar.xpi?userid=7\",\"[...]
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.quickstores@quickstores.de.install-event-fired", true);
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("quickstores.toolbar.affid", "2003");
[-] [C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js] [Preference] Gelöscht : user_pref("quickstores.toolbar.guid", "{AA081BF9-98AB-2F50-A418-5C1D7745B636}");
[-] [C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : de.ask.com
[-] [C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : delta-search.com
[-] [C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : webssearches

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [71596 Bytes] ##########
         

Alt 30.12.2015, 23:27   #7
karaiskaki
 
Heitmann Metallhandel  Makros Virus - Standard

Logs Anti Malware und FRST



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 30.12.2015
Suchlaufzeit: 20:42:02
Protokolldatei: MAW.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.30.04
Rootkit-Datenbank: v2015.12.26.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows Vista Service Pack 2
CPU: x86
Dateisystem: NTFS
Benutzer: Nikos

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 401904
Abgelaufene Zeit: 1 Std., 0 Min., 36 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Tiefer Rootkit-Suchlauf: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
[CODE]
FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:30-12-2015
durchgeführt von Nikos (Administrator) auf NIKOS-PC (30-12-2015 22:17:26)
Gestartet von C:\Users\Nikos\Desktop
Geladene Profile: IUSR_NMPR & Nikos &  (Verfügbare Profile: IUSR_NMPR & Nikos)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Empolis GmbH) C:\Program Files\Common Files\Gnab\Service\ServiceController.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Empolis GmbH) C:\Program Files\Medion\MEDIONbox\Program\GCS.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
() C:\Program Files\CDBurnerXP\NMSAccessU.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(CyberLink Corp.) C:\Program Files\HomeCinema\TV Enhance\TVEService.exe
(ODSoft multimedia) C:\Program Files\Sceneo\AbsolutTV\Services\ODSBC\ODSBCApp.exe
(Cyberlink Corp.) C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
() C:\Program Files\Steganos Safe OEM\SteganosHotKeyService.exe
(RealNetworks, Inc.) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
() C:\Program Files\dcmsvc\dcmsvc.exe
(Buhl Data Service GmbH) C:\Program Files\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Rocket Division Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
() C:\Program Files\phonostar-Player\phonostarTimer.exe
(Safer Networking Limited) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
() C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE
(Malwarebytes) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdc.exe [563080 2007-01-24] (Microsoft Corporation)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [UpdatePPShortCut] => C:\Program Files\HomeCinema\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM\...\Run: [TVEService] => C:\Program Files\HomeCinema\TV Enhance\TVEService.exe [155648 2007-10-19] (CyberLink Corp.)
HKLM\...\Run: [TVBroadcast] => C:\Program Files\Sceneo\AbsolutTV\SERVICES\ODSBC\ODSBCApp.exe [797696 2007-08-08] (ODSoft multimedia)
HKLM\...\Run: [toolbar_eula_launcher] => C:\Program Files\GoogleEULA\EULALauncher.exe [16896 2007-02-09] ( )
HKLM\...\Run: [RemoteControl] => C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe [71216 2007-02-09] (Cyberlink Corp.)
HKLM\...\Run: [NvSvc] => RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NSLauncher] => C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe [3100672 2007-09-07] ()
HKLM\...\Run: [NMSSupport] => C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe [439512 2007-06-27] (Intel Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-09] (Intel Corporation)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [220160 2008-04-03] (Google)
HKLM\...\Run: [CCUTRAYICON] => C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe [215256 2007-06-27] (Intel(R) Corporation)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [111936 2008-09-03] (Apple Inc.)
HKLM\...\Run: [SAFEOEM HotKeys] => C:\Program Files\Steganos Safe OEM\SteganosHotKeyService.exe [26112 2008-12-11] ()
HKLM\...\Run: [TkBellExe] => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [202256 2010-10-14] (RealNetworks, Inc.)
HKLM\...\Run: [dcmsvc] => C:\Program Files\dcmsvc\dcmsvc.exe [30440 2009-04-07] ()
HKLM\...\Run: [Cm106Sound] => RunDll32 cm106.cpl,CMICtrlWnd
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\Run: [NPSStartup] => [X]
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-05] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-15] (Nero AG)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-06-24] (Google Inc.)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Run: [phonostarTimer] => C:\Program Files\phonostar-Player\phonostarTimer.exe [39936 2010-04-01] ()
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {15ca7099-9380-11e0-9207-c68156decc91} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {7bf933e2-20a0-11e0-89c9-ecb57d8f8c57} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\Start.hta
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {7dce98f1-939b-11e0-b139-8f82e272fcf4} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {cdf9533a-938c-11e0-9797-e65ff4982107} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {cdf95348-938c-11e0-9797-d0b990c9d355} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\MountPoints2: {cdf95360-938c-11e0-9797-89ee9383e3d5} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-15] (Nero AG)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-06-24] (Google Inc.)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [phonostarTimer] => C:\Program Files\phonostar-Player\phonostarTimer.exe [39936 2010-04-01] ()
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {15ca7099-9380-11e0-9207-c68156decc91} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7bf933e2-20a0-11e0-89c9-ecb57d8f8c57} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\Start.hta
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7dce98f1-939b-11e0-b139-8f82e272fcf4} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {cdf9533a-938c-11e0-9797-e65ff4982107} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {cdf95348-938c-11e0-9797-d0b990c9d355} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {cdf95360-938c-11e0-9797-89ee9383e3d5} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-06-24] (Google Inc.)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-15] (Nero AG)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [phonostarTimer] => C:\Program Files\phonostar-Player\phonostarTimer.exe [39936 2010-04-01] ()
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [Google Update] => C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [AutoStartNPSAgent] => C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6602152 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\RunOnce: [Adobe Speed Launcher] => 1418941746
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {15ca7099-9380-11e0-9207-c68156decc91} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {7bf933e2-20a0-11e0-89c9-ecb57d8f8c57} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\Start.hta
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {7dce98f1-939b-11e0-b139-8f82e272fcf4} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {9879ed16-2ff9-11e3-91a7-94094ca61297} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\Start.hta
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {cdf9533a-938c-11e0-9797-e65ff4982107} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {cdf95348-938c-11e0-9797-d0b990c9d355} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {cdf95360-938c-11e0-9797-89ee9383e3d5} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {e457e27e-f28a-11e0-beb6-95a08ebf4934} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {e457e288-f28a-11e0-beb6-eee2e2166bed} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {e457e29a-f28a-11e0-beb6-8936c160e657} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\MountPoints2: {e457e2a4-f28a-11e0-beb6-a3c51c88021e} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssBranded.scr [8139264 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-06-24] (Google Inc.)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-15] (Nero AG)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [phonostarTimer] => C:\Program Files\phonostar-Player\phonostarTimer.exe [39936 2010-04-01] ()
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [{0D60629E-6757-4B1A-1A32-7835EEAA2F15}] => C:\Users\Nikos\AppData\Roaming\Yhtop\ogirafh.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AutoStartNPSAgent] => C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6602152 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Adobe Speed Launcher] => 1418941746
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {15ca7099-9380-11e0-9207-c68156decc91} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7bf933e2-20a0-11e0-89c9-ecb57d8f8c57} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\Start.hta
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7dce98f1-939b-11e0-b139-8f82e272fcf4} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9879ed16-2ff9-11e3-91a7-94094ca61297} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\Start.hta
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {cdf9533a-938c-11e0-9797-e65ff4982107} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {cdf95348-938c-11e0-9797-d0b990c9d355} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {cdf95360-938c-11e0-9797-89ee9383e3d5} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e457e27e-f28a-11e0-beb6-95a08ebf4934} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e457e288-f28a-11e0-beb6-eee2e2166bed} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e457e29a-f28a-11e0-beb6-8936c160e657} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e457e2a4-f28a-11e0-beb6-a3c51c88021e} - J:\AutoRun.exe
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssBranded.scr [8139264 2008-01-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2008-06-22]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\Users\Nikos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Warner Bros.lnk [2010-10-23]
ShortcutTarget: Warner Bros.lnk -> C:\Program Files\Warner Bros. Digital Copy Manager\Warner Bros. Digital Copy Manager.exe (Keine Datei)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5B99534D-2400-4DC0-9113-8BECB8EC9273}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5C3F7A78-9AC4-4A54-B0DF-4F12F7C29A6C}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{CAD71E9E-1831-483C-B9E3-9F2820B5E4F8}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130863806944982000&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130863806944982000&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=fp-yie9
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=fp-yie9
URLSearchHook: HKLM - livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 - (Kein Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -  Keine Datei
URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 - livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (Kein Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -  Keine Datei
URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 - livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (Kein Name) - {78e516ef-11de-47a1-8364-a99b917ec5ee} -  Keine Datei
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> {98D25937-10C2-49A3-B17B-893D6733D12D} URL = hxxp://www.flickr.com/search/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {98D25937-10C2-49A3-B17B-893D6733D12D} URL = hxxp://www.flickr.com/search/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> {98D25937-10C2-49A3-B17B-893D6733D12D} URL = hxxp://www.flickr.com/search/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-tyc8
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {98D25937-10C2-49A3-B17B-893D6733D12D} URL = hxxp://www.flickr.com/search/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-tyc8
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-10-14] (RealPlayer)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO: Speckie -> {8CE7F568-67FA-4432-BA39-F5AFD68E7B8B} -> C:\Users\Nikos\AppData\Roaming\Speckie\bin32\Speckie32.dll [2013-06-02] (Versoworks Pty Ltd)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
BHO: livetvbar Toolbar -> {ad55c869-668e-457c-b270-0cfb2f61116f} -> C:\Program Files\livetvbar\tblive.dll [2008-07-10] (Conduit Ltd.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
Toolbar: HKLM - livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll [2008-07-10] (Conduit Ltd.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003 -> livetvbar Toolbar - {AD55C869-668E-457C-B270-0CFB2F61116F} - C:\Program Files\livetvbar\tblive.dll [2008-07-10] (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> livetvbar Toolbar - {AD55C869-668E-457C-B270-0CFB2F61116F} - C:\Program Files\livetvbar\tblive.dll [2008-07-10] (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004 -> livetvbar Toolbar - {AD55C869-668E-457C-B270-0CFB2F61116F} - C:\Program Files\livetvbar\tblive.dll [2008-07-10] (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> livetvbar Toolbar - {AD55C869-668E-457C-B270-0CFB2F61116F} - C:\Program Files\livetvbar\tblive.dll [2008-07-10] (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {78E516EF-11DE-47A1-8364-A99B917EC5EE} -  Keine Datei
DPF: {162247AF-26A7-44FC-A93A-69506EA244F3} hxxps://account.maxdome.de/presentation/script/HWTest.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {924C1588-90C3-4910-B6CA-D57A1C0418FE} hxxp://de.bookmarks.yahoo.com/YbConvFav.CAB
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F3D4C08D-3616-43F0-9E29-44C749B0664B} hxxp://whkd.dvrdns.org/JpegInst.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default
FF DefaultSearchUrl: hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF SelectedSearchEngine: Google
FF Homepage: hxxps://de.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2008-03-19] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [Keine Datei]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-10] (Google)
FF Plugin: @real.com/nppl3260;version=6.0.12.732 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2010-10-14] (RealNetworks, Inc.)
FF Plugin: @real.com/npracplug;version=1.0.0.0 -> C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll [2005-04-27] (RealNetworks)
FF Plugin: @real.com/nprjplug;version=1.0.3.732 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2010-10-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=1.0.0.0 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2010-10-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.732 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2010-10-14] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin: @veetle.com/vbp;version=0.9.17 -> C:\Program Files\Veetle\VLCBroadcast\npvbp.dll [2010-03-23] (Veetle Inc)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files\Veetle\plugins\npVeetle.dll [2010-10-16] (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll [2010-09-21] (Veetle Inc)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-07-30] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1865184633-4289980622-1215388488-1004: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\Nikos\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll [2010-03-06] ( )
FF Plugin HKU\S-1-5-21-1865184633-4289980622-1215388488-1004: @tools.google.com/Google Update;version=3 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-1865184633-4289980622-1215388488-1004: @tools.google.com/Google Update;version=9 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\Nikos\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll [2010-03-06] ( )
FF Plugin HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32dsw.dll [2008-03-19] (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npgcplug.dll [2008-09-27] (RealNetworks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2010-10-14] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-06-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2013-06-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2013-06-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2013-06-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2013-06-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npracplug.dll [2005-04-27] (RealNetworks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2010-10-14] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2010-10-14] (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\searchplugins\userlogos.xml [2009-01-06]
FF Extension: Low Quality Flash - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\extensions\low_quality_flash@pie2k.com [2015-05-30]
FF Extension: Greek Translator - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\extensions\{A17292E8-DE0B-11DA-BCE2-92ABFC5AF602}.xpi [2015-05-30]
FF Extension: Avira Browser Safety - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\abs@avira(233).com [2015-12-15]
FF Extension: AnyColor - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\anycolor.pavlos256@gmail.com [2010-08-22] [ist nicht signiert]
FF Extension: German Dictionary - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-06-08] [ist nicht signiert]
FF Extension: Greek Spelling dictionary - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\el-GR@dictionaries.addons.mozilla.org [2015-12-19] [ist nicht signiert]
FF Extension: Fast Dial - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\fastdial@telega.phpnet.us [2015-11-21]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\ich@maltegoetz.de.xpi [2015-07-27]
FF Extension: YouTube™ Flash® Player - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2015-11-28]
FF Extension: YesScript - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\yesscript@userstyles.org.xpi [2015-05-30]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-27] [ist nicht signiert]
FF Extension: Flash Game Maximizer - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{258735dc-6743-4805-95fc-f95941fffdad}.xpi [2015-05-30]
FF Extension: Google Toolbar for Firefox - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011-04-23] [ist nicht signiert]
FF Extension: Google Toolbar for Firefox - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(169) [2008-06-23] [ist nicht signiert]
FF Extension: Google Toolbar for Firefox - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(95) [2011-04-18] [ist nicht signiert]
FF Extension: Flashblock - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-11-29]
FF Extension: eBay Sidebar for Firefox - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi [2015-05-30]
FF Extension: NoScript - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-23]
FF Extension: iMacros for Firefox - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}(132) [2013-09-13] [ist nicht signiert]
FF Extension: DownloadHelper - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(123) [2013-09-15] [ist nicht signiert]
FF Extension: DownloadHelper - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(133) [2013-09-14] [ist nicht signiert]
FF Extension: DownloadHelper - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(881) [2009-04-10] [ist nicht signiert]
FF Extension: Video DownloadHelper - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
FF Extension: Adblock Plus - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16]
FF Extension: GooglePreview - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}(68) [2009-05-07] [ist nicht signiert]
FF Extension: Kein Name - C:\Program Files\Mozilla Firefox\extensions\{ad55c869-668e-457c-b270-0cfb2f61116f} [2015-12-27] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-07-15] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-10-14] [ist nicht signiert]
FF HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] - C:\Program Files\BullGuard Software\BullGuard\antispam\tbspamfilter => nicht gefunden
FF HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] - C:\Program Files\BullGuard Software\BullGuard\antispam\tbspamfilter => nicht gefunden
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2013-10-25]

