Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: watch4 virus

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 27.11.2015, 19:23   #1
xJohnDoe
 
watch4 virus - Standard

watch4 virus



Hallo,
ich habe heute ein seltsames Verhalten meines PC's entdeckt, bei dem es einfach die Seite watch4 geöffnet hatte. Ich habs schonmal gegoogelt und es scheint echt ein Virus dahinter zu stecken. Deshalb wollte ich fragen, was ich dagegen tun kann?

MfG
John

Alt 27.11.2015, 19:38   #2
M-K-D-B
/// TB-Ausbilder
 
watch4 virus - Standard

watch4 virus






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________

__________________

Alt 27.11.2015, 20:09   #3
xJohnDoe
 
watch4 virus - Standard

watch4 virus



Hallo, danke für die schnelle Antwort, hier erstmal die FRST LOG:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:26-11-2015
durchgeführt von Ich (Administrator) auf MEINPC (27-11-2015 19:42:46)
Gestartet von C:\Users\Ich\Desktop
Geladene Profile: UpdatusUser & Ich (Verfügbare Profile: UpdatusUser & Ich)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.226\SSScheduler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NGD Studios) C:\Games\NGD Studios\Regnum Online\LiveServer\ROClientGame.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [655256 2012-08-24] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-10] ()
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-08] (AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36713096 2015-11-05] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3959979219-1793462969-950886862-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Ich\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\Run: [Google Update] => C:\Users\Ich\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50515584 2015-11-17] (Skype Technologies S.A.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-05-12] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-09-03]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-11-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.226\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013-03-04]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKU\S-1-5-21-3959979219-1793462969-950886862-1002\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2B04F56E-A692-425A-A59D-4E154188ECB6}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\Software\Microsoft\Internet Explorer\Main,Start Page Before = hxxp://acer13.msn.com
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3959979219-1793462969-950886862-1002 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-11-11] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10] (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-05-12] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-11-11] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-12] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Kein Name -> {C32F5BF7-6918-4F78-A97A-53CDF7D07C8C} -> C:\Users\Ich\AppData\LocalLow\Internet Explorer BHO\bho.dll [2014-07-30] ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default
FF DefaultSearchEngine: Ecosia
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF SearchEngineOrder.1: Bing (Microsoft)
FF SelectedSearchEngine: Ecosia
FF Homepage: hxxps://startpage.com/deu/make-startpage-your-homepage.html?&hmb=1
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll [2013-11-23] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-11-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-11-11] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll [2013-11-23] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-04-11] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3959979219-1793462969-950886862-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Ich\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3959979219-1793462969-950886862-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Ich\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF SearchPlugin: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default\searchplugins\ecosia.xml [2015-10-16]
FF SearchPlugin: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default\searchplugins\startpage---deutsch.xml [2015-09-26]
FF Extension: Battlefield Heroes Updater - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default\extensions\battlefieldheroespatcher@ea.com [2014-05-13] [ist nicht signiert]
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-12] [ist nicht signiert]
FF Extension: ProxTube - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2015-04-15] [ist nicht signiert]
FF Extension: Ecosia — The search engine that plants trees! - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2015-10-16]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=AV01
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=AV01"
CHR Plugin: (Shockwave Flash) - C:\Users\Ich\AppData\Local\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Users\Ich\AppData\Local\Google\Chrome\Application\46.0.2490.80\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Ich\AppData\Local\Google\Chrome\Application\46.0.2490.80\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\Ich\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll => Keine Datei
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Ich\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => Keine Datei
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Ich\AppData\Roaming\Mozilla\plugins\npo1d.dll => Keine Datei
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll => Keine Datei
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Users\Ich\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL => Keine Datei
CHR Profile: C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-09-26]
CHR Extension: (Google Drive) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-07]
CHR Extension: (Battlefield Heroes) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2013-06-09]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-07]
CHR Extension: (Avast Online Security) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-07]
CHR Extension: (Skype Click to Call) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-09-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-07]
CHR Extension: (Amazon) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2015-02-21]
CHR Extension: (Battlefield Play4Free) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2013-12-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Ich\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-08-10]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-12] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-02] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-02] (Dropbox, Inc.)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.226\McCHSvc.exe [289256 2015-10-30] (McAfee, Inc.)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-08-28] ()
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-25] (Dritek System INC.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-07-31] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-12] ()
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R2 IntelHaxm; C:\Windows\system32\DRIVERS\IntelHaxm.sys [84992 2015-01-30] (Intel  Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-25] (Dritek System Inc.)
S3 SMARTMouseFilterx64; C:\Windows\System32\drivers\SMARTMouseFilterx64.sys [10240 2013-10-18] (SMART Technologies) [Datei ist nicht signiert]
S3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\drivers\SMARTVHidMiniVistaAmd64.sys [9216 2013-10-18] (SMART Technologies) [Datei ist nicht signiert]
S3 SMARTVTabletPCx64; C:\Windows\System32\drivers\SMARTVTabletPCx64.sys [22184 2013-10-18] (SMART Technologies ULC) [Datei ist nicht signiert]
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146072 2015-09-08] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wmbclass; C:\Windows\system32\DRIVERS\wmbclass.sys [268288 2014-03-18] (Microsoft Corporation)
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-27 19:42 - 2015-11-27 19:44 - 00032293 _____ C:\Users\Ich\Desktop\FRST.txt
2015-11-27 19:42 - 2015-11-27 19:42 - 00000000 ____D C:\FRST
2015-11-27 19:41 - 2015-11-27 19:41 - 04397752 _____ (Kaspersky Lab ZAO) C:\Users\Ich\Desktop\tdsskiller.exe
2015-11-27 19:41 - 2015-11-27 19:41 - 02348544 _____ (Farbar) C:\Users\Ich\Desktop\FRST64.exe
2015-11-26 16:49 - 2015-11-26 16:49 - 00352398 _____ C:\Users\Ich\Downloads\S35C-115112610570.pdf
2015-11-25 22:32 - 2015-11-25 23:36 - 00000000 ____D C:\Users\Ich\Desktop\Javaprogrammierung
2015-11-24 22:19 - 2015-11-24 22:23 - 00000000 ____D C:\Users\Ich\Desktop\JavDoc
2015-11-20 23:38 - 2015-11-20 23:38 - 00002018 _____ C:\Users\UpdatusUser\Desktop\Gothic Multiplayer.lnk
2015-11-20 23:38 - 2015-11-20 23:38 - 00002018 _____ C:\Users\Ich\Desktop\Gothic Multiplayer.lnk
2015-11-20 23:38 - 2015-11-20 23:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gothic Multiplayer
2015-11-20 23:37 - 2015-11-20 23:37 - 05152599 _____ C:\Users\Ich\Downloads\gmp.exe
2015-11-17 18:16 - 2015-11-17 18:16 - 00104217 _____ C:\Users\Ich\Downloads\FHL_WS15_DBPra_05.pdf
2015-11-16 21:57 - 2015-11-16 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-11-16 21:57 - 2015-11-16 21:57 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-11-16 00:14 - 2015-11-16 00:14 - 00009334 _____ C:\Users\Ich\Desktop\sakila_statements.sql
2015-11-12 19:12 - 2015-11-12 19:12 - 15897561 _____ C:\Users\Ich\Desktop\Unit_03.pdf
2015-11-11 08:50 - 2015-11-11 08:50 - 00000809 _____ C:\Users\Ich\Desktop\eclipse.exe - Verknüpfung.lnk
2015-11-11 08:42 - 2015-11-11 08:42 - 00000000 ____D C:\Users\Ich\Desktop\eclipse-jee-mars-1-win32-x86_64
2015-11-11 08:41 - 2015-11-11 08:42 - 288024166 _____ C:\Users\Ich\Downloads\eclipse-jee-mars-1-win32-x86_64.zip
2015-11-11 08:20 - 2015-11-11 08:20 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-11-11 08:19 - 2015-11-11 08:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-11-11 08:07 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 08:07 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 08:07 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-11-11 08:07 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-11-11 08:07 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 08:07 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 08:07 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-11-11 08:07 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 08:07 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-11-11 08:07 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 08:07 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-11-11 08:07 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-11-11 08:07 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 08:07 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-11-11 08:07 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-11-11 08:07 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-11-11 08:07 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-11-11 08:07 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 08:07 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 08:07 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-11-11 08:07 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-11-11 08:07 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 08:07 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-11-11 08:07 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-11-11 08:07 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-11-11 08:07 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-11-11 08:07 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-11-11 08:07 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-11-11 08:07 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-11-11 08:07 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-11-11 08:07 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-11-11 08:07 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-11-11 08:07 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-11-11 08:07 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-11-11 08:07 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-11-11 08:07 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 08:07 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 08:07 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 08:07 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-11-11 08:07 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-11-11 08:07 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-11-11 08:07 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-11-11 08:07 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 08:07 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 08:07 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2015-11-11 08:07 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2015-11-11 08:07 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2015-11-11 08:07 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2015-11-11 08:07 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2015-11-11 08:07 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2015-11-11 08:07 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-11-11 08:07 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-11-11 08:07 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-11-11 08:07 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-11-11 08:07 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-11-11 08:07 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-11-11 08:07 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-11-11 08:07 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-11-11 08:07 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-11-11 08:07 - 2015-09-29 13:24 - 00155480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2015-11-11 08:07 - 2015-09-12 14:47 - 00414559 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-11-11 08:07 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-11-11 08:07 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-11-11 08:07 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-11-11 08:07 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-11-11 08:07 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2015-11-11 08:07 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-11-11 08:07 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-11-11 08:07 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-11-11 08:07 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-11-11 08:07 - 2014-10-29 02:21 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHostProxy.dll
2015-11-11 08:07 - 2014-10-29 01:40 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2015-11-11 08:07 - 2014-10-29 01:34 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2015-11-11 08:06 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-11-11 08:06 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-11-11 08:06 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-11-11 08:06 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-11-11 08:06 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-11-11 08:06 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-11-11 08:06 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-11-11 08:06 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-11-11 01:05 - 2015-11-11 01:05 - 00000000 _____ C:\Users\Ich\where
2015-11-11 01:01 - 2015-11-11 01:01 - 00005689 _____ C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jdk-8u60-windows-x64.lnk
2015-11-09 21:04 - 2015-11-09 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-09 18:38 - 2015-11-09 18:38 - 01255099 _____ C:\Users\Ich\Desktop\M1-KIMESAINF-stud.pdf
2015-11-09 00:35 - 2015-11-09 00:35 - 00008164 _____ C:\Users\Ich\Desktop\1234.sql
2015-11-08 16:32 - 2015-07-28 02:09 - 00987848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-11-08 16:32 - 2015-07-28 02:09 - 00484552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2015-11-08 16:32 - 2015-07-28 02:08 - 00993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-11-08 16:32 - 2015-07-28 02:08 - 00690016 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2015-11-07 19:43 - 2015-06-22 07:31 - 00027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-11-07 19:43 - 2015-06-22 07:30 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-11-07 19:40 - 2015-11-07 19:40 - 00000000 ____D C:\ProgramData\VsTelemetry
2015-11-07 19:39 - 2015-11-07 19:39 - 02987408 _____ (Microsoft Corporation) C:\Users\Ich\Downloads\wdexpress_full.exe
2015-11-07 19:25 - 2015-11-07 19:25 - 05633578 _____ C:\Users\Ich\Downloads\guc2081(1).zip
2015-11-07 19:25 - 2015-11-07 19:25 - 00000000 ____D C:\Users\Ich\Desktop\guc2081(1)
2015-11-07 11:46 - 2015-11-07 11:46 - 00001764 _____ C:\Users\Ich\Desktop\GO_Launcher.exe - Verknüpfung.lnk
2015-11-07 01:38 - 2015-11-07 01:38 - 00000000 ____D C:\Users\Ich\Desktop\Gothic Online 0.1b dev 5 Server for Win32
2015-11-07 01:36 - 2015-11-07 01:36 - 00001259 _____ C:\Users\Ich\Desktop\Gothic 2 Online.lnk
2015-11-07 01:31 - 2015-11-07 01:31 - 02021388 _____ C:\Users\Ich\Desktop\Gothic Online 0.1b dev 5 Server for Win32.zip
2015-11-07 01:30 - 2015-11-07 01:30 - 11741448 _____ (GO Team ) C:\Users\Ich\Desktop\G2O_021015.exe
2015-11-06 17:00 - 2015-11-06 17:00 - 00003184 _____ C:\Users\Ich\Desktop\NUMMERN.abw
2015-11-04 14:57 - 2015-11-08 19:26 - 00000000 ____D C:\Users\Ich\Desktop\sakila-db
2015-11-04 14:57 - 2015-11-04 14:58 - 00000000 ____D C:\Users\Ich\Downloads\sakila-db
2015-11-04 14:57 - 2015-11-04 14:57 - 00741576 _____ C:\Users\Ich\Downloads\sakila-db.zip
2015-11-04 14:57 - 2015-11-04 14:57 - 00092038 _____ C:\Users\Ich\Downloads\FHL_WS15_DBPra_04.pdf
2015-11-04 12:14 - 2015-11-04 12:14 - 00088968 _____ C:\Users\Ich\Downloads\uebungen_2.pdf
2015-11-02 17:55 - 2015-11-27 19:14 - 00000000 ___RD C:\Users\Ich\Dropbox
2015-11-02 17:55 - 2015-11-27 19:13 - 00001246 _____ C:\Users\Ich\Desktop\Dropbox.lnk
2015-11-02 17:52 - 2015-11-27 19:11 - 00001218 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-11-02 17:52 - 2015-11-27 18:57 - 00001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-11-02 17:52 - 2015-11-09 21:05 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-11-02 17:52 - 2015-11-02 17:52 - 00004194 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2015-11-02 17:52 - 2015-11-02 17:52 - 00003958 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2015-11-02 17:52 - 2015-11-02 17:52 - 00000000 ____D C:\Users\Ich\AppData\Local\Dropbox
2015-11-02 17:52 - 2015-11-02 17:52 - 00000000 ____D C:\ProgramData\Dropbox
2015-11-02 17:51 - 2015-11-02 17:51 - 00660960 _____ (Dropbox, Inc.) C:\Users\Ich\Downloads\DropboxInstaller.exe
2015-11-02 17:04 - 2015-11-02 17:23 - 00001195 _____ C:\Users\Ich\Desktop\sfmlAPI.txt
2015-11-02 11:28 - 2015-11-02 11:28 - 00000383 _____ C:\ftconfig.ini
2015-11-01 11:34 - 2015-11-01 11:34 - 10892026 _____ C:\Users\Ich\Downloads\SFML-2.1-windows-vc10-32bits.zip
2015-11-01 11:34 - 2015-11-01 11:34 - 00000000 ____D C:\Users\Ich\Desktop\SFML-2.1-windows-vc10-32bits
2015-11-01 10:11 - 2015-11-01 10:11 - 00034914 _____ C:\Users\Ich\Downloads\GOL.rar
2015-11-01 10:11 - 2015-11-01 10:11 - 00000000 ____D C:\Users\Ich\Downloads\GOL
2015-10-31 21:11 - 2015-10-31 21:11 - 00000000 ____D C:\Users\Ich\AppData\Roaming\Smokin' Guns
2015-10-31 21:10 - 2015-10-31 21:11 - 00000000 ____D C:\Program Files (x86)\Smokin' Guns
2015-10-31 21:10 - 2015-10-31 21:10 - 00001061 _____ C:\Users\Public\Desktop\Smokin' Guns.lnk
2015-10-31 21:10 - 2015-10-31 21:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smokin' Guns
2015-10-31 21:07 - 2015-10-31 21:09 - 409494295 _____ (Smokin' Guns Productions ) C:\Users\Ich\Downloads\Smokin_Guns_1.1.exe
2015-10-29 21:44 - 2015-10-29 21:44 - 00001246 _____ C:\Users\Ich\Desktop\statements.sql
2015-10-29 21:10 - 2015-10-29 21:10 - 00000000 _____ C:\Users\Ich\Desktop\main.txt
2015-10-29 20:22 - 2015-10-29 20:23 - 00076971 _____ C:\Users\Ich\Downloads\FHL_WS15_DBPra_02.pdf
2015-10-29 18:46 - 2015-10-29 18:46 - 00010939 _____ C:\Users\Ich\Desktop\BHF.sql
2015-10-29 17:45 - 2015-10-29 17:45 - 00075252 _____ C:\Users\Ich\Downloads\FHL_WS15_DBPra_03.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-27 19:42 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-11-27 19:23 - 2013-01-02 12:27 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3959979219-1793462969-950886862-1002UA.job
2015-11-27 19:14 - 2014-08-22 12:11 - 00000000 __RDO C:\Users\Ich\OneDrive
2015-11-27 19:13 - 2014-05-12 17:34 - 00000000 ____D C:\Users\Ich\AppData\Roaming\Dropbox
2015-11-27 19:13 - 2012-12-13 18:01 - 00000000 ____D C:\Users\Ich\AppData\Roaming\Skype
2015-11-27 19:12 - 2015-09-09 17:12 - 00000091 _____ C:\HaxLogs.txt
2015-11-27 19:11 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-27 19:03 - 2013-11-23 15:42 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-27 16:42 - 2014-05-12 17:23 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-11-27 10:40 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-26 22:32 - 2013-10-11 15:21 - 00000000 ____D C:\Users\Ich\AppData\Roaming\vlc
2015-11-26 22:23 - 2015-09-10 08:36 - 00000000 ____D C:\Users\Ich\.p2
2015-11-26 22:22 - 2015-08-20 12:14 - 00000000 ____D C:\Users\Ich\AppData\Local\Eclipse
2015-11-26 21:55 - 2015-02-21 16:13 - 00003914 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{536408FC-A54F-4099-B525-5A19EAC9FC4E}
2015-11-26 15:18 - 2015-10-26 21:23 - 00000274 _____ C:\Users\Ich\Desktop\h.txt
2015-11-25 22:29 - 2015-08-20 12:14 - 00000000 ____D C:\Users\Ich\workspace
2015-11-25 19:42 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2015-11-24 22:44 - 2014-03-18 11:03 - 01960188 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-24 22:44 - 2014-03-18 10:25 - 00830894 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-24 22:44 - 2014-03-18 10:25 - 00183768 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-22 10:24 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-21 15:36 - 2014-08-22 14:11 - 00997888 ___SH C:\Users\Ich\Desktop\Thumbs.db
2015-11-21 12:11 - 2012-12-13 17:40 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3959979219-1793462969-950886862-1002
2015-11-21 11:03 - 2012-12-13 18:01 - 00000000 ____D C:\ProgramData\Skype
2015-11-20 09:36 - 2015-09-19 14:22 - 00000000 ____D C:\Users\Ich\Desktop\Musik_Zum_Coden
2015-11-16 21:57 - 2013-03-09 21:57 - 00001954 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-11-15 23:46 - 2013-02-09 14:18 - 00000000 ____D C:\Users\Ich\AppData\Roaming\AbiSuite
2015-11-15 22:15 - 2015-09-17 15:38 - 00000000 ____D C:\Users\Ich\Desktop\GhanaS
2015-11-13 18:57 - 2013-08-21 17:07 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-13 18:51 - 2012-12-15 12:01 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-11 23:47 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2015-11-11 14:13 - 2013-08-22 15:44 - 00377592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-11 09:35 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-11-11 08:41 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-11 08:20 - 2015-08-20 07:57 - 00000000 ____D C:\Program Files\Java
2015-11-11 08:20 - 2013-10-31 08:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-11 08:09 - 2015-08-20 07:38 - 00000000 ____D C:\Users\Ich\.oracle_jre_usage
2015-11-11 01:05 - 2014-08-22 10:57 - 00000000 ____D C:\Users\Ich
2015-11-09 22:33 - 2014-10-30 14:15 - 00165888 ___SH C:\Users\Ich\Downloads\Thumbs.db
2015-11-09 22:32 - 2014-08-22 13:39 - 01906688 ___SH C:\Users\Ich\Documents\Thumbs.db
2015-11-08 13:35 - 2015-09-14 17:08 - 00000251 _____ C:\Users\Ich\Desktop\pawaws.txt
2015-11-07 19:45 - 2015-08-21 17:20 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-07 19:41 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-07 19:26 - 2015-10-03 20:06 - 00000000 ____D C:\Users\Ich\Documents\Visual Studio 2010
2015-11-07 01:41 - 2014-07-09 09:16 - 00000000 ____D C:\Program Files (x86)\Modifikationen
2015-11-06 16:56 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-11-03 01:23 - 2015-03-17 16:54 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 01:23 - 2015-03-17 16:54 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-31 23:13 - 2015-10-27 14:18 - 00000000 ____D C:\Users\Ich\Documents\lcc
2015-10-31 23:13 - 2015-10-27 14:15 - 00000000 ____D C:\lcc
2015-10-29 21:48 - 2015-10-27 18:23 - 00019860 _____ C:\Users\Ich\Desktop\BHF.mwb
2015-10-29 20:25 - 2015-10-27 18:23 - 00019821 _____ C:\Users\Ich\Desktop\BHF.mwb.bak