Chrome: 
=======
CHR Profile: C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (a2zLyrics-1) - C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\afeodekfkejjgjigfnhhifffljmhnpfn [2013-09-14]
CHR Extension: (YouTube) - C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18]
CHR Extension: (Google-Suche) - C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2011-10-05]
CHR Extension: (Google Mail) - C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2010-10-14]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [223448 2007-06-27] (Intel(R) Corporation)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [930944 2015-12-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [466408 2015-12-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1222952 2015-12-05] (Avira Operations GmbH & Co. KG)
S2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
S2 ClipInc001; C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe [1412608 2008-04-30] () [Datei ist nicht signiert]
S3 DHTRACE; C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [39640 2007-06-27] (Intel(R) Corporation)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2007-02-12] () [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files\ALDI Foto Service Nord\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [Datei ist nicht signiert]
R2 GnabService; c:\program files\common files\gnab\service\servicecontroller.exe [36864 2007-04-13] (Empolis GmbH) [Datei ist nicht signiert]
S3 GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe [69120 2008-04-03] (Google) [Datei ist nicht signiert]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-02-28] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-02-28] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
S2 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [59096 2007-06-27] (Intel(R) Corporation)
S2 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [268504 2007-06-27] ()
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [157912 2007-06-27] (Intel(R) Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2008-10-20] ()
R2 NMSCore; C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [317656 2007-06-27] (Intel(R) Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [Datei ist nicht signiert]
R2 QualityManager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [272600 2007-06-27] (Intel(R) Corporation)
R2 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [446680 2007-06-27] (Intel(R) Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [Datei ist nicht signiert]
S3 SoundMovieServer; C:\Windows\system32\snmvtsvc.exe [184320 2008-04-17] (SoundMovieServer) [Datei ist nicht signiert]
R2 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1681408 2007-08-16] (Buhl Data Service GmbH) [Datei ist nicht signiert]
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [Datei ist nicht signiert]
R2 TVECapSvc; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [290909 2007-10-19] () [Datei ist nicht signiert]
R2 TVESched; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [114779 2007-10-19] () [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [Datei ist nicht signiert]
S2 BGLiveSvc; "C:\Program Files\BullGuard Software\BullGuard\BullGuardUpdate.exe" [X]
S2 BgMainSvc; C:\Program Files\BullGuard Software\BullGuard\BsMain.dll [X]
S2 BsFileScan; C:\Program Files\BullGuard Software\BullGuard\BsFileScan.dll [X]
S2 BsMailProxy; C:\Program Files\BullGuard Software\BullGuard\BsMailProxy.dll [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [1302368 2008-01-08] (NXP Semiconductors Germany GmbH)
S3 ASPI; C:\Windows\System32\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [Datei ist nicht signiert]
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278984 2008-09-10] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106968 2015-12-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136272 2015-12-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 BdFileSpy; C:\Windows\system32\drivers\BdFileSpy.sys [50896 2008-04-03] (BullGuard Ltd.)
S3 CH341SER; C:\Windows\System32\Drivers\CH341SER.SYS [39696 2011-11-05] (www.winchiphead.com) [Datei ist nicht signiert]
R3 DrmCDriverV32; C:\Windows\System32\drivers\DrmCDriverV32.sys [23096 2008-04-17] (Windows (R) Codename Longhorn DDK provider)
R3 DrmCVideo32; C:\Windows\System32\DRIVERS\DrmCVideo32.sys [3768 2008-04-17] (Windows (R) 2000 DDK provider)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [Datei ist nicht signiert]
R3 IntelDH; C:\Windows\System32\Drivers\IntelDH.sys [5632 2008-02-20] (Intel Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2008-09-10] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [170200 2015-12-30] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R3 MovRVDrv32; C:\Windows\System32\DRIVERS\MovRVDrv32.sys [3768 2008-04-17] (Windows (R) 2000 DDK provider)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [554496 2007-09-21] (Ralink Technology Corp.)
R2 nmsunidr; C:\Windows\System32\DRIVERS\nmsunidr.sys [5376 2007-02-18] (Gteko Ltd.)
S3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1131136 2007-04-03] (Philips Semiconductors GmbH)
R1 SLEE_16_DRIVER; C:\Windows\system32\drivers\Sleen16.sys [79104 2008-10-01] (Softwareentwicklung Remus - ArchiCrypt )
R3 SndTDriverV32; C:\Windows\System32\drivers\SndTDriverV32.sys [23096 2008-04-17] (Windows (R) Codename Longhorn DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [685816 2008-04-27] () [Datei ist nicht signiert]
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-06-09] (Avira Operations GmbH & Co. KG)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [25088 2007-04-25] (The OpenVPN Project)
S3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [26784 2007-12-11] (RapidSolution Software AG)
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [14552 2007-06-27] ()
S3 USBMULCD; C:\Windows\System32\drivers\CM106.sys [1499648 2008-09-10] (C-Media Electronics Inc)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
U3 ay94mq87; C:\Windows\system32\Drivers\ay94mq87.sys [0 ] (Microsoft Corporation) <==== ACHTUNG (Null Byte Datei/Ordner)
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCASp50; System32\Drivers\PCASp50.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2008-05-02] () [Datei ist nicht signiert]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
U5 usbser; C:\Windows\System32\Drivers\usbser.sys [28160 2008-01-21] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-30 22:17 - 2015-12-30 22:18 - 00056557 _____ C:\Users\Nikos\Desktop\FRST.txt
2015-12-30 22:15 - 2015-12-30 22:15 - 00000000 ____D C:\Users\Nikos\Desktop\FRST-OlderVersion
2015-12-30 21:57 - 2015-12-30 21:57 - 00001257 _____ C:\Users\Nikos\Desktop\MAW.txt
2015-12-30 20:40 - 2015-12-30 20:42 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-30 20:38 - 2015-12-30 20:38 - 00000863 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-30 20:38 - 2015-12-30 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-30 20:38 - 2015-12-30 20:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-30 20:38 - 2015-12-30 20:38 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 
2015-12-30 20:38 - 2015-10-05 09:50 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-30 20:38 - 2015-10-05 09:50 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-30 20:38 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-30 20:33 - 2015-12-30 20:33 - 22908888 _____ (Malwarebytes ) C:\Users\Nikos\Desktop\mbam-setup-2.2.0.1024.exe
2015-12-30 20:30 - 2015-12-30 20:30 - 00071676 _____ C:\Users\Nikos\Desktop\AdwCleaner[C1].txt
2015-12-30 20:17 - 2015-12-30 20:17 - 01743360 _____ C:\Users\Nikos\Desktop\AdwCleaner_5.026.exe
2015-12-30 19:29 - 2015-12-30 19:29 - 00000000 ____D C:\Users\Nikos\Desktop\RevoUninstallerPortable
2015-12-30 19:26 - 2015-12-30 19:26 - 02785665 _____ (PortableApps.com) C:\Users\Nikos\Desktop\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2015-12-30 12:58 - 2015-12-30 13:45 - 00234960 _____ C:\TDSSKiller.3.1.0.9_30.12.2015_12.58.38_log.txt
2015-12-27 14:25 - 2015-12-28 13:37 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-12-23 15:31 - 2015-12-23 15:31 - 00000000 ____D C:\Program Files\CCleaner
2015-12-21 22:26 - 2015-12-30 22:06 - 00000000 ____D C:\Users\Nikos\Desktop\Tools gegen Makros virus
2015-12-21 22:23 - 2015-12-21 22:23 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Nikos\Desktop\tdsskiller.exe
2015-12-21 12:57 - 2015-12-21 12:58 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2015-12-21 12:47 - 2015-12-21 12:48 - 164803434 _____ C:\Users\Nikos\Downloads\Apache_OpenOffice_4.1.2_Win_x86_install_de.exe
2015-12-21 12:03 - 2015-12-30 22:17 - 00000000 ____D C:\FRST
2015-12-21 12:01 - 2015-12-30 22:15 - 01721856 _____ (Farbar) C:\Users\Nikos\Desktop\FRST.exe
2015-12-16 20:33 - 2015-12-16 20:33 - 01304503 _____ C:\Users\Nikos\Downloads\Neues aus Uhlenhorst - Elternbrief 2015-12-14.pdf
2015-12-15 18:37 - 2015-12-15 18:37 - 00165905 _____ C:\Users\Nikos\Downloads\Rechnung-201529324-28275.pdf
2015-12-10 11:56 - 2015-11-06 18:05 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-10 11:56 - 2015-11-06 17:32 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-12-10 11:56 - 2015-11-06 17:32 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-12-10 11:56 - 2015-11-06 17:32 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-12-10 11:56 - 2015-11-06 17:32 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-12-10 11:56 - 2015-11-06 16:27 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-12-10 11:56 - 2015-11-06 16:26 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-12-10 11:56 - 2015-11-06 16:24 - 02068480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-10 11:56 - 2015-11-06 16:20 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-10 11:56 - 2015-11-06 16:20 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-12-10 11:56 - 2015-11-06 16:19 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-10 11:54 - 2015-11-02 18:04 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-10 11:52 - 2015-11-10 18:03 - 01208832 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-10 11:52 - 2015-11-10 18:03 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-10 11:52 - 2015-11-05 08:34 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-10 11:52 - 2015-11-05 08:26 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 13:30 - 2015-12-10 12:59 - 00322560 _____ C:\Users\Nikos\Downloads\Documents\Gewinn 2015.xls
2015-12-09 11:52 - 2015-11-12 21:39 - 01814528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 11:52 - 2015-11-12 21:37 - 12389376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 11:52 - 2015-11-12 21:36 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 11:52 - 2015-11-12 21:34 - 09753088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 11:52 - 2015-11-12 21:34 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 11:52 - 2015-11-12 21:33 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 11:52 - 2015-11-12 21:32 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 11:52 - 2015-11-12 21:32 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-12-09 11:52 - 2015-11-12 21:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-12-09 11:52 - 2015-11-12 21:31 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 11:52 - 2015-11-12 21:31 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 11:52 - 2015-11-12 21:31 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 11:52 - 2015-11-12 21:31 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 11:52 - 2015-11-12 21:31 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 11:52 - 2015-11-12 21:31 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-12-05 22:36 - 2015-12-05 22:36 - 01190616 _____ (Adobe Systems Incorporated) C:\Users\Nikos\Downloads\flashplayer19_a_install.exe
2015-12-01 13:09 - 2015-12-01 13:09 - 00000000 ____D C:\premium(0)