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-20 07:37 - 2015-08-20 07:37 - 0003244 _____ () C:\Program Files (x86)\COPYRIGHT
2015-08-20 07:37 - 2015-08-20 07:37 - 0000040 _____ () C:\Program Files (x86)\LICENSE
2015-08-20 07:37 - 2015-08-20 07:37 - 0000046 _____ () C:\Program Files (x86)\README.txt
2015-08-20 07:38 - 2015-08-20 07:38 - 0000527 _____ () C:\Program Files (x86)\release
2015-08-20 07:37 - 2015-08-20 07:37 - 0110114 _____ () C:\Program Files (x86)\THIRDPARTYLICENSEREADME-JAVAFX.txt
2015-08-20 07:37 - 2015-08-20 07:37 - 0177094 _____ () C:\Program Files (x86)\THIRDPARTYLICENSEREADME.txt
2015-08-20 07:37 - 2015-08-20 07:37 - 0000955 _____ () C:\Program Files (x86)\Welcome.html
2006-12-11 18:13 - 2006-12-11 18:13 - 0097336 _____ (Un4seen Developments) C:\Users\Ich\AppData\Local\bass.dll
2006-12-11 18:13 - 2006-12-11 18:13 - 0013872 _____ (Un4seen Developments) C:\Users\Ich\AppData\Local\basscd.dll
2007-08-13 16:46 - 2007-08-13 16:46 - 0102912 _____ (Albert L Faber) C:\Users\Ich\AppData\Local\CDRip.dll
2007-01-18 20:09 - 2007-01-18 20:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\Ich\AppData\Local\No23 Recorder.exe
2013-04-05 14:40 - 2014-02-23 18:18 - 0001467 _____ () C:\Users\Ich\AppData\Local\RecConfig.xml
2012-09-25 17:06 - 2012-09-25 17:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Ich\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp28rtxm.dll
C:\Users\Ich\AppData\Local\Temp\VP6Install.exe
C:\Users\Ich\AppData\Local\Temp\VP6VFW.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-26 23:52

==================== Ende von FRST.txt ============================
         
Das hier ist Addition LOG:

FRST Additions Logfile:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:26-11-2015
durchgeführt von Ich (2015-11-27 19:44:39)
Gestartet von C:\Users\Ich\Desktop
Windows 8.1 (X64) (2014-08-22 11:08:39)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3959979219-1793462969-950886862-500 - Administrator - Disabled)
Gast (S-1-5-21-3959979219-1793462969-950886862-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3959979219-1793462969-950886862-1004 - Limited - Enabled)
Ich (S-1-5-21-3959979219-1793462969-950886862-1002 - Administrator - Enabled) => C:\Users\Ich
UpdatusUser (S-1-5-21-3959979219-1793462969-950886862-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