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-30 22:14 - 2011-10-04 23:38 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004UA.job
2015-12-30 21:57 - 2009-06-12 08:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Suche Schutzvorkehrung
2015-12-30 21:52 - 2009-12-19 18:23 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-30 21:47 - 2011-09-25 22:52 - 00000000 ____D C:\Program Files\DVDFab 8122QtBeta
2015-12-30 21:47 - 2011-09-25 22:08 - 00000000 ____D C:\Program Files\DVDFab 8.1.1.8
2015-12-30 21:47 - 2011-09-25 20:55 - 00000000 ____D C:\Program Files\DVDFab 8 Qt
2015-12-30 21:47 - 2008-04-06 22:09 - 00000000 ____D C:\Program Files\Unlocker
2015-12-30 21:47 - 2006-11-02 12:18 - 00000000 ____D C:\Windows
2015-12-30 21:44 - 2012-04-08 19:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-30 20:30 - 2013-09-15 12:22 - 00000000 ____D C:\AdwCleaner
2015-12-30 20:29 - 2014-03-17 23:08 - 00000438 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-12-30 20:28 - 2008-04-03 18:39 - 00000000 ____D C:\Users\Nikos\AppData\Local\ApplicationHistory
2015-12-30 20:27 - 2009-12-19 18:23 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-30 20:26 - 2009-07-22 16:25 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-12-30 20:26 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-30 20:26 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-30 20:26 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-30 20:24 - 2008-09-08 17:14 - 00000012 _____ C:\Windows\bthservsdp.dat
2015-12-30 20:24 - 2006-11-02 14:01 - 00032530 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-30 20:22 - 2008-06-23 18:19 - 00000000 ____D C:\Users\Nikos\AppData\Roaming\Yahoo!
2015-12-30 13:19 - 2009-03-24 10:11 - 00001052 _____ C:\Windows\Tasks\Google Software Updater.job
2015-12-29 20:16 - 2008-10-03 12:31 - 01643318 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-29 20:16 - 2008-01-21 08:15 - 00702178 _____ C:\Windows\system32\perfh007.dat
2015-12-29 20:16 - 2008-01-21 08:15 - 00158346 _____ C:\Windows\system32\perfc007.dat
2015-12-29 20:16 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\inf
2015-12-29 15:44 - 2012-04-08 19:07 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-12-29 15:44 - 2011-05-15 15:26 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-12-28 22:34 - 2012-10-20 19:34 - 00000000 ____D C:\Users\Nikos\Desktop\SINTAGES
2015-12-28 13:37 - 2012-04-24 22:06 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-12-27 01:14 - 2011-10-04 23:38 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004Core.job
2015-12-25 23:56 - 2008-04-03 18:39 - 00000000 ____D C:\Users\Nikos\AppData\Local\Google
2015-12-25 00:00 - 2008-04-16 21:04 - 00000000 ____D C:\Users\Nikos\AppData\Local\PokerStars.EU
2015-12-23 16:32 - 2008-04-16 21:04 - 00000000 ____D C:\Program Files\PokerStars
2015-12-23 15:31 - 2010-12-26 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-12-23 14:55 - 2008-04-04 22:21 - 00146944 _____ C:\Users\Nikos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-22 12:02 - 2008-04-03 18:39 - 00122056 _____ C:\Users\Nikos\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-22 12:00 - 2006-11-02 13:47 - 00435320 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-21 12:58 - 2013-09-02 17:39 - 00000000 ____D C:\Program Files\OpenOffice 4
2015-12-17 22:18 - 2014-08-20 21:20 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-17 22:18 - 2013-08-08 19:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-17 21:49 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\Msdtc
2015-12-17 21:47 - 2008-04-03 18:38 - 00000000 ____D C:\Users\Nikos
2015-12-17 21:47 - 2008-02-20 13:07 - 00000000 ___HD C:\Users\IUSR_NMPR
2015-12-17 21:47 - 2006-11-02 11:22 - 73924608 _____ C:\Windows\system32\config\software_previous
2015-12-17 21:47 - 2006-11-02 11:22 - 47972352 _____ C:\Windows\system32\config\components_previous
2015-12-17 21:47 - 2006-11-02 11:22 - 43778048 _____ C:\Windows\system32\config\system_previous
2015-12-17 21:47 - 2006-11-02 11:22 - 00524288 _____ C:\Windows\system32\config\default_previous
2015-12-17 21:47 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\security_previous
2015-12-17 21:47 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2015-12-17 21:46 - 2014-04-29 09:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Premium Reihe · Business Line
2015-12-17 21:46 - 2012-08-03 19:23 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-12-17 21:46 - 2011-10-04 23:40 - 00000000 ____D C:\Users\Nikos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-17 21:46 - 2008-04-03 18:39 - 00000000 ____D C:\Users\Nikos\AppData\Local\TVEnhance
2015-12-17 21:46 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\spool
2015-12-17 21:46 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\registration
2015-12-17 21:22 - 2015-01-14 09:28 - 00000000 ____D C:\Users\Nikos\Desktop\willy.tel rechnung
2015-12-15 18:36 - 2008-04-04 00:23 - 00000000 ____D C:\Users\Nikos\AppData\Local\Adobe
2015-12-11 13:12 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2015-12-11 12:31 - 2008-06-24 14:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-11 01:55 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2015-12-10 11:58 - 2010-06-04 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-10 11:52 - 2013-08-16 08:51 - 00000000 ____D C:\Windows\system32\MRT
2015-12-10 11:35 - 2006-11-02 11:24 - 137798368 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-12-09 19:45 - 2014-12-30 23:58 - 00296960 _____ C:\Users\Nikos\Downloads\Documents\Gewinn 2014.xls
2015-12-05 19:58 - 2015-01-10 00:57 - 00136272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-12-05 19:58 - 2015-01-10 00:57 - 00106968 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-12-02 13:25 - 2009-10-03 00:54 - 00247976 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2010-05-25 19:40 - 2010-05-25 19:40 - 145988770 _____ () C:\Program Files\openofficeorg1.cab
2010-05-25 19:43 - 2010-05-25 19:43 - 3099136 _____ () C:\Program Files\openofficeorg32.msi
2010-05-25 19:41 - 2010-05-25 19:41 - 0460088 _____ () C:\Program Files\setup.exe
2010-05-25 18:46 - 2010-05-25 18:46 - 0000290 _____ () C:\Program Files\setup.ini
2012-12-03 18:29 - 2012-12-03 18:29 - 0000288 _____ () C:\Users\Nikos\AppData\Roaming\.backup.dm
2010-05-14 02:38 - 2010-05-14 02:45 - 0001028 _____ () C:\Users\Nikos\AppData\Roaming\AVIEncoder.wff
2008-12-11 21:53 - 2009-01-03 20:59 - 0000000 _____ () C:\Users\Nikos\AppData\Roaming\AVSDVDPlayer.m3u
2008-04-06 19:57 - 2014-03-24 00:25 - 0000196 _____ () C:\Users\Nikos\AppData\Roaming\Default.PLS
2009-01-02 13:24 - 2009-01-04 17:45 - 0081920 _____ () C:\Users\Nikos\AppData\Roaming\ezpinst.exe
2008-06-05 17:51 - 2011-09-25 20:41 - 0087608 _____ () C:\Users\Nikos\AppData\Roaming\inst.exe
2008-06-05 17:51 - 2011-09-25 20:41 - 0007887 _____ () C:\Users\Nikos\AppData\Roaming\pcouffin.cat
2008-06-05 17:51 - 2011-09-25 20:41 - 0001144 _____ () C:\Users\Nikos\AppData\Roaming\pcouffin.inf
2008-06-05 17:51 - 2011-09-25 20:41 - 0000055 _____ () C:\Users\Nikos\AppData\Roaming\pcouffin.log
2008-06-05 17:51 - 2011-09-25 20:41 - 0047360 _____ (VSO Software) C:\Users\Nikos\AppData\Roaming\pcouffin.sys
2008-04-03 20:12 - 2013-09-14 11:07 - 0000460 _____ () C:\Users\Nikos\AppData\Roaming\wklnhst.dat
2011-01-19 13:57 - 2015-11-02 19:45 - 0001188 _____ () C:\Users\Nikos\AppData\Local\crc32list11.txt
2008-04-03 23:34 - 2015-07-19 18:01 - 0008268 _____ () C:\Users\Nikos\AppData\Local\d3d9caps.dat
2008-04-04 22:21 - 2015-12-23 14:55 - 0146944 _____ () C:\Users\Nikos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-04-03 18:39 - 2008-04-03 18:39 - 0000093 _____ () C:\Users\Nikos\AppData\Local\fusioncache.dat
2008-05-19 11:27 - 2008-05-19 11:27 - 0000022 _____ () C:\ProgramData\60a7806a-0eea-424c-a464-20f4730cd631
2008-04-08 17:59 - 2008-04-08 17:59 - 0000305 _____ () C:\ProgramData\addr_file.html
2008-04-03 19:18 - 2010-01-22 19:35 - 0021183 _____ () C:\ProgramData\hpzinstall.log
2010-05-14 15:19 - 2010-05-21 01:07 - 0034901 _____ () C:\ProgramData\nvModes.001
2010-05-14 15:19 - 2010-05-21 01:07 - 0034901 _____ () C:\ProgramData\nvModes.dat
2008-04-25 20:34 - 2008-04-25 20:34 - 0004977 _____ () C:\ProgramData\ywasvxup.hvs

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Public\dcmsvcsetup.exe
C:\Users\Public\invokesi.exe


Einige Dateien in TEMP:
====================
C:\Users\Nikos\AppData\Local\Temp\AskSLib.dll
C:\Users\Nikos\AppData\Local\Temp\avgnt.exe
C:\Users\Nikos\AppData\Local\Temp\GdiPlus.dll
C:\Users\Nikos\AppData\Local\Temp\NPSInstallerProxyMessageBoxHookDll.dll
C:\Users\Nikos\AppData\Local\Temp\sfareca00001.dll
C:\Users\Nikos\AppData\Local\Temp\sfextra.dll
C:\Users\Nikos\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-30 20:34

==================== Ende vom FRST.txt ============================
         
--- --- ---

Alt 30.12.2015, 23:29   #8
karaiskaki
 
Heitmann Metallhandel  Makros Virus - Standard

FRST Addition



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:30-12-2015
durchgeführt von Nikos (2015-12-30 22:20:03)
Gestartet von C:\Users\Nikos\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) (2008-04-03 17:29:46)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1865184633-4289980622-1215388488-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1865184633-4289980622-1215388488-1002 - Limited - Enabled)
Gast (S-1-5-21-1865184633-4289980622-1215388488-501 - Limited - Disabled)
IUSR_NMPR (S-1-5-21-1865184633-4289980622-1215388488-1003 - Limited - Enabled) => C:\Users\IUSR_NMPR
Nikos (S-1-5-21-1865184633-4289980622-1215388488-1004 - Administrator - Enabled) => C:\Users\Nikos

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

12th Century BlackJack 2.1.3  (HKLM\...\12th Century BlackJack) (Version: 2.1.3 - hxxp://www.bksoft.de)
32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
3D-Fahrschule Demo (HKLM\...\3D-Fahrschule Demo) (Version:  - )
3GP Video Converter 3 (HKLM\...\3GP Video Converter 3) (Version: 3.1.8.0720b - Xilisoft)
7-Zip 4.65 (HKLM\...\7-Zip) (Version:  - )
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
ALDI Foto Manager Free Nord (HKLM\...\ALDI Foto Manager Free Nord D) (Version: 3.4.0.466 - MAGIX AG)
ALDI Foto Service Nord (HKLM\...\ALDI Foto Service Nord D) (Version: 1.12.0.93 - MAGIX AG)
ALDI Online Druck Service (Nord) (HKLM\...\ALDI Online Druck Service (Nord)) (Version:  - )
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArmA 2 Uninstall (HKLM\...\ArmA 2) (Version:  - )
Asterix bei den Olympischen Spielen (HKLM\...\Asterix at the Olympic Games) (Version:  - Atari)
AudioCon (HKLM\...\AudioCon) (Version: 1.0 - Basement Softworks)
AVIConverter 2.1 (HKLM\...\AVIConverter) (Version: 2.1 - )
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
AviSynth 2.5 (HKLM\...\AviSynth) (Version:  - )
BattlEye Uninstall (HKLM\...\BattlEye for A2) (Version:  - )
Bing Bar (HKLM\...\{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}) (Version: 7.1.361.0 - Microsoft Corporation)
Blaze Media Pro (HKLM\...\Blaze Media Pro) (Version:  - Mystik Media)
Blaze Media Pro (Version: 8.0 - Mystik Media) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 82.0.173.000 - Hewlett-Packard) Hidden
calibre (HKLM\...\{0830C2E8-01B9-4CD1-B218-12B0107D5BED}) (Version: 0.9.10 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D1300 (Version: 82.0.233.000 - Hewlett-Packard) Hidden
D1300_Help (Version: 82.0.233.000 - Hewlett-Packard) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Die Siedler 2 - Die nächste Generation - Demoversion (HKLM\...\S2TNGDemo) (Version:  - )
Diercke Globus (HKLM\...\Diercke Globus) (Version: 1.1 - Imagon GmbH)
dolp_demo (HKLM\...\{6CA671A5-954C-4B75-8104-7B085246A8B5}) (Version: 1.0.0.0 - Maze)
DVD Decrypter (Remove Only) (HKLM\...\DVD Decrypter) (Version:  - )
DVD2one V2.2.1 (HKLM\...\DVD2one V2) (Version: 2.2.1 - Eximius B.V.)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 16.1.16835 - Landesfinanzdirektion Thüringen)
EmptyInstaller2 (HKLM\...\{6473B3D0-B05C-4D2F-A7EC-BECB512FCB14}) (Version: 1.0.0.0 - Maze)
Facebook Plug-In (HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\Facebook Plug-In) (Version:  - Facebook, Inc.)
Facebook Plug-In (HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Facebook Plug-In) (Version:  - Facebook, Inc.)
Facebook Plug-In (HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Facebook Plug-In) (Version:  - Facebook, Inc.)
Facebook Plug-In (HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Facebook Plug-In) (Version:  - Facebook, Inc.)
FileConverter 1.3 Toolbar (HKLM\...\FileConverter_1.3 Toolbar) (Version: 6.9.0.16 - FileConverter 1.3)
Find Junk Files (HKLM\...\Find Junk Files) (Version:  - )
Firebird SQL Server - MAGIX Edition (HKLM\...\Firebird SQL Server D) (Version: 2.0.1.8 - MAGIX AG)
Fußball WM-Chronik (HKLM\...\InstallShield_{50C5FC87-CDF3-445E-86CE-FE4F7703F075}) (Version: 1.00.0000 - USM)
Fußball WM-Chronik (Version: 1.00.0000 - USM) Hidden
GBalph NDSMovie Converter V1.00 (HKLM\...\{5B4F13B0-62C4-4F70-B9A6-3788196EC972}) (Version: 1.00.0000 - GBalpha)
Google Chrome (HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Chrome (HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: - - Google)
Google Earth (HKLM\...\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}) (Version: 4.3.7284.3916 - Google)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
GSGÂ*eXtract (HKLM\...\GSGÂ*eXtract) (Version:  - )
HP Deskjet & Photosmart Printer Driver Software 8.0.A (HKLM\...\{981DE354-9301-440f-AAFC-025AA2354A93}) (Version: 8.0 - HP)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (HKLM\...\{9FAAE06C-DEDD-4299-B88D-1F9AD5E1547F}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Hilfe (HKLM\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.3341 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM\...\{787D1A33-A97B-4245-87C0-7174609A540C}) (Version: 5.002.005.003 - Hewlett-Packard)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.4.4.0 - LIGHTNING UK!)
ImTOO MPEG Encoder (HKLM\...\ImTOO MPEG Encoder) (Version: 3.1.54.0404b - ImTOO)
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
Intel(R) PRO Network Connections 12.2.41.0 (HKLM\...\PROSetDX) (Version: 12.2.41.0 - Intel)
Intel® Viiv™ Software (HKLM\...\Intel(R) Configuration Center) (Version: 1.7.512.0 - Intel Corporation)
iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
JAP (HKLM\...\JAP) (Version: 00.010.003 - JAP-Team)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LetsTrade Komponenten (HKLM\...\LetsTrade) (Version:  - )
LibreOffice 4.4.3.2 (HKLM\...\{A651A592-2F6C-4D66-AEA8-9BFE4B61BCB3}) (Version: 4.4.3.2 - The Document Foundation)
livetvbar Toolbar (HKLM\...\livetvbar Toolbar) (Version:  - )
LookDisk (HKLM\...\LookDisk) (Version:  - )
M3 SAKURA V1.42 European (GAME PATCH V4.5Beta) (HKLM\...\{ADE237A0-0B2B-4009-AE91-3FF0989C28CD}) (Version: 1.4.2 - GBalpha)
M3 SAKURA V1.47 Global (GAME PATCH V4.8b) (HKLM\...\{F3FB33E7-6058-4C95-8FCE-9C0E01EAF946}) (Version: 1.4.7 - GBalpha)
Magical Kingdom (HKLM\...\{E50CE67B-9E1F-4638-AD3A-D33C7889D23E}) (Version: 1.0.0.3 - Maze)
MakeDisc (HKLM\...\{B145EC69-66F5-11D8-9D75-000129760D75}) (Version: 3.0.2516 - CyberLink Corp.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Max Payne 2 (HKLM\...\{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}) (Version: 1.01.102 - )
MCE Software Encoder 1.1 (HKLM\...\{7655E113-C306-11D9-A373-0050BAE317E1}) (Version: 1.1.0.1918 - CyberLink Corporation)
Media Converter SA Edition 0.8 (HKLM\...\Media Converter SA Edition) (Version: 0.8 - Pascal Beyeler)
MediaShow (HKLM\...\{D5A9B7C0-8751-11D8-9D75-000129760D75}) (Version: 3.0.4325 - CyberLink Corporation)
MEDION Fotos auf CD Nord (HKLM\...\MEDION Fotos auf CD Nord D) (Version: 6.0.2.0 - MAGIX AG)
MEDIONbox (HKLM\...\{27FDF949-69CE-435A-8372-339F72336AC5}) (Version: 1.09.0000.00050 - Medion)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB953297) (HKLM\...\M953297) (Version:  - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Automated Troubleshooting Services Shim (HKLM\...\{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb) (Version:  - )
Microsoft Office 2000 Premium (HKLM\...\{00000407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Microsoft Office Excel Viewer 2003 (HKLM\...\{90840407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mobipocket Reader 6.2 (HKLM\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Moorhuhn 3 DL (HKLM\...\{FF895069-BD9A-11D5-986D-00500443CF9F}) (Version:  - )
Moorhuhn Kart 2 XS (HKLM\...\{DDABECD7-C579-4477-8B5F-B817AF54B2DC}) (Version:  - )
MOV Converter 3 (HKLM\...\MOV Converter 3) (Version: 3.1.8.0720b - Xilisoft)
Movavi Video Converter 6 (HKLM\...\{F2DF7839-7B71-4E34-BB8D-552E182082C9}) (Version: 6.03.000 - MOVAVI)
Mozilla Firefox 43.0.2 (x86 de) (HKLM\...\Mozilla Firefox 43.0.2 (x86 de)) (Version: 43.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.2.5833 - Mozilla)
MP3 Player Utilities 3.68 (HKLM\...\{5DFDB75C-DA8C-45DB-987C-67000BB6C3B9}) (Version: 1.0.0 - myMPxPlayer.org)
MP3 Player Utilities 4.00 (HKLM\...\{7784A172-61F1-445E-8368-601607E0DD22}) (Version: 4.00 -  )
MP3 Player Utilities 4.15 (HKLM\...\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}) (Version: 4.15 -  )
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 Essentials (HKLM\...\{5BB977A4-E843-4E31-9859-745F442B1031}) (Version: 8.10.284 - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}) (Version: 6.83.9.0 - Nokia)
Nokia Lifeblog 2.5 (HKLM\...\{E94603CA-2996-4154-8EE2-A5FCD4BFB500}) (Version: 2.5.224 - Nokia)
Nokia NSeries Application Installer (HKLM\...\{FD349381-D79C-4E5C-8980-015DFFB962D5}) (Version: 6.82.15 - Nokia)
Nokia NSeries Content Copier (HKLM\...\{F779EC8D-6703-4C4A-817C-37B07898E647}) (Version: 6.82.15 - Nokia)
Nokia NSeries One Touch Access (HKLM\...\{F4EE8763-EAA8-4BC1-8594-8501F5F00414}) (Version: 6.82.15 - Nokia)
Nokia NSeries System Utilities (HKLM\...\{96E94E18-54D6-42C1-8FC4-24DACEDC3395}) (Version: 6.82.16 - Nokia)
Nokia Software Launcher (HKLM\...\{A8C856AD-63CD-4613-AA29-E6C85607EA06}) (Version: 1.6.80 - Nokia)
Nokia Software Updater (HKLM\...\{3186AEAE-E104-424D-9152-1BF6A4404758}) (Version: 01.03.085.28569 - Nokia Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
O&O MediaRecovery (HKLM\...\{53480870-02D8-48FB-BC27-72C956885168}) (Version: 4.1.1322 - O&O Software GmbH)
OpenOffice 4.1.1 Language Pack (German) (HKLM\...\{68AF7AB8-E018-40D9-B703-0129274FDBAE}) (Version: 4.11.9775 - Apache Software Foundation)
OpenOffice 4.1.2 (HKLM\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Opera 9.52 (HKLM\...\{E1A88DE8-BD36-4DEA-8DD8-E35EF475ADC7}) (Version: 9.52 - Opera Software ASA)
PC Connectivity Solution (HKLM\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.5 - Frank Heindörfer, Philip Chinery)
Phoenix Backup Professional (HKLM\...\{BF34527D-7B27-43AD-9994-7B3ABCEF3625}) (Version: 3.5.000 - SYDATEC)
PhotoNow! (HKLM\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.0.4310 - CyberLink Corp.)
PixiePack Codec Pack (HKLM\...\{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}) (Version: 0.10.6.0 - None)
PlayStation(R)Network Downloader (HKLM\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.02.00076 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 3.1.8.07881 - Sony Computer Entertainment Inc.)
PokerStars (HKLM\...\PokerStars) (Version:  - PokerStars)
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2209a - CyberLink Corp.)
PowerDirector (Version: 6.5.2209a - CyberLink Corp.) Hidden
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3118.0 - CyberLink Corporation)
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 4.2.2504 - CyberLink Corp.)
Prism Video Converter (HKLM\...\Prism) (Version:  - NCH Software)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RealArcade (HKLM\...\RealArcade 1.2) (Version:  - )
RealPlayer (HKLM\...\RealPlayer 12.0) (Version:  - RealNetworks)
RealUpgrade 1.0 (Version: 1.0.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.60 (HKLM\...\Revo Uninstaller) (Version: 1.60 - VS Revo Group)
RonyaSoft CD DVD Label Maker 2.01 (HKLM\...\RonyaSoft CD DVD Label Maker) (Version: 2.01 - RonyaSoft)
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio USB Driver Installer (HKLM\...\InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio USB Driver Installer (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
SamsungConnectivityCableDriver (HKLM\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
Sceneo AbsolutTV (HKLM\...\{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}) (Version:  - )
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
SF_CDA_ProductContext (Version: 82.0.233.000 - Hewlett-Packard) Hidden
SF_CDA_Software (Version: 82.0.233.000 - Hewlett-Packard) Hidden
Silverjuke 2.51 (HKLM\...\Silverjuke) (Version: 2.51 - Bjoern Petersen Software Design and Development)
SLD CODEC PACK 1.5.3 (HKLM\...\SLD CODEC PACK 1.5.3) (Version:  - )
SopCast 3.0.3 (HKLM\...\SopCast) (Version: 3.0.3 - SopCast.com)
Speckie (HKLM\...\{C1A4F1E2-46E6-4EEE-B183-B10908BEF30F}) (Version: 5.9.1 - Versoworks)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Steganos Safe OEM (HKLM\...\{9A4F72EE-8378-49BD-8C10-301E25907B5B}) (Version: 10.0.2 - Steganos GmbH)
Stream Torrent 1.0 (HKLM\...\StreamTorrent 1.0) (Version:  - )
Studie zur Verbesserung von HP Deskjet 2050 J510 series Produkten (HKLM\...\{B23B43B5-DDDC-41DA-9700-F334744E694E}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
SUPER RTL - Clubs 2.1 (HKLM\...\SUPER RTL - Clubs) (Version: 2.1 - SynthiCon AG)
Switch Sound File Converter (HKLM\...\Switch) (Version:  - NCH Swift Sound)
System Requirements Lab for Intel (HKLM\...\{F7FC9307-374E-4017-8E9D-DE1154780480}) (Version: 4.1.66.0 - Husdawg, LLC)
Systemsteuerung "MobileMe" (HKLM\...\{6DA9102E-199F-43A0-A36B-6EF48081A658}) (Version: 2.1.0.24 - Apple Inc.)
Tobit.Software ClipInc (HKLM\...\Tobit ClipInc Server) (Version:  - Tobit.Software)
Toolbox (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Treiber-Studio Heft-Ausgabe 1.5.0.0  (HKLM\...\Treiber-Studio Heft-Ausgabe) (Version: 1.5.0.0 - )
TV Enhance (HKLM\...\{E4C891D6-6844-41B8-86E8-633CACCC644F}) (Version: 1.0.4916 - CyberLink Corp.)
TVAnts 1.0 (HKLM\...\TVAnts 1.0) (Version:  - )
TVsweeper 3 (HKLM\...\{588D9F5F-8C62-4421-BAE9-CCAA57D4E4EE}) (Version: 3.0.3 - Sonavis)
Ulead PhotoImpact 12 (HKLM\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
UnloadSupport (Version: 1.00.0000 - Hewlett-Packard) Hidden
Unlocker 1.8.7 (HKLM\...\Unlocker) (Version: 1.8.7 - Cedrick Collomb)
USB Multi-Channel Audio Device (HKLM\...\C-Media CM106 Like Sound Driver) (Version:  - )
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
Veetle TV 0.9.18 (HKLM\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
Videora iPod Converter 3.00 (HKLM\...\Videora iPod Converter) (Version: 3.00 - Red Kawa Inc.)
Vista Codec Package (HKLM\...\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}) (Version: 4.6.5 - Shark007)
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
WebReg (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.541  - Nullsoft, Inc)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile-Gerätecenter (HKLM\...\{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8}) (Version: 6.0.6783.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{CB8CA439-DA83-419C-A4CF-5A0A50025144}) (Version: 6.0.6783.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (HKLM\...\3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F) (Version: 10/12/2007 6.85.4.0 - Nokia)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
WISO Mein Geld 2008 Professional (HKLM\...\{D8D22773-14BF-4178-A683-3DBA515C2A26}) (Version: 9.00.01.0023 - Buhl Data Service GmbH)
WISO Sparbuch 2009 (HKLM\...\{00C58EBE-223E-4AB6-8AE9-38F27F4420BD}) (Version: 16.00.6228 - Buhl Data Service GmbH)
WISO Sparbuch 2010 (HKLM\...\{46B70DEB-97B3-4E38-B746-EC16905E6A8F}) (Version: 17.00.6531 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2011 (HKLM\...\{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}) (Version: 18.00.6928 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2012 (HKLM\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2013 (HKLM\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM\...\{E27015CD-CE60-4D7A-A194-1EDB6F0294B8}) (Version: 21.00.8480 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2015 (HKLM\...\{4A07FBD0-6B15-4066-81BE-9C6F56BF3374}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Wonderland (HKLM\...\Wonderland) (Version:  - )
X10 Hardware(TM) (HKLM\...\X10Hardware) (Version:  - )
XBMC (HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\XBMC) (Version:  - Team XBMC)
XBMC (HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\XBMC) (Version:  - Team XBMC)
Xilisoft DVD Creator (HKLM\...\Xilisoft DVD Creator) (Version: 3.0.39.1212 - Xilisoft)
Xilisoft Video Converter (HKLM\...\Xilisoft Video Converter) (Version: 3.1.34.0629b - Xilisoft)
XMedia Recode 2.0.5.3 (HKLM\...\XMedia Recode) (Version: 2.0.5.3 - Sebastian Dörfler)
XP Codec Pack (HKLM\...\XP Codec Pack) (Version:  - )
Yahoo! Install Manager (HKLM\...\YInstHelper) (Version:  - )
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )
Yahoo! Suche Schutzvorkehrung (HKLM\...\Yahoo! Search Defender) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{00021401-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.135\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.99\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.25.5\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.69\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{3050F4F5-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.79\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{32C3FEAE-0877-4767-8C20-62A5829A0945}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Roaming\Facebook\axfbootloader.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.23.9\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{5C4094D7-4213-4C40-9E33-16A2D2D69EF2}\InprocServer32 -> C:\Program Files\Sony\PlayStation Store\StoreDrmUtility.dll (Sony Computer Entertainment Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> "C:\Users\Nikos\AppData\Local\Google\Chrome\Application\39.0.2171.95\delegate_execute.exe" => Keine  (Der Dateneintrag hat 5 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.145\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.123\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.153\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{7057E952-BD1B-11D1-8919-00C04FC2C836}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.24.15\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.22.3\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.165\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{A5DC33CE-214B-4C26-8596-8A45456C9EB8}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{BEE9C324-3E00-11D4-823D-00D0B74C5265}\localserver32 -> C:\Program Files\Real\RealArcade\RNArcade.exe (RealNetworks)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.115\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{C98FE784-B96E-41e1-8399-1337AE3E539F}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.25.11\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{D7B70EE0-4340-11CF-B063-0020AFC2CD35}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{DA5F0C98-4A7B-4C92-915E-4BE1BC95DE99}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.25.11\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.22.5\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.21.111\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Google\Update\1.3.24.7\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003_Classes\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{00021401-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.135\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.99\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.5\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.27.5\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.69\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{3050F4F5-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.79\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{32C3FEAE-0877-4767-8C20-62A5829A0945}\InprocServer32 -> C:\Users\Nikos\AppData\Roaming\Facebook\axfbootloader.dll ( )
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.23.9\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{5C4094D7-4213-4C40-9E33-16A2D2D69EF2}\InprocServer32 -> C:\Program Files\Sony\PlayStation Store\StoreDrmUtility.dll (Sony Computer Entertainment Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Chrome\Application\47.0.2526.106\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.28.1\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.145\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.123\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.153\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{7057E952-BD1B-11D1-8919-00C04FC2C836}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.28.13\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.24.15\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.22.3\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.165\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{A5DC33CE-214B-4C26-8596-8A45456C9EB8}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{BEE9C324-3E00-11D4-823D-00D0B74C5265}\localserver32 -> C:\Program Files\Real\RealArcade\RNArcade.exe (RealNetworks)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.26.9\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.115\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{C98FE784-B96E-41e1-8399-1337AE3E539F}\InprocServer32 -> C:\Users\Nikos\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.25.11\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.28.15\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{D7B70EE0-4340-11CF-B063-0020AFC2CD35}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{DA5F0C98-4A7B-4C92-915E-4BE1BC95DE99}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.29.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.22.5\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.21.111\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Nikos\AppData\Local\Google\Update\1.3.24.7\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004_Classes\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InprocServer32 -> kein Dateipfad