0 A.D. (HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\0 A.D.) (Version: r15148P-alpha - Wildfire Games)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
AbiWord 2.9.4 (HKLM-x32\...\AbiWord2) (Version: 2.9.4 - AbiSource Developers)
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0059 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{8215A318-CC27-435E-B3EA-2E3443C8998C}) (Version: 1.00.3013 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3115 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3201 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\{BFBC6337-B7B9-4AEE-BC19-CA910EED755D}) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.02) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.02 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.100.2020.110 - Alps Electric)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.4 - Atheros Communications Inc.)
Aus dem Leben eines Diebes (HKLM-x32\...\Aus dem Leben eines Diebes) (Version: 1.1 - Team K)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Avatar - Legends of The Arena (HKLM-x32\...\{E02C0C32-1103-42E3-B2B3-1630675B778C}) (Version: 1.03.0008 - NickOnline)
Backup Manager v4 (x32 Version: 4.0.0.0059 - NTI Corporation) Hidden
Battlefield Heroes (HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version:  - EA Digital illusions)
Battlefield Play4Free (Ich) (HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
Bauernleben (HKLM-x32\...\Bauernleben) (Version: 1.0 - Orcjäger)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3108 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3108 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.1925 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2008 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 1.82 - NCH Software)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Desktopicon Trends auf OTTO.de (HKLM\...\DesktopIconotto) (Version: 1.0.1 - )
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.8.2 - Bloodshed Software)
Die Rückkehr (HKLM-x32\...\Die Rückkehr) (Version: 1.0 - Übersetzer-Team Lonewulf & Co)
Die Sims 2: Open For Business (HKLM-x32\...\{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}) (Version:  - )
Die Sims™ 2 Apartment-Leben (HKLM-x32\...\{B6F5B704-06D3-4687-90F3-6195304AD755}) (Version:  - Electronic Arts)
Die Sims™ 2 Super Deluxe (HKLM-x32\...\{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}) (Version:  - Electronic Arts)
Die Sims™ 2 Vier Jahreszeiten (HKLM-x32\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version:  - )
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
Foxy Secure (HKLM-x32\...\Foxy Secure) (Version: 6 - ) <==== ACHTUNG
Google Chrome (HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Gothic 1+2 Windows 8 fixes (HKLM\...\{9084b1e7-83b4-406a-8705-374300ee2d84}.sdb) (Version:  - )
Gothic 2 Gold (HKLM-x32\...\{40FE74B5-71A1-4393-A0AB-21D6E1DA5A66}) (Version: 1.0.0 - JoWood)
Gothic 2 Online - 0.1b dev 5 (HKLM-x32\...\Gothic 2 Online - 0.1b dev 5) (Version: 0.1b dev 5 - GO Team)
Gothic II - Modification Development Kit (HKLM-x32\...\G2MDK) (Version: 2.6 - Piranha Bytes)
Gothic Multiplayer (HKLM-x32\...\Gothic Multiplayer) (Version: 0.1.11.0 - Gothic Multiplayer Team)
GOTHIC2 ADDON - 'Odyssey — on behalf of the King' (HKLM-x32\...\GOTHIC2 ADDON - 'Odyssey — on behalf of the King') (Version: 1.3 - World of Gothic DE - Community © 2015)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
Icy Tower v1.5 (HKLM-x32\...\Icy Tower v1.5_is1) (Version:  - Free Lunch Design)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Programm für die Prozessorerkennung (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Kinovea (HKLM-x32\...\Kinovea) (Version: 0.8.15 - Kinovea)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.4 - Acer Inc.)
lcc-win32 version 3.2 (base system) (HKLM-x32\...\lcc-win32 (base system)_is1) (Version:  - Logiciels/Informatique, Jacob Navia)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Legend of Ahssûn (HKLM-x32\...\Legend of Ahssûn) (Version: 1.0 - LoA-Team)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3004 - Acer Incorporated)
Lua for Windows 5.1.4-46 (HKLM-x32\...\Lua_is1) (Version: 5.1.4.46 - The Lua for Windows Project and Lua and Tecgraf, PUC-Rio)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.226.1 - McAfee, Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Compatibility Toolkit 5.6 (HKLM-x32\...\{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}) (Version: 5.6.7324.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2015 für Windows Desktop - DEU (HKLM-x32\...\{1541de02-c602-410d-9962-8f1c6cc255ff}) (Version: 14.0.23107.10 - Microsoft Corporation)
Moorhuhn Wanted XS (HKLM-x32\...\{3F0DD9B2-A9F2-4D67-B6A1-E4864CBF2E61}) (Version:  - )
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MTA:SA v1.3.5 (HKLM-x32\...\MTA:SA 1.3) (Version: v1.3.5 - Multi Theft Auto)
MTA:SA v1.4.0 (HKLM-x32\...\MTA:SA 1.4) (Version: v1.4.0 - Multi Theft Auto)
MTA:SA v1.5.0 (HKLM-x32\...\MTA:SA 1.5) (Version: v1.5.0 - Multi Theft Auto)
MySQL Workbench 6.3 CE (HKLM\...\{40AFAA5A-72EE-45A7-B8D2-CC7E08C9370B}) (Version: 6.3.4 - Oracle Corporation)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Odyssee_Speech 1.0 (HKLM-x32\...\Odyssee_Speech) (Version: 1.0 - OdysseeModTeam)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3200 - Acer)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenCity 0.0.6.2 stable (HKLM-x32\...\OpenCity 0.0.6.2 stable_is1) (Version: OpenCity 0.0.6.2 stable - Duong Khang NGUYEN)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera Stable 21.0.1432.57 (HKLM-x32\...\Opera 21.0.1432.57) (Version: 21.0.1432.57 - Opera Software ASA)
Oracle VM VirtualBox 5.0.4 (HKLM\...\{FC191F32-1A67-4231-91D0-0059A57C99A8}) (Version: 5.0.4 - Oracle Corporation)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Ihr Firmenname)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.05 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.)
Regnum Online 1.6.2 (HKLM-x32\...\Regnum Online) (Version: 1.6.2 - NGD Studios)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.15 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.15.102 - Skype Technologies S.A.)
Smokin' Guns version 1.1 (HKLM-x32\...\{C0F2B168-5C5C-4B55-B76E-035813CC559E}_is1) (Version: 1.1 - Smokin' Guns Productions)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Stampfer 0.5.0.2 (HKLM-x32\...\Stampfer) (Version: 0.5.0.2 - Sumpfkrautjunkie)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TuxGuitar (HKLM-x32\...\{03534DA5-2F88-4B8E-A978-849B979E1B8F}) (Version: 1.2 - Herac)
Universal Document Converter (Demo) (HKLM-x32\...\Universal Document Converter_is1) (Version: 5.8 - fCoder Group, Inc.)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.0.6 (HKLM-x32\...\VLC media player) (Version: 2.0.6 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.3 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinHTTrack Website Copier 3.48-17 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.17 - HTTrack)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.11-1 - Bitnami)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ich\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Ich\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ich\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Ich\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei

==================== Wiederherstellungspunkte =========================

07-11-2015 19:40:31 Microsoft Visual Studio Express 2015 für Windows Desktop - DEU
11-11-2015 01:02:56 Installed Java SE Development Kit 8 Update 60 (64-bit)
14-11-2015 14:12:47 Windows Update
17-11-2015 19:07:17 Windows Update
20-11-2015 20:45:10 Windows Update

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2012-07-26 06:26 - 2015-11-16 21:57 - 00000061 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
0.0.0.1	mssplus.mcafee.com

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {08EB8921-4663-4DD2-8C4C-A4BA04543BDE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {14238981-97D8-48A3-A470-248B76FCC63A} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {224773CA-F2CC-4E38-9F31-3A7A6B3D61E1} - System32\Tasks\{26D3CCCF-FB28-42B4-89A5-452620F51B14} => pcalua.exe -a "C:\Program Files (x86)\Wajam\uninstall.exe"
Task: {2A5FC1F1-0921-44C0-B14F-98AC6F4C6D66} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-22] ()
Task: {300F13DF-70AE-4CEC-95B2-ABC1DDFB0496} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {34198156-68D7-4791-B722-EE7ECFE62B77} - System32\Tasks\{37606DBC-5BE6-484F-9173-6F62C9E08612} => pcalua.exe -a D:\Install.exe -d D:\
Task: {446DCAE7-347F-458F-83BC-0112B0E51013} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] ()
Task: {50378902-5F20-4B11-B489-7084968D689E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-02] (Dropbox, Inc.)
Task: {55C8B2C7-54CA-4684-AB39-C68FF8EC8D04} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {57EE0DA7-B5F8-4B19-8E61-D2BA98C89CC4} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
Task: {5A711C3C-3F08-4E75-BC40-010D226DF220} - System32\Tasks\Amazon Music Helper => C:\Users\Ich\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
Task: {663C69D9-37B0-4ACA-82AB-5E6E7023FCAB} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {7106F56B-A9A9-4A4A-92FD-D98A9BD7C8AE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-13] (Microsoft Corporation)
Task: {769D7839-DBBD-4780-B6AB-35E7889522E0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3959979219-1793462969-950886862-1002UA => C:\Users\Ich\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7F3747FF-4F3F-43E1-8966-0F972453AD6C} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {9FB2D80F-9B30-4E43-90EB-2B0254138EFD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-08-25] (AVAST Software)
Task: {B75AE49F-3F94-45E5-9D3B-D12B4A24E397} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {D2807B6A-0559-46B6-AC6D-645EEFA1D46B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {D2F6DCFD-8A44-45F5-8537-2399B536DCBC} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-22] ()
Task: {D53B1135-166E-4811-B4BA-D404A574A094} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-02] (Dropbox, Inc.)
Task: {D7275FA9-3B5F-432C-9645-0727E82CD148} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {D72AC33D-F527-4D8B-B931-1368F9D03636} - System32\Tasks\{B3FE6AA6-379C-4AAD-B9EB-B83FDFA9FF8C} => pcalua.exe -a "C:\Program Files (x86)\Stampfer\Stampfer.exe" -d "C:\Program Files (x86)\Stampfer"
Task: {DE58430C-7C63-411E-904D-6F9D85FF2A5E} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2012-07-31] (Acer Incorporated)
Task: {F49CB3C1-1222-4D71-AC3A-C7122CE4093D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-23] (Adobe Systems Incorporated)
Task: {F891D15F-9900-4A20-BBB9-884E1134737A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3959979219-1793462969-950886862-1002Core => C:\Users\Ich\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {FC3A0CB9-6EBB-45AB-9BC9-D30BE87CF807} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3959979219-1793462969-950886862-1002Core.job => C:\Users\Ich\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3959979219-1793462969-950886862-1002UA.job => C:\Users\Ich\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\0 A.D. alpha\Open logs folder.lnk -> C:\Users\Ich\AppData\Local\0 A.D. alpha\OpenLogsFolder.bat () <==== ACHTUNG