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00BE7185-5F1A-43C0-841C-E8AD68D8BBC4} - System32\Tasks\{10B97F12-AA7F-4903-A405-D74A04A02705} => pcalua.exe -a E:\SetupAssistant.exe -d E:\
Task: {0B3E7A5F-B901-4D04-9259-C015B138F1CC} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {0F4F6AF1-C77D-4E08-85D9-FEBB65E5E4ED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {11B0894E-EBCE-4AAB-8F8B-4013E73385A2} - System32\Tasks\{94080AF5-9C42-4005-81E6-24B1E650BC1E} => pcalua.exe -a C:\Users\Nikos\Downloads\unlocker1.8.7.exe -d C:\Users\Nikos\Downloads
Task: {12B11D5D-2993-47F4-9270-46E04933A8CF} - System32\Tasks\{F3E24BE1-F331-4D0D-BD46-503BDEE7717D} => pcalua.exe -a "C:\Users\Nikos\Desktop\ALLES FÃœR NDS\Lunar IPS.exe" -d "C:\Users\Nikos\Desktop\ALLES FÃœR NDS"
Task: {168BA2CF-94D6-474B-B659-3283CB39D762} - System32\Tasks\{240A4E2B-8314-403B-BF24-ADFDFE93354C} => pcalua.exe -a "C:\Users\Nikos\Desktop\Neuer Ordner (2)\Mobile_Partner_11.030.01.07.03.exe" -d "C:\Users\Nikos\Desktop\Neuer Ordner (2)"
Task: {16E4CC5F-7DF7-4BFC-92C0-9EC968B3B6BF} - System32\Tasks\{00BF5DC6-FDDC-48BF-9017-04EEC67AE43F} => pcalua.exe -a C:\Users\Nikos\Desktop\sw5_6520_eu.exe -d C:\Users\Nikos\Desktop
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {231E0501-6AC1-420F-8A83-EF999F81EAA7} - System32\Tasks\{DF09BE72-43DD-4305-9F7E-A1774FCDB454} => pcalua.exe -a C:\Users\Nikos\Desktop\XMediaRecode2053_setup.exe -d C:\Users\Nikos
Task: {2708CB5F-8F92-4B5C-83A6-E1A97D7E2EF9} - System32\Tasks\{99BABFB4-4F16-4BD4-A05B-BFF67E26FB78} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {2AEABF7F-795C-4666-8B09-18E661369557} - System32\Tasks\{120445C3-D540-456D-8DF0-70E4FF15F2B1} => pcalua.exe -a "C:\Users\Nikos\Desktop\Moorhuhn\Moorhuhn.DIRECTORS.CUT-Mohsen6558\Moorhuhn directors cut\Setup.exe" -d "C:\Users\Nikos\Desktop\Moorhuhn\Moorhuhn.DIRECTORS.CUT-Mohsen6558\Moorhuhn directors cut"
Task: {321CA7E7-C48A-4A10-8BF4-395321F9A4C8} - System32\Tasks\{B44C65CF-D43C-488A-B75E-A987F4403661} => pcalua.exe -a C:\Users\Nikos\Downloads\wmp11-windowsxp-x86-DE-DE.exe -d C:\Users\Nikos
Task: {34533105-4D81-4652-9399-B189F4B2FE73} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1865184633-4289980622-1215388488-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {364076C4-05DA-4B85-AD23-C7B6967E5EF1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29] (Adobe Systems Incorporated)
Task: {3BE9D675-0541-42C7-8ACF-D15A48FB9B5E} - System32\Tasks\{A138F0C9-67D3-44F5-BAB5-2B7BD156D5D2} => pcalua.exe -a "C:\Program Files\VistaCodecPack\Tools\InstalledCodec.exe" -d "C:\Program Files\VistaCodecPack\Tools\"
Task: {44D97E15-7636-481C-A83F-EA46F946D820} - System32\Tasks\{4CB191AA-F68D-49DB-A863-211EF758A25A} => pcalua.exe -a C:\PROGRA~1\MICROS~3\Office12\Moc.exe -d "C:\Users\Nikos\Desktop\Neuer Ordner" -c "C:\Users\Nikos\Desktop\Neuer Ordner\PresentationLoad-3D-Vorlagen.pptx"
Task: {515414C4-74D2-47E4-87E5-49E4DC94DA89} - System32\Tasks\{49ACCF4B-A098-495D-B44D-BC8B6B22F590} => pcalua.exe -a E:\setup.exe -d E:\
Task: {55783787-C5DE-4049-A0DC-0F43EF7F6694} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2010-06-14] (Hewlett-Packard Co.)
Task: {587F68AD-9635-47E2-B647-17F90CD838D1} - System32\Tasks\{8265807A-6E3A-42BF-87FD-BC6D234158EF} => pcalua.exe -a "C:\Program Files\eRightSoft\SUPER\Setup.exe" -d "C:\Program Files\eRightSoft\SUPER" -c /remove
Task: {6F3BEC83-FEB2-47C9-828E-811D071213FE} - System32\Tasks\{C79FFAE0-15D5-4CD4-A837-C2B4C989D0F7} => pcalua.exe -a C:\Users\Nikos\Desktop\CONVERTOREN\MagicDVDCopier471.exe -d C:\Users\Nikos\Desktop\CONVERTOREN
Task: {71439A45-A908-4FBD-9532-01BD7546FF86} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {74BDEF06-C4BF-4CB1-BD36-6D638DE3C525} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004Core => C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {76D771A3-F641-4632-86D4-5B046570B782} - System32\Tasks\{A8AD5988-D9CA-4A4E-9720-FE24DC271413} => pcalua.exe -a c:\Users\Nikos\Downloads\Setup-SopCast-3.0.3-2008-4-30.exe
Task: {828A5067-4CE7-4486-A184-C42486F77710} - System32\Tasks\{F097281D-838A-42E8-A844-C8ADA88F8AB9} => pcalua.exe -a J:\OO\DE\OOMediaRecoveryDeu.exe -d J:\OO\DE
Task: {87D918BE-41E3-4159-886B-5A3E0663557E} - System32\Tasks\{6733710C-AD59-4A51-A4E9-EE2E051299F6} => pcalua.exe -a "C:\Program Files\PCast\uninst.exe"
Task: {89654B80-80E6-42EE-8043-724DCFD1FD64} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004UA => C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8B062C8A-4FBF-4301-810A-2B561E597E27} - System32\Tasks\{B917E915-7176-416B-84AF-BB4B3928F942} => pcalua.exe -a E:\setup.exe -d E:\
Task: {8EAA433D-C477-4212-BD86-11E9CAE95FC6} - System32\Tasks\{68BA138E-CE37-4BB1-AE38-B9D802DE5949} => pcalua.exe -a C:\Users\Nikos\Downloads\mp4_Driver\setup.exe -d C:\Users\Nikos\Downloads\mp4_Driver
Task: {91DD65D7-2879-4B03-844F-CF93A2E889E2} - System32\Tasks\{A4B3955B-0085-4D2A-86DB-84BCC6717498} => pcalua.exe -a c:\Users\Nikos\Downloads\unlocker1.8.6.exe
Task: {A48CC989-C9EC-4341-90FD-D0D66BD5C933} - System32\Tasks\{09C787DC-5B2A-4639-892E-88B38736CBDC} => pcalua.exe -a C:\Windows\system32\BDEADMIN.CPL -c BDE-Verwaltung
Task: {AD4E1F21-77C3-40A8-9D3F-D2B8251EEAFC} - System32\Tasks\{9B8C3F0E-BFA7-487F-A081-B084CCF19051} => pcalua.exe -a "C:\Users\Nikos\Desktop\Neuer Ordner\Mobile_Partner_11.030.01.07.03.exe" -d "C:\Users\Nikos\Desktop\Neuer Ordner"
Task: {B0669124-F4BB-4830-896B-6DC9B2E67E60} - System32\Tasks\{2485666A-3E32-49BA-A08A-F99057EF1BF1} => pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {B3C8AECE-C0D6-4B02-A53D-5CC394AE0A0C} - System32\Tasks\{DC586420-D732-4F9C-A7A9-B8D002BE913B} => pcalua.exe -a C:\PROGRA~1\MICROS~3\OFFICE11\XLVIEW.EXE -d C:\Users\Nikos\Desktop -c /e
Task: {B708D72F-1990-4815-BD13-E9008EEAC32E} - System32\Tasks\{FF41816C-8E44-41D5-9BEA-B70EEBAD5032} => pcalua.exe -a C:\Users\Nikos\Desktop\CONVERTOREN\XMediaRecode2053_setup.exe -d C:\Users\Nikos\Desktop\CONVERTOREN
Task: {BDAA8694-C6F2-4808-9DE1-4CC263839631} - System32\Tasks\{CB70345E-703A-4568-A356-0E6220B64A31} => pcalua.exe -a C:\Users\Nikos\Downloads\Nero-9.2.6.0_trial.exe -d C:\Users\Nikos
Task: {BEBEE22A-268D-4AEA-A761-134B522FDB70} - System32\Tasks\{8E467004-6634-4237-9451-BF9CBACBC7E6} => pcalua.exe -a C:\Users\Nikos\Desktop\Slim1200_de.exe -d C:\Users\Nikos\Desktop
Task: {C0985CF5-FA42-43A9-BED4-F77CF93C4906} - System32\Tasks\{4C1E1956-1384-4CA0-904C-DF3140E27077} => pcalua.exe -a "C:\Users\Nikos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GYSQSP8D\GoogleToolbarInstaller[1].exe" -d C:\Users\Nikos
Task: {C0F5EDF9-B795-4E12-B225-F5868EFBC3EA} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1865184633-4289980622-1215388488-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {CB1FE278-9807-4AE8-B278-E4C6DFF9F439} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-22] (Google)
Task: {DB95491E-2E0B-4DCB-94E4-3281FE7D57E7} - System32\Tasks\{BE3C389D-1E10-4065-9A05-49F75A345419} => pcalua.exe -a C:\Users\Nikos\Desktop\mp4_Driver\setup.exe -d C:\Users\Nikos\Desktop\mp4_Driver
Task: {EE0B0FF5-AF20-4CCA-8BAE-A4EE63F04AC4} - System32\Tasks\{608EE20C-4384-4796-81DC-0F7910E95E88} => pcalua.exe -a "C:\Users\Nikos\Desktop\MP3 Player Utilities 4.15_www.MegaLeecher.Net\InstMsiW.exe" -d "C:\Users\Nikos\Desktop\MP3 Player Utilities 4.15_www.MegaLeecher.Net"
Task: {F55F85D3-8FDE-479E-82E0-A9BB339AA8E2} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {F81B7673-7CD7-417D-9362-A1058B1731CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004Core.job => C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1865184633-4289980622-1215388488-1004UA.job => C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1865184633-4289980622-1215388488-1004.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1865184633-4289980622-1215388488-1004.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Nikos\Downloads\Documents\eBay - Der weltweite Online-Marktplatz.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4
ShortcutWithArgument: C:\Users\Nikos\Desktop\DESKTOP\VistaCodecs\Common Tools\Make a Donation.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxps://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=thom007%40hotmail%2ecom&item_name=Vista%20Codec%20Package&no_shipping=2&no_note=1&tax=0&currency_code=USD&lc=CA&bn=PP%2dDonationsBF&charset=UTF%2d8
ShortcutWithArgument: C:\Users\Nikos\Desktop\DESKTOP\VistaCodecs\Common Tools\VistaCodecs HomePage.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://shark007.testbox.dk
ShortcutWithArgument: C:\Users\Nikos\Desktop\DESKTOP\PLAYER\MEDIONload.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.medionload.de
ShortcutWithArgument: C:\Users\Nikos\Desktop\DESKTOP\PLAYER\MEDIONmusic.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.medionmusic.com
ShortcutWithArgument: C:\Users\Nikos\Desktop\CONVERTOREN\VistaCodecs\Common Tools\Make a Donation.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxps://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=thom007%40hotmail%2ecom&item_name=Vista%20Codec%20Package&no_shipping=2&no_note=1&tax=0&currency_code=USD&lc=CA&bn=PP%2dDonationsBF&charset=UTF%2d8
ShortcutWithArgument: C:\Users\Nikos\Desktop\CONVERTOREN\VistaCodecs\Common Tools\VistaCodecs HomePage.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://shark007.testbox.dk

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2008-06-25 13:17 - 2008-06-07 08:09 - 00022832 _____ () C:\Windows\System32\win2pdfm.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2007-02-12 11:46 - 2007-02-12 11:46 - 00208896 _____ () C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
2009-12-31 13:33 - 2009-12-31 13:33 - 03391488 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_ed7d69e2\mscorlib.dll
2009-12-31 13:33 - 2009-12-31 13:33 - 01966080 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_f0970aa0\system.dll
2009-12-31 13:33 - 2009-12-31 13:33 - 03018752 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_ec1cfc11\system.windows.forms.dll
2009-12-31 13:33 - 2009-12-31 13:33 - 02088960 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_3dac4b7b\system.xml.dll
2008-02-19 14:14 - 2007-04-13 18:14 - 00006656 _____ () c:\program files\medion\medionbox\program\structconverter.dll
2009-09-17 10:31 - 2009-04-11 07:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll
2009-04-27 01:43 - 2008-10-20 21:18 - 00071096 _____ () C:\Program Files\CDBurnerXP\NMSAccessU.exe
2008-02-19 14:32 - 2007-01-09 10:25 - 00272024 ____N () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2010-10-14 11:57 - 2010-10-14 11:57 - 00040960 _____ () C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2008-05-02 05:15 - 2008-05-02 05:15 - 00010240 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2008-10-01 14:24 - 2008-10-01 14:24 - 00147456 _____ () C:\Program Files\Steganos Safe OEM\ShellExtension.dll
2008-04-04 12:30 - 2007-09-20 17:34 - 00129024 _____ () C:\Program Files\WinRAR\rarext.dll
2005-07-22 07:21 - 2005-07-22 07:21 - 00032768 _____ () C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\AmvTransform.dll
2010-01-14 15:59 - 2009-10-07 21:28 - 00200704 _____ () C:\Program Files\ImageConverter Plus\gpgate.dll
2010-01-14 15:59 - 2009-10-07 21:22 - 01183744 _____ () C:\Program Files\ImageConverter Plus\FCRTL.dll
2010-01-14 15:59 - 2009-10-07 21:24 - 01339392 _____ () C:\Program Files\ImageConverter Plus\fcnv.dll
2010-01-14 15:59 - 2009-10-07 21:22 - 06803456 _____ () C:\Program Files\ImageConverter Plus\fpdf.dll
2010-01-14 15:59 - 2009-10-07 21:18 - 00020992 _____ () C:\Program Files\ImageConverter Plus\MemHandler.dll
2008-04-05 22:13 - 2007-10-19 16:42 - 00114780 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLSchMgr.dll
2008-04-05 22:13 - 2007-10-19 16:42 - 00032768 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLCapSvcps.dll
2008-04-05 22:13 - 2007-12-12 10:21 - 00245858 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLCapEngine.dll
2008-04-05 22:13 - 2007-10-19 16:42 - 00339968 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLTinyDB.dll
2008-12-11 09:16 - 2008-12-11 09:16 - 00026112 _____ () C:\Program Files\Steganos Safe OEM\SteganosHotKeyService.exe
2010-10-23 01:53 - 2009-04-07 12:53 - 00030440 _____ () C:\Program Files\dcmsvc\dcmsvc.exe
2008-02-19 15:49 - 2007-05-16 22:48 - 00421955 _____ () C:\Program Files\Sceneo\AbsolutTV\Services\PVR\tvtvRemote.dll
2008-04-05 22:13 - 2007-10-19 16:42 - 00290909 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
2008-04-05 22:13 - 2007-10-19 16:42 - 00094208 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLSchRecordMonitor.dll
2010-05-26 01:31 - 2010-04-01 13:09 - 00039936 _____ () C:\Program Files\phonostar-Player\phonostarTimer.exe
2010-05-26 01:31 - 2009-08-13 11:54 - 02013184 _____ () C:\Program Files\phonostar-Player\QtCore4.dll
2010-05-26 01:31 - 2009-06-20 06:51 - 07464448 _____ () C:\Program Files\phonostar-Player\QtGui4.dll
2010-05-26 01:31 - 2009-06-20 06:51 - 00179712 _____ () C:\Program Files\phonostar-Player\QtSql4.dll
2010-05-26 01:31 - 2009-06-20 07:55 - 00344576 _____ () C:\Program Files\phonostar-Player\plugins\sqldrivers\qsqlite4.dll
2015-11-16 17:55 - 2015-11-16 17:55 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2008-04-05 22:13 - 2007-10-19 16:42 - 00114779 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:0B9D8E22
AlternateDataStreams: C:\ProgramData\TEMP:242231A9
AlternateDataStreams: C:\ProgramData\TEMP:4B7BEAFF
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\Software\Classes\.exe:  =>  <===== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\...\elsteronline.de -> hxxps://www.elsteronline.de
IE trusted site: HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\elsteronline.de -> hxxps://www.elsteronline.de
IE trusted site: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\...\elsteronline.de -> hxxps://www.elsteronline.de
IE trusted site: HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\elsteronline.de -> hxxps://www.elsteronline.de