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-09-05 01:36 - 2013-09-05 01:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2012-06-22 02:12 - 2012-06-22 02:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-01-23 15:46 - 2014-08-28 18:21 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2012-08-10 17:28 - 2012-08-10 17:28 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-08-22 23:04 - 2012-08-22 23:04 - 00025232 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2012-08-22 23:04 - 2012-08-22 23:04 - 00044176 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2015-11-27 16:42 - 2015-11-27 16:42 - 02812416 _____ () C:\Program Files\AVAST Software\Avast\defs\15112700\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-23 07:26 - 2012-08-23 07:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-23 07:25 - 2012-08-23 07:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-08-23 07:26 - 2012-08-23 07:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-08-23 07:25 - 2012-08-23 07:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-08-23 07:25 - 2012-08-23 07:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-08-23 07:25 - 2012-08-23 07:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-08-23 07:26 - 2012-08-23 07:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2015-05-10 17:56 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-05-10 17:56 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-05-10 17:56 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-05-10 17:56 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-05-10 17:56 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-11-14 03:30 - 2015-11-14 03:30 - 00147136 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2014-05-12 17:21 - 2014-05-12 17:21 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-12-14 14:31 - 2014-08-29 23:12 - 00382976 _____ () C:\Games\NGD Studios\Regnum Online\LiveServer\OpenAL.dll
2012-09-25 17:10 - 2012-06-25 03:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-07-31 15:02 - 2014-07-31 15:02 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\ProgramData\Temp:AD022376
AlternateDataStreams: C:\Users\Ich\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Ich\AppData\Roaming:NT

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3959979219-1793462969-950886862-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SMART Board Service"
HKLM\...\StartupApproved\Run32: => "SMART Floating Tools"
HKLM\...\StartupApproved\Run32: => "SMARTNotification"
HKLM\...\StartupApproved\Run32: => "SMART Tray Tools"
HKLM\...\StartupApproved\Run32: => "SMART Ink"
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk"
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\StartupApproved\Run: => "AmazonMP3DownloaderHelper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{217A4FF2-831B-485D-80A1-AD353E2E9AF2}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [TCP Query User{2E60A8CC-853B-4605-B23F-95D1FC456CD7}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [UDP Query User{74983DAD-AD10-41EE-96F9-FFEA9D35784B}C:\users\ich\desktop\server 0.1a r-9 windows\server_gmp.exe] => (Allow) C:\users\ich\desktop\server 0.1a r-9 windows\server_gmp.exe
FirewallRules: [TCP Query User{AA841A9B-D954-4793-8AB3-37154E86910B}C:\users\ich\desktop\server 0.1a r-9 windows\server_gmp.exe] => (Allow) C:\users\ich\desktop\server 0.1a r-9 windows\server_gmp.exe
FirewallRules: [UDP Query User{77EA9650-3F65-4E2D-9FF0-5F8D231EF942}C:\program files (x86)\modding\gothic ii gold\_work\tools\zspy\zspy.exe] => (Allow) C:\program files (x86)\modding\gothic ii gold\_work\tools\zspy\zspy.exe
FirewallRules: [TCP Query User{48920CE1-4D84-4A85-88DE-23775DF8DA70}C:\program files (x86)\modding\gothic ii gold\_work\tools\zspy\zspy.exe] => (Allow) C:\program files (x86)\modding\gothic ii gold\_work\tools\zspy\zspy.exe
FirewallRules: [{9A4355B3-C21D-4D24-8E79-C5EB075F45C3}] => (Block) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [{BC1F1CFD-D70C-4008-ADE6-4F23AB108F0A}] => (Block) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [UDP Query User{4A8288D1-AE3C-40AE-BBF7-FD33C1F9CC75}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [TCP Query User{CFE6DAAD-3DA4-4C65-9AC0-2713A67CC1C7}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [{61E529E2-39C7-42F9-87F4-FD4ACE565287}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{C825F568-EDEA-499B-BAF2-A3F0F3D6E020}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ED3E2633-5EE8-46C1-A56D-C6162B5C85C3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0944A773-922D-4C07-A564-AAA0E45440C6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{91B80A1A-503E-4222-99DA-083B853C50B2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A301FD69-22FE-4388-80D4-1E99A962C2E3}] => (Allow) LPort=1900
FirewallRules: [{4497760E-5805-4311-B36B-B773377B2AAA}] => (Allow) LPort=2869
FirewallRules: [{D1E6D330-88D1-4A16-85B7-A1EECA09458C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1ADF29A0-8D11-419E-882F-0E12666DBF54}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0187286E-65D9-43C7-A1B5-82DC942214F8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BA9B6E10-2E97-4B21-B628-1E89D8067CE4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{65866DEF-264A-418E-A10A-25BA02DC9B3C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{31244750-0EFC-4081-A2C7-9B7158AE29B3}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCService.exe
FirewallRules: [{61B57827-1B9C-4511-BB18-10DD2B2B5FB2}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCService.exe
FirewallRules: [{FCEBC343-3E78-42B5-AFE8-C12953F49519}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCGui.exe
FirewallRules: [{DAA1509A-D454-4195-A66B-2C881CC64A5C}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCGui.exe
FirewallRules: [{FBFA7237-007B-413F-BD56-F35C125CDE60}] => (Allow) C:\Users\Ich\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{A359FE8B-2B2F-45B1-9F64-0688CA45F9CA}] => (Allow) C:\Users\Ich\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{4DA81EDE-CD04-4F1D-BADC-7257AE6D71B9}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{4F4E93DE-8FEC-427A-855F-3CFB13512C9A}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{03CF7716-962C-41F3-9C25-DC2935F5E7C1}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{C30F28AF-396F-4154-8A1E-77B2FAE527E3}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{9718CAED-3B3C-4FA6-9F61-C5C7413E4932}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{0BD2D6BC-5AEB-47E5-B27F-8DE4D4501887}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{0FA7FADC-CC2B-4387-8857-20B7EE160120}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{CD0C8C9D-D154-48DC-8074-C6E6B1DB824F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{E4A60ED4-19F3-4292-905A-E26AC33F983E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{BBD1A6A2-43E1-4F10-9F8F-930673F2024E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{A9051570-0B3C-4D2B-8572-A3CC55B202E4}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{7A4494AE-F92A-4CD0-9690-B52330F39142}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{2CD3B7DF-15B6-46A9-A3C6-E99F5C49000D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{AA864CF5-25C5-4094-A2E4-19F0596D3F00}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{4578D12F-925A-4A61-AAF6-E6CC7C5774B0}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{C26E9432-6C9E-46B0-9751-AFB7982CC52A}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{882F4811-DF5A-45C0-B2ED-6C95BF90F203}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{188237BE-78DB-4D72-94AC-2B082EFE447A}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{262C27E2-B2E9-4B73-90CF-AF14B428EBFE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{C2F61F32-2F48-49A3-A368-479F2A3E1B77}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{C44F4001-5117-4E3F-972D-06FD998E2275}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{554A9B34-A045-4F77-8BBF-31B886DF4369}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{22CD2F9A-7FF3-4EDC-9339-DCDB0B172F41}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [TCP Query User{93BD9022-6E92-464D-8012-EE641AC38482}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{BDFB01D8-2445-404F-AF9B-A89C22180E3B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{E946CC2B-277D-4840-9AE4-193BFB5378E8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{9EC5F6FD-94DA-48C6-80EF-F3CFB57BAC21}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{882CD626-BE74-450B-8DB8-ABCB175ECC6B}C:\program files (x86)\mta san andreas 1.5\server\mta server.exe] => (Block) C:\program files (x86)\mta san andreas 1.5\server\mta server.exe
FirewallRules: [UDP Query User{1141E08A-B283-48DD-94E7-9101F7B349E3}C:\program files (x86)\mta san andreas 1.5\server\mta server.exe] => (Block) C:\program files (x86)\mta san andreas 1.5\server\mta server.exe
FirewallRules: [TCP Query User{E8B49ED1-B073-431D-B0B5-127D62774812}C:\users\ich\desktop\eclipse-jee-juno-win32-x86_64\eclipse\eclipse.exe] => (Block) C:\users\ich\desktop\eclipse-jee-juno-win32-x86_64\eclipse\eclipse.exe
FirewallRules: [UDP Query User{6321E5F2-BAC4-4A53-9885-5190A44A4D64}C:\users\ich\desktop\eclipse-jee-juno-win32-x86_64\eclipse\eclipse.exe] => (Block) C:\users\ich\desktop\eclipse-jee-juno-win32-x86_64\eclipse\eclipse.exe
FirewallRules: [TCP Query User{4DC18B49-EE78-4408-9FAA-CBD605A729F4}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{AA7A3386-4973-4DC7-A546-260416C2D522}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [TCP Query User{4ABEE83A-C9E8-4522-BC49-326DC178AFBC}C:\program files\java\jdk1.8.0_60\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_60\bin\java.exe
FirewallRules: [UDP Query User{5952A740-2F1D-4B5A-9AD5-8F21283750C0}C:\program files\java\jdk1.8.0_60\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_60\bin\java.exe
FirewallRules: [TCP Query User{BF036C93-96C2-4EF5-AC71-A0626B302854}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{D267E2F9-6BD5-4F21-B6B7-1EB525861E08}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{C120493B-FC9A-4807-A24A-05DBB28B8D5B}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{04170A94-9352-4608-B292-FB1C70EC6F35}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{A1455A5F-20C2-4076-ACD8-18CEBD4DE245}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{293918FA-85A1-4940-B2BF-102891A928AB}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{B39A3E76-2E11-4304-AAEE-F98C24DC3492}C:\users\ich\desktop\r10\server_windows\server_gmp.exe] => (Allow) C:\users\ich\desktop\r10\server_windows\server_gmp.exe
FirewallRules: [UDP Query User{8285040D-0205-4D32-B7EA-F3E327A14404}C:\users\ich\desktop\r10\server_windows\server_gmp.exe] => (Allow) C:\users\ich\desktop\r10\server_windows\server_gmp.exe
FirewallRules: [TCP Query User{BDC047C4-A655-4715-846A-3D13E484E818}C:\users\ich\downloads\openarena-0.8.8\openarena-0.8.8\openarena.exe] => (Allow) C:\users\ich\downloads\openarena-0.8.8\openarena-0.8.8\openarena.exe
FirewallRules: [UDP Query User{CB18137B-F009-4B02-A2B2-FFDBE1041F68}C:\users\ich\downloads\openarena-0.8.8\openarena-0.8.8\openarena.exe] => (Allow) C:\users\ich\downloads\openarena-0.8.8\openarena-0.8.8\openarena.exe
FirewallRules: [TCP Query User{CA797B9D-E490-4407-AA83-1F4A361272F3}C:\program files (x86)\smokin' guns\smokinguns.exe] => (Allow) C:\program files (x86)\smokin' guns\smokinguns.exe
FirewallRules: [UDP Query User{E48B6664-D55D-4E27-9C1A-2DF1781ED398}C:\program files (x86)\smokin' guns\smokinguns.exe] => (Allow) C:\program files (x86)\smokin' guns\smokinguns.exe
FirewallRules: [TCP Query User{592AAFB5-D09A-4903-A329-5FB8B9976FEE}C:\users\ich\desktop\gothic online 0.1b dev 5 server for win32\gothic online 0.1b dev 5 server for win32\g2o_server.exe] => (Allow) C:\users\ich\desktop\gothic online 0.1b dev 5 server for win32\gothic online 0.1b dev 5 server for win32\g2o_server.exe
FirewallRules: [UDP Query User{7854E905-15F5-4B51-ACE6-8F238E3EE535}C:\users\ich\desktop\gothic online 0.1b dev 5 server for win32\gothic online 0.1b dev 5 server for win32\g2o_server.exe] => (Allow) C:\users\ich\desktop\gothic online 0.1b dev 5 server for win32\gothic online 0.1b dev 5 server for win32\g2o_server.exe
FirewallRules: [{EC2A25FF-87E3-4372-A5BD-5111B1A8E69C}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/25/2015 10:03:47 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (11/12/2015 03:59:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ROClientGame.exe, Version: 1.10.1.39397, Zeitstempel: 0x55f99214
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4bc8e
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e5904
ID des fehlerhaften Prozesses: 0x48c
Startzeit der fehlerhaften Anwendung: 0xROClientGame.exe0
Pfad der fehlerhaften Anwendung: ROClientGame.exe1
Pfad des fehlerhaften Moduls: ROClientGame.exe2
Berichtskennung: ROClientGame.exe3
Vollständiger Name des fehlerhaften Pakets: ROClientGame.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ROClientGame.exe5