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2006-11-02 11:23 - 2009-02-18 10:26 - 00000054 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
::1             localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
HKU\S-1-5-21-1865184633-4289980622-1215388488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Nikos\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
HKU\S-1-5-21-1865184633-4289980622-1215388488-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Nikos\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: )
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{F3ECBA52-9DCC-47F6-A021-9E923C2C2B01}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe
FirewallRules: [{C6812261-0A3C-43C2-8949-9AE5157D671F}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe
FirewallRules: [{850CBDDC-B319-41D0-828D-5B182D38EBCB}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
FirewallRules: [{A96BB2BD-409A-42B9-A526-2B3717225E15}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
FirewallRules: [{9D595453-CD4A-4CFF-9FFD-136623996ED8}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
FirewallRules: [{7BF2D859-36AA-4EB2-B71E-A471BCEF5539}] => (Allow) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
FirewallRules: [{8F2DF4FC-FD1C-4C40-8622-BE3D64349693}] => (Allow) LPort=9442
FirewallRules: [{16DA6AE4-DBA7-4F58-91FD-C8AACA268B63}] => (Allow) LPort=1900
FirewallRules: [{CF2CDCB5-D2F6-49D4-A33B-5EF67FA9D1DA}] => (Allow) C:\Program Files\HomeCinema\MakeDisc\MakeDisc.exe
FirewallRules: [{7F175D14-9107-4174-AD62-766C7D6740C8}] => (Allow) C:\Program Files\HomeCinema\PowerDirector\PDR.EXE
FirewallRules: [{391F82BA-B271-4FFF-9768-42063CB88C6B}] => (Allow) C:\Program Files\HomeCinema\PowerDVD\PowerDVD.EXE
FirewallRules: [{185FC6A3-2B03-4813-8182-41FD835D1941}] => (Allow) C:\Program Files\HomeCinema\TV Enhance\TVEnhance.exe
FirewallRules: [{ED2CFFBA-B70F-428F-9C7B-416B44412005}] => (Allow) C:\Program Files\HomeCinema\TV Enhance\TVEService.exe
FirewallRules: [TCP Query User{594F2DEB-9E25-4F0B-9E98-930738E75A4F}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{A039D724-C852-4BB2-9618-BD6FB4C2394B}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{D183A532-4BAF-4785-98FD-DA54FC227168}] => (Allow) C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe
FirewallRules: [{B43D804E-6FC9-42E0-BC4B-07748F7B3E8F}] => (Allow) C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe
FirewallRules: [{D87558D8-C545-43F3-B523-6C0990EE1B46}] => (Allow) C:\Program Files\Tobit ClipInc\Player\ClipInc-Player.exe
FirewallRules: [{7ED35175-BC8F-40D3-88FF-EF4850E2C87A}] => (Allow) C:\Program Files\Tobit ClipInc\Player\ClipInc-Player.exe
FirewallRules: [TCP Query User{D165D383-F47B-452B-BDC5-04FCC70D4172}C:\program files\real\realplayer\realplay.exe] => (Block) C:\program files\real\realplayer\realplay.exe
FirewallRules: [UDP Query User{89897771-CD2B-44BF-812C-6232B5D65788}C:\program files\real\realplayer\realplay.exe] => (Block) C:\program files\real\realplayer\realplay.exe
FirewallRules: [TCP Query User{AFAB67EF-B656-4F40-9C6C-9671417FC63A}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{A3231AEE-CAE4-46C7-A157-017A8E677939}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{BA16A689-B25D-499F-8531-4B40BF0F2C2B}C:\program files\sopcast\adv\sopadver.exe] => (Allow) C:\program files\sopcast\adv\sopadver.exe
FirewallRules: [UDP Query User{AD2E3A6D-A0DB-44A0-B6C7-61E4485683CD}C:\program files\sopcast\adv\sopadver.exe] => (Allow) C:\program files\sopcast\adv\sopadver.exe
FirewallRules: [TCP Query User{29D7F53B-E847-4AB3-801C-D5FFC541F079}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe
FirewallRules: [UDP Query User{C1201A86-06E2-4863-90B4-03AA7361CB67}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe
FirewallRules: [TCP Query User{E1507264-19F0-43EB-A3EF-77242D435ECA}C:\program files\real\realplayer\recordingmanager.exe] => (Allow) C:\program files\real\realplayer\recordingmanager.exe
FirewallRules: [UDP Query User{737DE753-82B2-4629-82FF-4F02087B28E5}C:\program files\real\realplayer\recordingmanager.exe] => (Allow) C:\program files\real\realplayer\recordingmanager.exe
FirewallRules: [TCP Query User{CC5E1C63-578B-4333-95D9-07B7B384E717}C:\program files\tvants\tvants.exe] => (Allow) C:\program files\tvants\tvants.exe
FirewallRules: [UDP Query User{6769E18A-6EFC-4726-A3F7-5CBB61CD132C}C:\program files\tvants\tvants.exe] => (Allow) C:\program files\tvants\tvants.exe
FirewallRules: [TCP Query User{BDB3F5D9-831C-4247-81C2-961CEF3E708B}C:\program files\tvuplayer\tvuplayer.exe] => (Block) C:\program files\tvuplayer\tvuplayer.exe
FirewallRules: [UDP Query User{5BB4A5B7-393A-49F0-9A8A-D21D088E1E59}C:\program files\tvuplayer\tvuplayer.exe] => (Block) C:\program files\tvuplayer\tvuplayer.exe
FirewallRules: [{9B7C19FA-D923-4F11-AAF0-237AEA9F73F4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D23F01CA-594F-4C03-B7B6-C57D358541CA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{5848E646-13E1-4DC9-80CD-0E8F9732EC59}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Block) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [UDP Query User{C982022C-A7D1-46FE-BDDE-83E797DAB6CD}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe] => (Block) C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [TCP Query User{8BB77B86-275E-436A-BA43-5FDB65B04446}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Block) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [UDP Query User{D740A3D4-11A7-4589-897C-8367416022FB}C:\program files\nokia\nokia software updater\nsu_ui_client.exe] => (Block) C:\program files\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [TCP Query User{098A7C6B-0BF2-453B-B70F-CD6F2319B326}C:\users\nikos\downloads\keygen.magic.dvd.copier.4.7.1.45042.exe] => (Block) C:\users\nikos\downloads\keygen.magic.dvd.copier.4.7.1.45042.exe
FirewallRules: [UDP Query User{4AB7955B-115F-4BE7-9448-C77510362D77}C:\users\nikos\downloads\keygen.magic.dvd.copier.4.7.1.45042.exe] => (Block) C:\users\nikos\downloads\keygen.magic.dvd.copier.4.7.1.45042.exe
FirewallRules: [TCP Query User{25200373-2AE9-4DB3-8BD7-9632D5260B45}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe
FirewallRules: [UDP Query User{33C4E831-53C9-4302-80CE-1C77AD38AFE6}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe
FirewallRules: [TCP Query User{4FB1D683-B1F0-475F-8874-892326392BA3}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{2972BFAC-EF0F-463A-9764-795C17631725}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{6C0809A0-426D-4330-8A63-809774F297B8}C:\program files\phonostar-player\phonostar.exe] => (Allow) C:\program files\phonostar-player\phonostar.exe
FirewallRules: [UDP Query User{D01EFB15-45F2-4FD9-A082-DF63D020A56B}C:\program files\phonostar-player\phonostar.exe] => (Allow) C:\program files\phonostar-player\phonostar.exe
FirewallRules: [{AFCF677F-2F5D-4C13-A224-7D421F1118CE}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EAE71A81-0873-497A-AA9F-FA9650DABE27}] => (Allow) LPort=2869
FirewallRules: [{FC768887-DED2-4A0C-92FE-B5086FCC2932}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{CBD2B1A2-1BFD-44EF-B08D-8F91525089F4}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{97297122-7FF4-4439-8581-35655C5F5C98}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{52E46CD5-1D18-4AAF-9C1C-9CE50EE19552}] => (Allow) LPort=80
FirewallRules: [{E0F103B8-968D-4BBC-AD28-2FB01CBB97A8}] => (Allow) LPort=80
FirewallRules: [{FA2716BA-9FEB-47B9-91FC-EA990AE17B32}] => (Allow) LPort=80
FirewallRules: [TCP Query User{15C06BC4-4643-4EF0-A3DD-FF924FD04F8D}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{2B34AB91-9E92-4F7F-94B1-FEC1A1D3018E}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{7DDFCB58-FB5E-457F-AC35-3233EB654D0F}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{4F2EADE1-0719-49E9-8BCA-5622DF8B6269}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{7CA83392-865A-446D-BFE0-496A7C4505FF}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{984D0F7D-4EB7-4C0D-B883-6CF2B7625575}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{0D70E4CE-EA81-4C40-A763-0C870338BCD9}C:\program files\real\realplayer\realplay.exe] => (Block) C:\program files\real\realplayer\realplay.exe
FirewallRules: [UDP Query User{C3248F83-AA59-4556-908C-6B75D4DEA877}C:\program files\real\realplayer\realplay.exe] => (Block) C:\program files\real\realplayer\realplay.exe
FirewallRules: [TCP Query User{CD9B2571-4206-4F61-81EF-5A4FDC8E8ED9}C:\program files\sopcast\adv\sopadver.exe] => (Block) C:\program files\sopcast\adv\sopadver.exe
FirewallRules: [UDP Query User{F091261E-7637-4008-913F-0BB52616B39C}C:\program files\sopcast\adv\sopadver.exe] => (Block) C:\program files\sopcast\adv\sopadver.exe
FirewallRules: [TCP Query User{1AB9F065-D7BA-42B4-8389-21845D513865}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe
FirewallRules: [UDP Query User{FA859A85-2C38-4A4F-961C-A2AE38C11EB9}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe
FirewallRules: [{4347CA25-3756-4C02-977B-F0823F8A7015}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{25B3A4C1-24BF-4245-9CCC-C05D5DF8514E}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{055126E8-DA11-43EF-BDB7-4037918517EE}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{ED908A22-74AD-4FE4-800F-021C77BC5AAF}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{BB4B6292-B3EE-4DB5-A8E5-2C1A8E193826}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{891A0DF7-39C4-4788-A2E5-E6839CFF89C7}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [TCP Query User{C58B52A6-C708-43F2-B234-FAB16F3BABC4}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{71222D28-6D3B-4409-B1A5-FFDDC2F7115C}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{A94CDEEB-A61C-40BB-A3DD-DEEBA70F9953}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{EC10BB3F-B228-4A3E-BEBF-C3D094E29693}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{41B7C7AE-9FB4-4DBE-BB03-270A93A5A156}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2CCF94E4-2F3E-4DCC-AEF3-63A4C96028BD}] => (Allow) C:\Program Files\Bohemia Interactive\ArmA 2\arma2.exe
FirewallRules: [{5B8A4346-3F2F-4ABA-BA78-97FD3E04837C}] => (Allow) C:\Program Files\Bohemia Interactive\ArmA 2\arma2.exe
FirewallRules: [{5A3EEBA5-8AA7-4F3B-BC5B-678326C70CFF}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{7F06858D-9332-4822-8003-1BF015A67755}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{3425A507-6D5B-4594-A4D0-4CDE5AAF8F5A}C:\program files\xbmc\xbmc.exe] => (Block) C:\program files\xbmc\xbmc.exe
FirewallRules: [UDP Query User{680EC8A3-B0E1-4A54-915E-2D4EEE78F81E}C:\program files\xbmc\xbmc.exe] => (Block) C:\program files\xbmc\xbmc.exe
FirewallRules: [TCP Query User{F7F55C8C-DE9C-49EE-842C-B9F21AEAC413}C:\program files\xbmc\xbmc.exe] => (Block) C:\program files\xbmc\xbmc.exe
FirewallRules: [UDP Query User{79EC5FE0-F5AD-4F2F-AD48-E3313DF0B4CA}C:\program files\xbmc\xbmc.exe] => (Block) C:\program files\xbmc\xbmc.exe
FirewallRules: [{2CDF1437-3AF3-4FA1-B375-C2C3CFEF1D88}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D28A83B8-9674-4DE1-AE97-D4DE7344A1E2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{73C70069-08AB-4797-9FD2-C84C0BFB9E17}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A65FD6B1-AA90-499F-9D27-8A0CD6EE7F40}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\PPMate\ppmate.exe] => Enabled:PPMate

==================== Wiederherstellungspunkte =========================

19-12-2015 19:23:52 Windows Update
20-12-2015 03:00:13 Windows Update
21-12-2015 10:41:37 Windows Update
21-12-2015 12:51:45 OpenOffice 4.1.2 wird installiert
21-12-2015 12:54:28 OpenOffice 4.1.2 wird installiert
22-12-2015 12:05:27 Windows Update
23-12-2015 10:56:08 Windows Update
23-12-2015 15:38:01 Windows Update
23-12-2015 15:41:39 Windows Update
24-12-2015 13:50:28 Windows Update
24-12-2015 14:18:13 Windows Update
25-12-2015 12:39:27 Windows Update
26-12-2015 15:59:25 Windows Update
27-12-2015 13:11:25 Windows Update
28-12-2015 13:43:24 Windows Update
29-12-2015 14:04:22 Windows Update
30-12-2015 12:51:40 Windows Update
30-12-2015 19:22:01 Removed Ask Toolbar.
30-12-2015 19:24:46 Removed Ask Toolbar.
30-12-2015 19:37:34 Revo Uninstaller's restore point - Ask Toolbar
30-12-2015 19:37:53 Removed Ask Toolbar.
30-12-2015 19:43:43 Revo Uninstaller's restore point - Ask Toolbar Updater
30-12-2015 19:49:23 Revo Uninstaller's restore point - Ask Toolbar
30-12-2015 19:49:41 Removed Ask Toolbar.
30-12-2015 19:54:08 Revo Uninstaller's restore point - Ask Toolbar
30-12-2015 19:54:24 Removed Ask Toolbar.
30-12-2015 19:55:37 Removed Ask Toolbar.
30-12-2015 19:56:01 Removed Ask Toolbar.
30-12-2015 19:58:29 Revo Uninstaller's restore point - Ask Toolbar
30-12-2015 19:58:45 Removed Ask Toolbar.
30-12-2015 20:03:59 Removed Ask Toolbar.
30-12-2015 20:04:37 Removed Ask Toolbar.

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/30/2015 10:13:41 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy41,0xc0000000,0x00000003,...)". hr = 0x80070005.


Vorgang:
   EndPrepareSnapshots wird verarbeitet

Kontext:
   Ausführungskontext: System Provider

Error: (12/30/2015 10:11:59 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy40,0xc0000000,0x00000003,...)". hr = 0x80070005.


Vorgang:
   EndPrepareSnapshots wird verarbeitet

Kontext:
   Ausführungskontext: System Provider

Error: (12/30/2015 08:26:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/30/2015 07:58:29 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {dbc1a62b-d612-45ac-8cd0-bb8811e3a9db}

Error: (12/30/2015 07:54:08 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {dbc1a62b-d612-45ac-8cd0-bb8811e3a9db}

Error: (12/30/2015 07:49:22 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {dbc1a62b-d612-45ac-8cd0-bb8811e3a9db}

Error: (12/30/2015 07:43:43 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {dbc1a62b-d612-45ac-8cd0-bb8811e3a9db}

Error: (12/30/2015 07:37:34 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {dbc1a62b-d612-45ac-8cd0-bb8811e3a9db}

Error: (12/30/2015 07:10:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/30/2015 12:55:00 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 1.1 - Update "{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\Windows\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log enthalten.


Systemfehler:
=============
Error: (12/30/2015 08:28:01 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Intel(R) Viiv(TM) Media ServerIntel(R) Software Services Manager%%1053

Error: (12/30/2015 08:28:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Intel(R) Software Services Manager%%1053

Error: (12/30/2015 08:28:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Intel(R) Software Services Manager

Error: (12/30/2015 08:28:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Avira Service Host

Error: (12/30/2015 08:26:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: ClipInc 001%%1053

Error: (12/30/2015 08:26:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000ClipInc 001

Error: (12/30/2015 08:26:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: BullGuard Email Monitoring Service%%126

Error: (12/30/2015 08:26:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: BullGuard File Scan Service%%126

Error: (12/30/2015 08:26:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: BullGuard Main Service%%126

Error: (12/30/2015 08:26:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: BullGuard LiveUpdate%%3


CodeIntegrity:
===================================
  Date: 2015-12-30 22:19:07.102
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-12-30 22:19:06.556
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-12-30 22:19:06.150
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-12-30 22:19:05.776
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-12-30 22:19:05.245
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-12-30 22:19:04.684
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-12-30 22:19:03.966
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-12-30 22:19:03.389
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-12-30 22:18:21.565
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-12-30 22:18:21.175
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Prozentuale Nutzung des RAM: 68%
Installierter physikalischer RAM: 3069.45 MB
Verfügbarer physikalischer RAM: 971.29 MB
Summe virtueller Speicher: 6341.89 MB
Verfügbarer virtueller Speicher: 4033.86 MB

==================== Laufwerke ================================

Drive c: (BOOT) (Fixed) (Total:445.76 GB) (Free:145.66 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:6.52 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A2150798)
Partition 1: (Active) - (Size=445.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)

==================== Ende vom Addition.txt ============================
         

Alt 30.12.2015, 23:45   #9
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Heitmann Metallhandel  Makros Virus - Standard

Heitmann Metallhandel Makros Virus



Jetzt bitte Suchscan durchführen:

Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 31.12.2015, 10:17   #10
karaiskaki
 
Heitmann Metallhandel  Makros Virus - Standard

ESET



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3df11cf563514d4496e098c2798c821a
# end=init
# utc_time=2015-12-31 12:43:33
# local_time=2015-12-31 01:43:33 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 27432
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3df11cf563514d4496e098c2798c821a
# end=updated
# utc_time=2015-12-31 12:48:19
# local_time=2015-12-31 01:48:19 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=3df11cf563514d4496e098c2798c821a
# engine=27432
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-31 05:54:31
# local_time=2015-12-31 06:54:31 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776573 100 100 30199 289073999 0 0
# scanned=390458
# found=36
# cleaned=0
# scan_time=18372
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert.dll.vir"
sh=E5AD99CE7C7362CA566156033ECB0F04F9437CA7 ft=1 fh=f45d83e01e1c8734 vn="Win32/Toolbar.Conduit.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\FileConverter_1.3\FileConverter_1.3ToolbarHelper.exe.vir"
sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\FileConverter_1.3\ldrtbFile.dll.vir"
sh=A2D929A9864513C0E8ED84AAD622EF6ADCC9B950 ft=1 fh=22c06217fc444ec5 vn="Win32/Toolbar.Conduit.O evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\FileConverter_1.3\prxtbFile.dll.vir"
sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\FileConverter_1.3\tbFile.dll.vir"
sh=C17C7DDBB91C801C72EE51F3FA2665E98F1C5F17 ft=1 fh=a0bfbf24d93a8c08 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\livetvbar\tblive.dll.vir"
sh=E0F71AF6D9955EED69EF0775EA537594A07E147C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Mozilla Firefox\Extensions\{ad55c869-668e-457c-b270-0cfb2f61116f}\chrome\livetvbar.jar.vir"
sh=E5AD99CE7C7362CA566156033ECB0F04F9437CA7 ft=1 fh=f45d83e01e1c8734 vn="Win32/Toolbar.Conduit.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nikos\AppData\Local\Conduit\CT3241949\FileConverter_1.3AutoUpdateHelper.exe.vir"
sh=76039D5A64EF897B1AA388EED70452774019DB59 ft=1 fh=890f56b03e669e11 vn="Win32/Somoto.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nikos\AppData\Local\FilesFrog Update Checker\update_checker.exe.vir"
sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nikos\AppData\LocalLow\FileConverter_1.3\ldrtbFile.dll.vir"
sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nikos\AppData\LocalLow\FileConverter_1.3\tbFile.dll.vir"
sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nikos\AppData\LocalLow\FileConverter_1.3\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll.vir"
sh=4B45816B7F6079519DAA542D698CB7E90E7C0F4B ft=1 fh=fccf593df7a23fe2 vn="Win32/Adware.ADON evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nikos\AppData\Roaming\Desktopicon\eBayShortcuts.exe.vir"
sh=C5DB8386C3A901DD6D4FB8B66685B889FA1099F9 ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\user.js.vir"
sh=C17C7DDBB91C801C72EE51F3FA2665E98F1C5F17 ft=1 fh=a0bfbf24d93a8c08 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\livetvbar\tblive.dll"
sh=1C57A69E1E31CAAE1B42524427FC75BE3C8BF644 ft=1 fh=c0043c4b8e817953 vn="Win32/KillFiles.NEM Trojaner" ac=I fn="C:\Program Files\MP3 Player Utilities 4.00\DelDrv.exe"
sh=AB6513FD1943288D196F8EDC5371009A495BB070 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\ProgramData\VistaCodecs\{5FBFD3A0-7B9A-4AD3-B522-21CF25B7E8B6}\Vista Codec Package.msi"
sh=AB6513FD1943288D196F8EDC5371009A495BB070 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\All Users\VistaCodecs\{5FBFD3A0-7B9A-4AD3-B522-21CF25B7E8B6}\Vista Codec Package.msi"
sh=229272D53A564B875A9274C4C7B6A35E2BD3C6E7 ft=0 fh=0000000000000000 vn="Variante von Win32/ELEX.GI evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FW8TQQBB\2[1].zip"
sh=181E8293919890E8529477730992284CB33CAC34 ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js"
sh=73D1BB234EAC2EAFE6F4209853E0A12EA3E9F3FA ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js.bak"
sh=5ADA3306DA92ADD77BFAA8D42B044B65661FD9E1 ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\faoen3cu.default\prefs.js.new"
sh=9C43EE94C9A1F2577EC13AFBF10BFD63E91C6CE6 ft=1 fh=f43a20e0ad73ec1f vn="Variante von MSIL/Packed.FishNet.A verdächtige Datei" ac=I fn="C:\Users\Nikos\Desktop\ALLES FÜR DIE DVD\DVDFab 8.0.9\DVDFab 8.0.9.2 QT (MrXidus)\Patch\Patch.exe"
sh=C5FE8DD7166AE2FE6D2E867738B2D7521DD26B3D ft=1 fh=c6d89ed62258024e vn="Variante von MSIL/Packed.FishNet.A verdächtige Datei" ac=I fn="C:\Users\Nikos\Desktop\ALLES FÜR DIE DVD\DVDFab 8.1.1.8\DVDFab8118_Beta_BBB\DVDFab.Products.v8.x.x.x.Multi.Patch.v0.8-BBB\Patch.exe"
sh=02F253D2527F578284FF3AAB77AF109B863AE4F0 ft=0 fh=0000000000000000 vn="Win32/KillFiles.NEM Trojaner" ac=I fn="C:\Users\Nikos\Desktop\CONVERTOREN\AMV_Convert_400.zip"
sh=E667DAA20C88C0A3726BFD8D9FBE5F1E5A9B8874 ft=1 fh=cac44e7caa7a221d vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\Desktop\CONVERTOREN\Setup_FreeConverter.exe"
sh=E67F12D1B6D409C44F0D10DFC13A57142BDA7B5D ft=0 fh=0000000000000000 vn="Win32/KillFiles.NEM Trojaner" ac=I fn="C:\Users\Nikos\Desktop\CONVERTOREN\MP3 Player Utilities 4.00\MSI.CAB"
sh=914B83CE56F1E779339AFA645DE46D5F927A0703 ft=1 fh=ab1c30c4ec732841 vn="Variante von Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\Desktop\DESKTOP\SoftonicDownloader35742.exe"
sh=4338D5944791D0CE359B859397EABEBE203893C8 ft=1 fh=7fc7dafc36e99ed5 vn="Variante von Win32/Complitly.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\Downloads\Core-Temp-setup.exe"
sh=C95708F43A748061D4C31D39204F5D2FAAE9410D ft=1 fh=4d6416c07f3bf995 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\Downloads\isobuster_3_0.exe"
sh=FCECA2F3361BCFE8D285621D8F36C08A9D2FE8E4 ft=1 fh=1736e6d6d9506a40 vn="Variante von Win32/Toolbar.iMedix.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\Downloads\radarsync.exe"
sh=76724D9B8CD7266277A708808C7A714CA94D6BF6 ft=1 fh=fa6ba9c5d726b91e vn="Variante von Win32/Complitly.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\Downloads\SchnellSchreiben.exe"
sh=734CEFF0A3ADF26844CFF8858A35201CE4AA2884 ft=1 fh=cac44e7c1ca876b6 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\Downloads\Setup_FreeFlvConverter.exe"
sh=97BABE883C945B23C115B9A8B8D694A28522710B ft=1 fh=5b16e8ad0f5f569d vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\Downloads\SoftonicDownloader_fuer_audacity.exe"
sh=FC273CA1C93F962DD53A4A4BFD0C4BDDE0DAABC9 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nikos\Downloads\sopcast(2).zip"
sh=2431047F3EAAA1F5A36B54B598FA5ED0FFD5B2FE ft=0 fh=0000000000000000 vn="LNK/Agent.CH Trojaner" ac=I fn="C:\Users\Nikos\Favorites\TV Online - Free Watch TV Online  Football LIVE.URL"
         

Alt 31.12.2015, 16:53   #11
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Heitmann Metallhandel  Makros Virus - Standard

Heitmann Metallhandel Makros Virus



Softwarecracks sind hier nicht gewünscht. Deshalb wird der Support jetzt auch beendet. Wichtig aber, PC ist sonst sauber. Am besten ESET-Funde löschen.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 31.12.2015, 18:12   #12
karaiskaki
 
Heitmann Metallhandel  Makros Virus - Standard

Danke



Hallo Jürgen , Danke noch mal für deine Zeit und deine Unterstützung. Ich habe eine kleine Spende dem Trojaner Board zukommen lassen. Ich habe ESET gelöscht. Ich werde den Durchlauf noch mal machen (5 Std.) und die alles in Quarantäne verschieben. Danke noch mal und guten Rutsch.

Alt 01.01.2016, 15:00   #13
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Heitmann Metallhandel  Makros Virus - Standard

Heitmann Metallhandel Makros Virus



Danke & OK
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Antwort

Themen zu Heitmann Metallhandel Makros Virus
antivirus, avira, computer, converter, downloader, ebay, excel, firefox, flash player, geld, help, helper, home, iexplore.exe, registry, scan, security, server, shark, software, sparbuch, usb, virus, windows, windows xp





Zum Thema Heitmann Metallhandel Makros Virus - Makro Virus Heitman Metallhandel Hallo, ich habe gestern eine Mail von Heitman Metallhandel bekommen mit einen Anhang als Rechnung in .doc die ich leider geöffnet habe. Wie sich rausgestellt hat - Heitmann Metallhandel Makros Virus...
Archiv
Du betrachtest: Heitmann Metallhandel Makros Virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.