Error: (11/11/2015 02:29:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1125

Error: (11/11/2015 02:29:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1125

Error: (11/11/2015 02:29:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/10/2015 03:59:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3375

Error: (11/10/2015 03:59:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3375

Error: (11/10/2015 03:59:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/10/2015 03:59:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2265

Error: (11/10/2015 03:59:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2265


Systemfehler:
=============
Error: (11/27/2015 07:14:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/27/2015 07:12:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/27/2015 07:12:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/27/2015 07:12:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/27/2015 07:12:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/27/2015 07:11:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/27/2015 05:23:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/27/2015 05:03:23 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 43. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (11/27/2015 05:03:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/27/2015 05:02:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127


CodeIntegrity:
===================================
  Date: 2014-05-13 16:08:49.254
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 50%
Installierter physikalischer RAM: 8010.27 MB
Verfügbarer physikalischer RAM: 3940.52 MB
Summe virtueller Speicher: 9290.27 MB
Verfügbarer virtueller Speicher: 5299.88 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:680.39 GB) (Free:547.16 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: D06C910E)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
--- --- ---
__________________

Alt 27.11.2015, 20:10   #4
xJohnDoe
 
watch4 virus - Standard

watch4 virus



Das hier ist die erste Hälfte des TDSS-KillerLogs:

Code:
ATTFilter
19:55:24.0689 0x0cd4  TDSS rootkit removing tool 3.1.0.6 Nov 16 2015 12:17:23
19:55:24.0689 0x0cd4  UEFI system
19:55:29.0360 0x0cd4  ============================================================
19:55:29.0360 0x0cd4  Current date / time: 2015/11/27 19:55:29.0360
19:55:29.0360 0x0cd4  SystemInfo:
19:55:29.0360 0x0cd4  
19:55:29.0360 0x0cd4  OS Version: 6.3.9600 ServicePack: 0.0
19:55:29.0360 0x0cd4  Product type: Workstation
19:55:29.0360 0x0cd4  ComputerName: MEINPC
19:55:29.0360 0x0cd4  UserName: Ich
19:55:29.0360 0x0cd4  Windows directory: C:\WINDOWS
19:55:29.0360 0x0cd4  System windows directory: C:\WINDOWS
19:55:29.0360 0x0cd4  Running under WOW64
19:55:29.0361 0x0cd4  Processor architecture: Intel x64
19:55:29.0361 0x0cd4  Number of processors: 4
19:55:29.0361 0x0cd4  Page size: 0x1000
19:55:29.0361 0x0cd4  Boot type: Normal boot
19:55:29.0361 0x0cd4  ============================================================
19:55:29.0965 0x0cd4  KLMD registered as C:\WINDOWS\system32\drivers\72038318.sys
19:55:30.0341 0x0cd4  System UUID: {0A25A72D-E6AA-78A0-0C51-181A6ADB44C7}
19:55:30.0901 0x0cd4  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:55:30.0904 0x0cd4  ============================================================
19:55:30.0904 0x0cd4  \Device\Harddisk0\DR0:
19:55:30.0904 0x0cd4  GPT partitions:
19:55:30.0905 0x0cd4  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {8E702A32-CCF6-4E0A-8D1D-258899F72443}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
19:55:30.0905 0x0cd4  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {58EF1222-C11E-4720-94D6-F4EDB994F0A0}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000
19:55:30.0905 0x0cd4  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {9ACE1C7E-8601-46C0-BCD5-37346DD84BF2}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
19:55:30.0905 0x0cd4  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D6A36AA3-D983-41E7-BF4D-57E370198238}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x550C6000
19:55:30.0905 0x0cd4  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2B2F7D50-8C53-421F-BA85-31A6F62AE46F}, Name: , StartLBA 0x55264800, BlocksNum 0xE1000
19:55:30.0905 0x0cd4  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {91388305-FAE1-4328-89D4-8400408D679D}, Name: Basic data partition, StartLBA 0x55345800, BlocksNum 0x2200800
19:55:30.0905 0x0cd4  MBR partitions:
19:55:30.0905 0x0cd4  ============================================================
19:55:30.0934 0x0cd4  C: <-> \Device\Harddisk0\DR0\Partition4
19:55:30.0934 0x0cd4  ============================================================
19:55:30.0934 0x0cd4  Initialize success
19:55:30.0934 0x0cd4  ============================================================
19:56:12.0580 0x1634  ============================================================
19:56:12.0580 0x1634  Scan started
19:56:12.0580 0x1634  Mode: Manual; SigCheck; TDLFS; 
19:56:12.0580 0x1634  ============================================================
19:56:12.0580 0x1634  KSN ping started
19:56:14.0923 0x1634  KSN ping finished: true
19:56:20.0439 0x1634  ================ Scan system memory ========================
19:56:20.0439 0x1634  System memory - ok
19:56:20.0440 0x1634  ================ Scan services =============================
19:56:20.0696 0x1634  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
19:56:20.0749 0x1634  1394ohci - ok
19:56:20.0767 0x1634  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
19:56:20.0781 0x1634  3ware - ok
19:56:20.0810 0x1634  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
19:56:20.0835 0x1634  ACPI - ok
19:56:20.0856 0x1634  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
19:56:20.0870 0x1634  acpiex - ok
19:56:20.0899 0x1634  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
19:56:20.0913 0x1634  acpipagr - ok
19:56:20.0963 0x1634  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
19:56:20.0977 0x1634  AcpiPmi - ok
19:56:20.0994 0x1634  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
19:56:21.0009 0x1634  acpitime - ok
19:56:21.0068 0x1634  [ 3927397AC60D943DAF8808AFFED582B7, 2688254085C219E8CA9C5494ABDAD8FAE52533CEF7FA3C152715E0B78D591BCF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:56:21.0078 0x1634  AdobeARMservice - ok
19:56:21.0339 0x1634  [ 476BB014F3F68C0C15EDDD5B444DA8FF, 94E8FDC4390672C31081EACF3B3AE57486ED06669C4120F139DB3A62AAE77071 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:56:21.0354 0x1634  AdobeFlashPlayerUpdateSvc - ok
19:56:21.0403 0x1634  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
19:56:21.0436 0x1634  ADP80XX - ok
19:56:21.0472 0x1634  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
19:56:21.0491 0x1634  AeLookupSvc - ok
19:56:21.0570 0x1634  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\WINDOWS\system32\drivers\afd.sys
19:56:21.0600 0x1634  AFD - ok
19:56:21.0636 0x1634  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
19:56:21.0649 0x1634  agp440 - ok
19:56:21.0687 0x1634  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
19:56:21.0704 0x1634  ahcache - ok
19:56:21.0744 0x1634  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
19:56:21.0765 0x1634  ALG - ok
19:56:21.0795 0x1634  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
19:56:21.0812 0x1634  AmdK8 - ok
19:56:21.0843 0x1634  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
19:56:21.0861 0x1634  AmdPPM - ok
19:56:21.0882 0x1634  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
19:56:21.0893 0x1634  amdsata - ok
19:56:21.0923 0x1634  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
19:56:21.0942 0x1634  amdsbs - ok
19:56:21.0967 0x1634  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
19:56:21.0978 0x1634  amdxata - ok
19:56:22.0026 0x1634  [ 690E9CFCB6EA1E21BE32D88420B44943, F6DDDAA243943EB65F2BE56FD03C5D15705CED599B03E531B8050CC035B55587 ] ApfiltrService  C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
19:56:22.0050 0x1634  ApfiltrService - ok
19:56:22.0081 0x1634  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
19:56:22.0095 0x1634  AppID - ok
19:56:22.0128 0x1634  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
19:56:22.0143 0x1634  AppIDSvc - ok
19:56:22.0177 0x1634  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
19:56:22.0193 0x1634  Appinfo - ok
19:56:22.0299 0x1634  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:56:22.0307 0x1634  Apple Mobile Device - ok
19:56:22.0347 0x1634  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
19:56:22.0374 0x1634  AppReadiness - ok
19:56:22.0510 0x1634  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
19:56:22.0557 0x1634  AppXSvc - ok
19:56:22.0589 0x1634  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
19:56:22.0603 0x1634  arcsas - ok
19:56:22.0624 0x1634  [ 340B0467E98A8C92697D73034DB4BCB7, 342572B566747A05DA5391CFC027A6703AECCE29C3D288428884D8641A35D0F5 ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
19:56:22.0635 0x1634  aswHwid - ok
19:56:22.0643 0x1634  [ ED5B09937D559FFA53FC988D20031E98, EC9E50C9BC2184AE93944EA3115A25BADF5FFB91D11776498EBC9A0D60029A84 ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
19:56:22.0655 0x1634  aswMonFlt - ok
19:56:22.0685 0x1634  [ 33C77DCB0AEC76E26BD6352A1A5281BB, CEA7BB3407C1F900DE5CB09F42AF7734811F86B7DE0085FADC7AAE8178D59665 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr2.sys
19:56:22.0695 0x1634  aswRdr - ok
19:56:22.0726 0x1634  [ BF5B9E9E97CED45208E498D9FA73688F, BCB2CC516EAD040573D80599C2306ECB26FCCB16A97B940327CD3A3CE9077877 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
19:56:22.0771 0x1634  aswRvrt - ok
19:56:22.0849 0x1634  [ F88CE00A7736C349ED1414D7ECDC9BED, 8C0783CE32968874065C2F46088B34F9C872F26C98AB8E8BA895D84CCB25E534 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
19:56:22.0883 0x1634  aswSnx - ok
19:56:22.0902 0x1634  [ 3AE912B08E2A1ABB2B63F3C56BED95C2, BE99BA3A74427444FEE5D47D70BDBA631DBBF50D80B0483C0675F87119926765 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
19:56:22.0921 0x1634  aswSP - ok
19:56:22.0938 0x1634  [ A7115ED31675BB823CFA9FE571C25676, DEEBB3920934DCDDD488DCFCB1E6F4C7EFDD3C79F31E41D59E292C3CF9400E95 ] aswStm          C:\WINDOWS\system32\drivers\aswStm.sys
19:56:22.0948 0x1634  aswStm - ok
19:56:22.0967 0x1634  [ 47CBD3F64E412FFAFD93404580A3C7B9, F9B02E232416BAFC21BCBCDC0A3D9E5E855BFAF11F29ED2C4C469692E6688278 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
19:56:22.0980 0x1634  aswVmm - ok
19:56:23.0014 0x1634  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
19:56:23.0027 0x1634  atapi - ok
19:56:23.0066 0x1634  [ 4885C14A6AB6969B5773A42DA0BA3DA4, E317E1E299543FBD9853C71E1CF8019343B6234B9AAF56ABF48C41BB7743490B ] AthBTPort       C:\WINDOWS\system32\DRIVERS\btath_flt.sys
19:56:23.0075 0x1634  AthBTPort - ok
19:56:23.0131 0x1634  [ 7CA5397A47843B0BD36898F32F2D403B, 40BACD955FDF2E469AA20910203CEB97B7C7D94C04E15723D99ED2C577AD14CF ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
19:56:23.0144 0x1634  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
19:56:25.0515 0x1634  Detect skipped due to KSN trusted
19:56:25.0515 0x1634  AtherosSvc - ok
19:56:25.0679 0x1634  [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr            C:\WINDOWS\system32\DRIVERS\athw8x.sys
19:56:25.0782 0x1634  athr - ok
19:56:25.0818 0x1634  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
19:56:25.0839 0x1634  AudioEndpointBuilder - ok
19:56:25.0874 0x1634  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
19:56:25.0908 0x1634  Audiosrv - ok
19:56:25.0975 0x1634  [ 37D17AE2936867F88EB3C4CBCBC6B8A1, E1F4D288CE1E5482A5594C8F9EEDE1E8134466F5E0C7DA32D88985497CD8588B ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:56:25.0987 0x1634  avast! Antivirus - ok
19:56:26.0010 0x1634  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
19:56:26.0027 0x1634  AxInstSV - ok
19:56:26.0069 0x1634  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
19:56:26.0098 0x1634  b06bdrv - ok
19:56:26.0133 0x1634  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
19:56:26.0148 0x1634  BasicDisplay - ok
19:56:26.0155 0x1634  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
19:56:26.0169 0x1634  BasicRender - ok
19:56:26.0181 0x1634  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
19:56:26.0189 0x1634  bcmfn2 - ok
19:56:26.0232 0x1634  [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
19:56:26.0256 0x1634  BDESVC - ok
19:56:26.0286 0x1634  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
19:56:26.0301 0x1634  Beep - ok
19:56:26.0357 0x1634  [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE             C:\WINDOWS\System32\bfe.dll
19:56:26.0390 0x1634  BFE - ok
19:56:26.0444 0x1634  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
19:56:26.0487 0x1634  BITS - ok
19:56:26.0540 0x1634  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:56:26.0558 0x1634  Bonjour Service - ok
19:56:26.0586 0x1634  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
19:56:26.0601 0x1634  bowser - ok
19:56:26.0652 0x1634  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
19:56:26.0670 0x1634  BrokerInfrastructure - ok
19:56:26.0703 0x1634  [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser         C:\WINDOWS\System32\browser.dll
19:56:26.0723 0x1634  Browser - ok
19:56:26.0764 0x1634  [ 942F3F6286056D6BBB5B02ED2B7088BD, 9F187C480BD40815ECFFC208BD1B00ACDFAD16899B4C8BE79C803FE48E322EA0 ] BTATH_A2DP      C:\WINDOWS\system32\drivers\btath_a2dp.sys
19:56:26.0779 0x1634  BTATH_A2DP - ok
19:56:26.0814 0x1634  [ 43C965027229D9FF6E52E4C71C03B09E, AF0E39EAD8B17A65F885272BEF12BF91578289C183FB39BB803183BE0E5547D1 ] btath_avdt      C:\WINDOWS\system32\drivers\btath_avdt.sys
19:56:26.0826 0x1634  btath_avdt - ok
19:56:26.0855 0x1634  [ 23CEDCD7527A26B222732A158F76EB24, 5A45D7FC8DFB96A938EEB8604B79413A10C0C16A17D3139B712263211D8215E9 ] BTATH_BUS       C:\WINDOWS\System32\drivers\btath_bus.sys
19:56:26.0862 0x1634  BTATH_BUS - ok
19:56:26.0885 0x1634  [ 3DD64966A764BCAFF07C9DC064BD410E, 456252339BCA224549E4CBCD5A0501AF10340211CFD567C577067ABF5DABB21F ] BTATH_HCRP      C:\WINDOWS\System32\drivers\btath_hcrp.sys
19:56:26.0897 0x1634  BTATH_HCRP - ok
19:56:26.0916 0x1634  [ B68EE0721EAC305AB1C9C989CDF1AEFF, 3F7CE8E244836E23456E519E48E53E4B9331C9AD9BAF13C208C922404575638A ] BTATH_LWFLT     C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
19:56:26.0925 0x1634  BTATH_LWFLT - ok
19:56:26.0938 0x1634  [ EC7BB341229E9E6B04349580F55218B2, 4227CE6787DD1432EB054B1EE85C399188A61B23E2E8B0B615DA101C4AABD6C0 ] BTATH_RCP       C:\WINDOWS\System32\drivers\btath_rcp.sys
19:56:26.0950 0x1634  BTATH_RCP - ok
19:56:26.0998 0x1634  [ CBF4EF7E9FE86CE0CAB0A6472DE34A1C, 7E4B410E1BC0BBC3B7CECF4B7396070E3FFB99D73CF185CBF38E65A79DDBB780 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
19:56:27.0029 0x1634  BtFilter - ok
19:56:27.0063 0x1634  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
19:56:27.0079 0x1634  BthAvrcpTg - ok
19:56:27.0122 0x1634  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
19:56:27.0136 0x1634  BthEnum - ok
19:56:27.0153 0x1634  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
19:56:27.0167 0x1634  BthHFEnum - ok
19:56:27.0172 0x1634  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
19:56:27.0187 0x1634  bthhfhid - ok
19:56:27.0213 0x1634  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
19:56:27.0235 0x1634  BthHFSrv - ok
19:56:27.0271 0x1634  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
19:56:27.0287 0x1634  BthLEEnum - ok
19:56:27.0299 0x1634  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
19:56:27.0314 0x1634  BTHMODEM - ok
19:56:27.0335 0x1634  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
19:56:27.0354 0x1634  BthPan - ok
19:56:27.0417 0x1634  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
19:56:27.0461 0x1634  BTHPORT - ok
19:56:27.0488 0x1634  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
19:56:27.0508 0x1634  bthserv - ok
19:56:27.0546 0x1634  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
19:56:27.0563 0x1634  BTHUSB - ok
19:56:27.0682 0x1634  [ 68BD23A0AD9E934F037A1D8A1929D1E2, 7104B04435930D085D01779065C8F293A265800D90C9DEFB19C998D9326E44E7 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
19:56:27.0729 0x1634  c2cautoupdatesvc - ok
19:56:27.0822 0x1634  [ 13297729C696656F990A5DBA53023129, EB2B34B04B79756199DBBBDE99ACBB576D20C7C0AF3E4F3C0CF0040948216AAC ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
19:56:27.0874 0x1634  c2cpnrsvc - ok
19:56:27.0978 0x1634  [ CFA963D67CF8791B2145ED9E2B89ED95, 8A325E8257C3D948C4571B4386282C0A7102235C1202BED1654AE037BEAD0B49 ] CCDMonitorService C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
19:56:28.0041 0x1634  CCDMonitorService - ok
19:56:28.0056 0x1634  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
19:56:28.0073 0x1634  cdfs - ok
19:56:28.0087 0x1634  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
19:56:28.0104 0x1634  cdrom - ok
19:56:28.0145 0x1634  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
19:56:28.0168 0x1634  CertPropSvc - ok
19:56:28.0190 0x1634  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
19:56:28.0204 0x1634  circlass - ok
19:56:28.0245 0x1634  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
19:56:28.0267 0x1634  CLFS - ok
19:56:28.0307 0x1634  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
19:56:28.0320 0x1634  CmBatt - ok
19:56:28.0367 0x1634  [ 0DE32A0BB1FE2A773666572F79584520, C417C12476B937265BEDC9A2C3C3F6C50FD19AEC096362337B0921627A2A92EA ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
19:56:28.0402 0x1634  CNG - ok
19:56:28.0424 0x1634  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
19:56:28.0437 0x1634  CompositeBus - ok
19:56:28.0440 0x1634  COMSysApp - ok
19:56:28.0454 0x1634  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
19:56:28.0469 0x1634  condrv - ok
19:56:28.0562 0x1634  [ 15FBADDC84ED202E59A4F1B201CC692C, A50092155B18DAD51049A72503002F08C1BB2DFDA239C4D3555360C163F2F782 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
19:56:28.0580 0x1634  cphs - ok
19:56:28.0611 0x1634  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
19:56:28.0629 0x1634  CryptSvc - ok
19:56:28.0642 0x1634  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
19:56:28.0655 0x1634  dam - ok
19:56:28.0695 0x1634  dbupdate - ok
19:56:28.0698 0x1634  dbupdatem - ok
19:56:28.0760 0x1634  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
19:56:28.0797 0x1634  DcomLaunch - ok
19:56:28.0839 0x1634  [ AF3FF97AC2A73E70F8A8D11FB694175B, 3AA25BF9DED08056F52ACF246118C13C8816B5E8AA4D8606DB7DAB4E4E6A9169 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
19:56:28.0862 0x1634  defragsvc - ok
19:56:28.0911 0x1634  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
19:56:28.0935 0x1634  DeviceAssociationService - ok
19:56:29.0016 0x1634  [ 91E80E3783883DA59A065E16AC031C3B, 4889980BE707C3C595F241411BD3E670517A50A33AECECEC471636969AFBA20E ] DeviceFastLaneService C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
19:56:29.0033 0x1634  DeviceFastLaneService - ok
19:56:29.0067 0x1634  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
19:56:29.0090 0x1634  DeviceInstall - ok
19:56:29.0121 0x1634  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
19:56:29.0141 0x1634  Dfsc - ok
19:56:29.0164 0x1634  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
19:56:29.0176 0x1634  dg_ssudbus - ok
19:56:29.0219 0x1634  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
19:56:29.0246 0x1634  Dhcp - ok
19:56:29.0321 0x1634  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
19:56:29.0373 0x1634  DiagTrack - ok
19:56:29.0427 0x1634  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
19:56:29.0442 0x1634  disk - ok
19:56:29.0479 0x1634  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
19:56:29.0492 0x1634  dmvsc - ok
19:56:29.0538 0x1634  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
19:56:29.0559 0x1634  Dnscache - ok
19:56:29.0606 0x1634  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
19:56:29.0627 0x1634  dot3svc - ok
19:56:29.0665 0x1634  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
19:56:29.0687 0x1634  DPS - ok
19:56:29.0699 0x1634  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
19:56:29.0710 0x1634  drmkaud - ok
19:56:29.0767 0x1634  [ 4E2C9C48316B2156B45B58687C7435AC, EDB2C48E10F4E6A2E1F9FDC1C62E5E59C50BA4F7D37CD0BDB11F4F888D5720B3 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
19:56:29.0782 0x1634  DsiWMIService - ok
19:56:29.0826 0x1634  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
19:56:29.0850 0x1634  DsmSvc - ok
19:56:29.0920 0x1634  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
19:56:29.0975 0x1634  DXGKrnl - ok
19:56:30.0008 0x1634  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
19:56:30.0026 0x1634  Eaphost - ok
19:56:30.0173 0x1634  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
19:56:30.0295 0x1634  ebdrv - ok
19:56:30.0333 0x1634  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
19:56:30.0351 0x1634  EFS - ok
19:56:30.0414 0x1634  [ AD23FC5DB336CA89A6FC2DA1F70E421C, 8C543A0057873B71F19D4D94249D6690F27708FB4D6F4056EC87DF33D7D120EF ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
19:56:30.0429 0x1634  EgisTec Ticket Service - ok
19:56:30.0460 0x1634  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
19:56:30.0475 0x1634  EhStorClass - ok
19:56:30.0497 0x1634  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
19:56:30.0515 0x1634  EhStorTcgDrv - ok
19:56:30.0573 0x1634  [ 3D897AAAAC4BC8D6F069DA3BB65D136D, 65FAD19C638AE65FB29587EF980FB6EF12B528274469403281A5DCDD1E46C1DB ] ePowerSvc       C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
19:56:30.0602 0x1634  ePowerSvc - ok
19:56:30.0616 0x1634  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
19:56:30.0633 0x1634  ErrDev - ok
19:56:30.0686 0x1634  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
19:56:30.0718 0x1634  EventSystem - ok
19:56:30.0766 0x1634  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
19:56:30.0791 0x1634  exfat - ok
19:56:30.0863 0x1634  FairplayKD - ok
19:56:30.0882 0x1634  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
19:56:30.0901 0x1634  fastfat - ok
19:56:30.0952 0x1634  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
19:56:30.0984 0x1634  Fax - ok
19:56:31.0000 0x1634  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
19:56:31.0013 0x1634  fdc - ok
19:56:31.0040 0x1634  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
19:56:31.0059 0x1634  fdPHost - ok
19:56:31.0081 0x1634  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
19:56:31.0103 0x1634  FDResPub - ok
19:56:31.0129 0x1634  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
19:56:31.0145 0x1634  fhsvc - ok
19:56:31.0160 0x1634  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
19:56:31.0173 0x1634  FileInfo - ok
19:56:31.0189 0x1634  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
19:56:31.0209 0x1634  Filetrace - ok
19:56:31.0286 0x1634  [ DFADECE1B66095F3F247ACC0EBDC5F8D, 65D8CCCE382554A4DD197AFC323D591B3D0B1C4BF13134ED6A09C9CB843E061F ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:56:31.0319 0x1634  FLEXnet Licensing Service - ok
19:56:31.0331 0x1634  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
19:56:31.0344 0x1634  flpydisk - ok
19:56:31.0384 0x1634  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
19:56:31.0407 0x1634  FltMgr - ok
19:56:31.0478 0x1634  [ 1E93CBB75D167CDF85501A8C790097A8, C9E5DD090C94E7855939CE1F416460DB408EFF897C2CD52E0D52A734D8ED18B7 ] FontCache       C:\WINDOWS\system32\FntCache.dll
19:56:31.0523 0x1634  FontCache - ok
19:56:31.0629 0x1634  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:56:31.0638 0x1634  FontCache3.0.0.0 - ok
19:56:31.0665 0x1634  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
19:56:31.0676 0x1634  FsDepends - ok
19:56:31.0690 0x1634  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:56:31.0702 0x1634  Fs_Rec - ok
19:56:31.0745 0x1634  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
19:56:31.0774 0x1634  fvevol - ok
19:56:31.0793 0x1634  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
19:56:31.0807 0x1634  FxPPM - ok
19:56:31.0822 0x1634  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
19:56:31.0837 0x1634  gagp30kx - ok
19:56:31.0888 0x1634  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
19:56:31.0900 0x1634  GamesAppService - ok
19:56:31.0938 0x1634  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:56:31.0945 0x1634  GEARAspiWDM - ok
19:56:31.0982 0x1634  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
19:56:31.0995 0x1634  gencounter - ok
19:56:32.0028 0x1634  [ EF3AE7773394DF49CE74AF78A1C8D23D, CB12FF004C460A89F12AFF2467512B479A07CA10D4280CD4E624A5A9CDAB9C1B ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
19:56:32.0041 0x1634  GPIOClx0101 - ok
19:56:32.0124 0x1634  [ 383DA813409316D69603C1D849834D24, E1AAD3AB567457B00B8A378D5BA37ED653EE451FF79D071A8815FB8B1EB90DAF ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
19:56:32.0169 0x1634  gpsvc - ok
19:56:32.0208 0x1634  [ 498288DD5CA42C2D36D125893E968C53, 03B62FA51F9195D77170DCEFF3A93A6898AA96FB610044DDAE83767DA12745C5 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
19:56:32.0221 0x1634  HDAudBus - ok
19:56:32.0256 0x1634  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
19:56:32.0270 0x1634  HidBatt - ok
19:56:32.0304 0x1634  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
19:56:32.0323 0x1634  HidBth - ok
19:56:32.0334 0x1634  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
19:56:32.0351 0x1634  hidi2c - ok
19:56:32.0383 0x1634  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
19:56:32.0399 0x1634  HidIr - ok
19:56:32.0434 0x1634  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
19:56:32.0451 0x1634  hidserv - ok
19:56:32.0487 0x1634  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
19:56:32.0501 0x1634  HidUsb - ok
19:56:32.0551 0x1634  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
19:56:32.0571 0x1634  hkmsvc - ok
19:56:32.0589 0x1634  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
19:56:32.0610 0x1634  HomeGroupListener - ok
19:56:32.0648 0x1634  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
19:56:32.0674 0x1634  HomeGroupProvider - ok
19:56:32.0705 0x1634  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
19:56:32.0718 0x1634  HpSAMD - ok
19:56:32.0806 0x1634  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
19:56:32.0846 0x1634  HTTP - ok
19:56:32.0875 0x1634  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
19:56:32.0889 0x1634  hwpolicy - ok
19:56:32.0935 0x1634  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
19:56:32.0950 0x1634  hyperkbd - ok
19:56:32.0994 0x1634  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
19:56:33.0006 0x1634  HyperVideo - ok
19:56:33.0053 0x1634  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
19:56:33.0069 0x1634  i8042prt - ok
19:56:33.0080 0x1634  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
19:56:33.0089 0x1634  iaLPSSi_GPIO - ok
19:56:33.0102 0x1634  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
19:56:33.0113 0x1634  iaLPSSi_I2C - ok
19:56:33.0166 0x1634  [ 0FE66A51D81A25AACEAAE4C26308121D, C5553F7ABA74A8EB71A4ED0E8F2A6AA2892F871D164F2D4FADB035BE7D1A8C44 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
19:56:33.0190 0x1634  iaStorA - ok
19:56:33.0230 0x1634  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
19:56:33.0255 0x1634  iaStorAV - ok
19:56:33.0293 0x1634  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
19:56:33.0316 0x1634  iaStorV - ok
19:56:33.0411 0x1634  [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
19:56:33.0475 0x1634  IconMan_R - detected UnsignedFile.Multi.Generic ( 1 )
19:56:35.0829 0x1634  Detect skipped due to KSN trusted
19:56:35.0830 0x1634  IconMan_R - ok
19:56:35.0836 0x1634  IEEtwCollectorService - ok
19:56:36.0006 0x1634  [ C38AFE18A40ADF005647090DD3AC24F3, 302810C31B005DD4C9143233AB5B4F332C62AD866A7C7AB0E8F8F81AE1766B11 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
19:56:36.0111 0x1634  igfx - ok
19:56:36.0142 0x1634  [ 7A510A9AFC7955DEE63F8DC243E31292, 13906F6212F4C116BE224F2A8AFFF089ACFED8F543E26FC6208FF38463366173 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
19:56:36.0158 0x1634  igfxCUIService1.0.0.0 - ok
19:56:36.0219 0x1634  [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
19:56:36.0260 0x1634  IKEEXT - ok
19:56:36.0292 0x1634  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
19:56:36.0301 0x1634  intaud_WaveExtensible - ok
19:56:36.0470 0x1634  [ DDC860724AEF8F8E42AC61E6585769C6, 62AD5772E8097B03E161E6F14582E2A4BBA0DFA1A1E7F664D881D464E136DBD2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
19:56:36.0582 0x1634  IntcAzAudAddService - ok
19:56:36.0629 0x1634  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
19:56:36.0653 0x1634  IntcDAud - ok
19:56:36.0697 0x1634  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
19:56:36.0722 0x1634  Intel(R) Capability Licensing Service Interface - ok
19:56:36.0756 0x1634  [ C02FD35184CEA3A65DEE7DE278699BBC, D525FAD9C14587E90FD40922BC9FAC713A3CBC58A630CAA726DC6EEFCC6D0232 ] IntelHaxm       C:\WINDOWS\system32\DRIVERS\IntelHaxm.sys
19:56:36.0784 0x1634  IntelHaxm - ok
19:56:36.0793 0x1634  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
19:56:36.0804 0x1634  intelide - ok
19:56:36.0832 0x1634  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
19:56:36.0846 0x1634  intelpep - ok
19:56:36.0872 0x1634  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
19:56:36.0885 0x1634  intelppm - ok
19:56:36.0904 0x1634  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:56:36.0920 0x1634  IpFilterDriver - ok
19:56:36.0960 0x1634  [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
19:56:36.0998 0x1634  iphlpsvc - ok
19:56:37.0049 0x1634  [ FD9C9E9E3F0ED51502C7E8C066BE26B9, 290E74380F1543DD22C9F3821513B3E2FB42E995724238D8779CBBCB4FC386C8 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
19:56:37.0067 0x1634  IPMIDRV - ok
19:56:37.0081 0x1634  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
19:56:37.0100 0x1634  IPNAT - ok
19:56:37.0149 0x1634  [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:56:37.0175 0x1634  iPod Service - ok
19:56:37.0206 0x1634  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
19:56:37.0221 0x1634  IRENUM - ok
19:56:37.0238 0x1634  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
19:56:37.0251 0x1634  isapnp - ok
19:56:37.0288 0x1634  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
19:56:37.0305 0x1634  iScsiPrt - ok
19:56:37.0330 0x1634  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
19:56:37.0338 0x1634  iwdbus - ok
19:56:37.0406 0x1634  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:56:37.0415 0x1634  jhi_service - ok
19:56:37.0436 0x1634  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
19:56:37.0447 0x1634  kbdclass - ok
19:56:37.0457 0x1634  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
19:56:37.0471 0x1634  kbdhid - ok
19:56:37.0502 0x1634  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
19:56:37.0515 0x1634  kdnic - ok
19:56:37.0540 0x1634  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
19:56:37.0554 0x1634  KeyIso - ok
19:56:37.0580 0x1634  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
19:56:37.0593 0x1634  KSecDD - ok
19:56:37.0645 0x1634  [ 35C19AF2116F67914712D7C4CBE47B8C, 5F976726880A6E51D7ABFA7E3EF7294C6FB7F383DC5710A2C2EC8DD26DAEC204 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
19:56:37.0659 0x1634  KSecPkg - ok
19:56:37.0673 0x1634  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
19:56:37.0689 0x1634  ksthunk - ok
19:56:37.0731 0x1634  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
19:56:37.0754 0x1634  KtmRm - ok
19:56:37.0787 0x1634  [ 50AECF8C21AB2A6428A6E1E10549D8E5, 6BC7C60CF5E8AFB9972619EE1C78357756E9C0A3EC783C3056CEB600DCBB1555 ] L1C             C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
19:56:37.0799 0x1634  L1C - ok
19:56:37.0834 0x1634  [ 46378ECCB4A29AA81BF296641C2501EF, 5AB79BD824C00EF1338FDB8450692318AB14E0AE4145C30B37136767DFC1E4F9 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
19:56:37.0861 0x1634  LanmanServer - ok
19:56:37.0907 0x1634  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
19:56:37.0931 0x1634  LanmanWorkstation - ok
19:56:37.0969 0x1634  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
19:56:37.0995 0x1634  lfsvc - ok
19:56:38.0007 0x1634  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
19:56:38.0023 0x1634  lltdio - ok
19:56:38.0065 0x1634  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
19:56:38.0089 0x1634  lltdsvc - ok
19:56:38.0128 0x1634  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
19:56:38.0146 0x1634  lmhosts - ok
19:56:38.0178 0x1634  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:56:38.0190 0x1634  LMS - ok
19:56:38.0225 0x1634  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
19:56:38.0239 0x1634  LSI_SAS - ok
19:56:38.0254 0x1634  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
19:56:38.0268 0x1634  LSI_SAS2 - ok
19:56:38.0285 0x1634  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
19:56:38.0298 0x1634  LSI_SAS3 - ok
19:56:38.0307 0x1634  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
19:56:38.0319 0x1634  LSI_SSS - ok
19:56:38.0469 0x1634  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll
19:56:38.0503 0x1634  LSM - ok
19:56:38.0533 0x1634  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
19:56:38.0549 0x1634  luafv - ok
19:56:38.0593 0x1634  [ E1C4AE452E1F6C6571CE5F8A6937EAF4, CB3C89BD5C6C0197A033C8A6B834FD3326728BA5D7364E64AE2E8F42AAD91D23 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.226\McCHSvc.exe
19:56:38.0608 0x1634  McComponentHostService - ok
19:56:38.0635 0x1634  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
19:56:38.0648 0x1634  megasas - ok
19:56:38.0676 0x1634  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
19:56:38.0707 0x1634  megasr - ok
19:56:38.0731 0x1634  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
19:56:38.0742 0x1634  MEIx64 - ok
19:56:38.0774 0x1634  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
19:56:38.0793 0x1634  MMCSS - ok
19:56:38.0806 0x1634  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
19:56:38.0824 0x1634  Modem - ok
19:56:38.0856 0x1634  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
19:56:38.0871 0x1634  monitor - ok
19:56:38.0885 0x1634  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
19:56:38.0897 0x1634  mouclass - ok
19:56:38.0927 0x1634  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
19:56:38.0942 0x1634  mouhid - ok
19:56:38.0978 0x1634  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
19:56:38.0992 0x1634  mountmgr - ok
19:56:39.0022 0x1634  [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:56:39.0033 0x1634  MozillaMaintenance - ok
19:56:39.0065 0x1634  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
19:56:39.0083 0x1634  mpsdrv - ok
19:56:39.0128 0x1634  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
19:56:39.0166 0x1634  MpsSvc - ok
19:56:39.0189 0x1634  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
19:56:39.0205 0x1634  MRxDAV - ok
19:56:39.0224 0x1634  [ 89DE71940A0E7F5BA617AE08321EF5C3, BD056C9E18E902D6F118E59A6AC68415BFA0690A02D2B360F6C111CE3B5EAC67 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:56:39.0246 0x1634  mrxsmb - ok
19:56:39.0272 0x1634  [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
19:56:39.0293 0x1634  mrxsmb10 - ok
19:56:39.0323 0x1634  [ EE16457030175F449BAB0ABD279F4B6A, DF627054136079553A24AD12DC7374F1ACEEAD782EFFDC278996AD7BCCE98877 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
19:56:39.0341 0x1634  mrxsmb20 - ok
19:56:39.0374 0x1634  [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
19:56:39.0392 0x1634  MsBridge - ok
19:56:39.0421 0x1634  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
19:56:39.0440 0x1634  MSDTC - ok
19:56:39.0457 0x1634  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
19:56:39.0483 0x1634  Msfs - ok
19:56:39.0505 0x1634  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
19:56:39.0516 0x1634  msgpiowin32 - ok
19:56:39.0532 0x1634  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
19:56:39.0546 0x1634  mshidkmdf - ok
19:56:39.0564 0x1634  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
19:56:39.0577 0x1634  mshidumdf - ok
19:56:39.0603 0x1634  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
19:56:39.0613 0x1634  msisadrv - ok
19:56:39.0649 0x1634  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
19:56:39.0667 0x1634  MSiSCSI - ok
19:56:39.0671 0x1634  msiserver - ok
19:56:39.0683 0x1634  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:56:39.0696 0x1634  MSKSSRV - ok
19:56:39.0706 0x1634  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
19:56:39.0723 0x1634  MsLldp - ok
19:56:39.0741 0x1634  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:56:39.0753 0x1634  MSPCLOCK - ok
19:56:39.0765 0x1634  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
19:56:39.0778 0x1634  MSPQM - ok
19:56:39.0799 0x1634  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
19:56:39.0821 0x1634  MsRPC - ok
19:56:39.0831 0x1634  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
19:56:39.0845 0x1634  mssmbios - ok
19:56:39.0918 0x1634  MSSQL$SQLEXPRESS - ok
19:56:39.0994 0x1634  [ 7A2A8C975356858EB38466A6B1592E8D, 97C3DFCCBE1BA92EE7E4848993D6F369D543A53344A6512C84EF03E7D737A482 ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
19:56:40.0005 0x1634  MSSQLServerADHelper100 - ok
19:56:40.0015 0x1634  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
19:56:40.0028 0x1634  MSTEE - ok
19:56:40.0062 0x1634  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
19:56:40.0075 0x1634  MTConfig - ok
19:56:40.0092 0x1634  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
19:56:40.0107 0x1634  Mup - ok
19:56:40.0119 0x1634  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
19:56:40.0131 0x1634  mvumis - ok
19:56:40.0150 0x1634  [ C009123B206C56854F4E88596035231D, 670403A40B425F77C90ECB048A0C8BC11FB19E40A8CECC2C3DCF79175B745863 ] mwlPSDFilter    C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys
19:56:40.0158 0x1634  mwlPSDFilter - ok
19:56:40.0186 0x1634  [ BF3739EEB9F008B1DEBAC115089A53F8, 8546AB69087656259BBE17D6F80F4AB164B04171673CE2BF9FFD1B5C9584E9A4 ] mwlPSDNServ     C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys
19:56:40.0193 0x1634  mwlPSDNServ - ok
19:56:40.0202 0x1634  [ 38DD143D95E7A01B86F219DDA9C28779, 5FA8C0595CCF835DBCE1CC5322E8FD4BFB6DFB6CF869BB7CB73F919445D469AA ] mwlPSDVDisk     C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys
19:56:40.0211 0x1634  mwlPSDVDisk - ok
19:56:40.0258 0x1634  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
19:56:40.0291 0x1634  napagent - ok
19:56:40.0315 0x1634  [ 78514B073CC5775800A65BFB82A0D66B, DCD18E277569F23921E899F508860F89ABD417C74A7776152A4463284A989488 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
19:56:40.0342 0x1634  NativeWifiP - ok
19:56:40.0373 0x1634  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
19:56:40.0397 0x1634  NcaSvc - ok
19:56:40.0423 0x1634  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
19:56:40.0441 0x1634  NcbService - ok
19:56:40.0473 0x1634  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
19:56:40.0490 0x1634  NcdAutoSetup - ok
19:56:40.0539 0x1634  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
19:56:40.0583 0x1634  NDIS - ok
19:56:40.0598 0x1634  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
19:56:40.0614 0x1634  NdisCap - ok
19:56:40.0632 0x1634  [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
19:56:40.0650 0x1634  NdisImPlatform - ok
19:56:40.0681 0x1634  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:56:40.0697 0x1634  NdisTapi - ok
19:56:40.0706 0x1634  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:56:40.0720 0x1634  Ndisuio - ok
19:56:40.0735 0x1634  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
19:56:40.0749 0x1634  NdisVirtualBus - ok
19:56:40.0766 0x1634  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:56:40.0787 0x1634  NdisWan - ok
19:56:40.0799 0x1634  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:56:40.0821 0x1634  NdisWanLegacy - ok
19:56:40.0829 0x1634  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
         

Alt 27.11.2015, 20:11   #5
xJohnDoe
 
watch4 virus - Standard

watch4 virus



Das hier ist die zweite:

Code:
ATTFilter
19:56:40.0845 0x1634  NDProxy - ok
19:56:40.0883 0x1634  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
19:56:40.0900 0x1634  Ndu - ok
19:56:40.0912 0x1634  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
19:56:40.0932 0x1634  NetBIOS - ok
19:56:40.0955 0x1634  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
19:56:40.0989 0x1634  NetBT - ok
19:56:41.0004 0x1634  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
19:56:41.0019 0x1634  Netlogon - ok
19:56:41.0053 0x1634  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
19:56:41.0080 0x1634  Netman - ok
19:56:41.0121 0x1634  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
19:56:41.0154 0x1634  netprofm - ok
19:56:41.0206 0x1634  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:56:41.0263 0x1634  NetTcpPortSharing - ok
19:56:41.0293 0x1634  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
19:56:41.0307 0x1634  netvsc - ok
19:56:41.0339 0x1634  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
19:56:41.0362 0x1634  NlaSvc - ok
19:56:41.0376 0x1634  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
19:56:41.0403 0x1634  Npfs - ok
19:56:41.0447 0x1634  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
19:56:41.0460 0x1634  npsvctrig - ok
19:56:41.0493 0x1634  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
19:56:41.0510 0x1634  nsi - ok
19:56:41.0534 0x1634  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
19:56:41.0549 0x1634  nsiproxy - ok
19:56:41.0631 0x1634  [ 1C80517BE6836A812F6A9B99B8321351, 7DBED4633820E201C9C242D961EF6F25BA2B1D5593BA60F707CC71A4014C2D4B ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
19:56:41.0715 0x1634  Ntfs - ok
19:56:41.0756 0x1634  [ 24802A206925A340DBA52ABF83C21315, 39E6FD63C7C93A833E3D5CC928AFF9286059538798DBF77C16ADDE64112E2661 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
19:56:41.0769 0x1634  NTI IScheduleSvc - ok
19:56:41.0798 0x1634  [ 710263B44C1D1AEE07525A53401FBE48, 9E30D956099F42A7F8125664E671AEE49A6EDE0C2B717EC9B4488556A386FA21 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
19:56:41.0808 0x1634  NTIDrvr - ok
19:56:41.0816 0x1634  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
19:56:41.0831 0x1634  Null - ok
19:56:42.0191 0x1634  [ 9B93CC9C70EDE60A9C486E7719DB9E8D, 8E31BE72797D3308D8AF136E9F4C6199BCF4592F88E9FEB361752FF768225EC9 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
19:56:42.0447 0x1634  nvlddmkm - ok
19:56:42.0474 0x1634  [ F76296368BB813E0C6996501A3271C7C, FA1C127F881C09C5066CB83A686AFD7A40D731922185EA4001A52ABA230FD812 ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
19:56:42.0484 0x1634  nvpciflt - ok
19:56:42.0514 0x1634  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
19:56:42.0529 0x1634  nvraid - ok
19:56:42.0546 0x1634  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
19:56:42.0560 0x1634  nvstor - ok
19:56:42.0609 0x1634  [ FB50E60564ED30DDC855F0CE435C8467, C9A56D74F58739B8A069336FF5456FC5F3CE89371B8CFE8144B8D06A9C79C6AB ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
19:56:42.0640 0x1634  nvsvc - ok
19:56:42.0722 0x1634  [ C63E582366EAD77978BFFD959A66DBB8, BBAC11300AFED29291A08EEC8A740DA67C8C003AF89D06F9E0671CCF0E7908A0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:56:42.0760 0x1634  nvUpdatusService - ok
19:56:42.0795 0x1634  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
19:56:42.0808 0x1634  nv_agp - ok
19:56:42.0840 0x1634  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
19:56:42.0865 0x1634  p2pimsvc - ok
19:56:42.0911 0x1634  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
19:56:42.0937 0x1634  p2psvc - ok
19:56:42.0969 0x1634  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
19:56:42.0984 0x1634  Parport - ok
19:56:43.0025 0x1634  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
19:56:43.0038 0x1634  partmgr - ok
19:56:43.0085 0x1634  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
19:56:43.0112 0x1634  PcaSvc - ok
19:56:43.0144 0x1634  [ 275AFE3FA35E8D78BE97695DF49817C6, 447CEBB16285AE073B4251D2DA71399306EF2DCB7F56286ABE2F0BD6C83EB489 ] pci             C:\WINDOWS\system32\drivers\pci.sys
19:56:43.0165 0x1634  pci - ok
19:56:43.0181 0x1634  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
19:56:43.0191 0x1634  pciide - ok
19:56:43.0244 0x1634  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
19:56:43.0258 0x1634  pcmcia - ok
19:56:43.0275 0x1634  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
19:56:43.0287 0x1634  pcw - ok
19:56:43.0354 0x1634  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
19:56:43.0367 0x1634  pdc - ok
19:56:43.0405 0x1634  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
19:56:43.0434 0x1634  PEAUTH - ok
19:56:43.0504 0x1634  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
19:56:43.0522 0x1634  PerfHost - ok
19:56:43.0601 0x1634  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
19:56:43.0660 0x1634  pla - ok
19:56:43.0691 0x1634  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
19:56:43.0712 0x1634  PlugPlay - ok
19:56:43.0716 0x1634  PnkBstrA - ok
19:56:43.0728 0x1634  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
19:56:43.0745 0x1634  PNRPAutoReg - ok
19:56:43.0769 0x1634  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
19:56:43.0793 0x1634  PNRPsvc - ok
19:56:43.0828 0x1634  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
19:56:43.0860 0x1634  PolicyAgent - ok
19:56:43.0913 0x1634  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
19:56:43.0947 0x1634  Power - ok
19:56:44.0185 0x1634  [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:56:44.0291 0x1634  PrintNotify - ok
19:56:44.0331 0x1634  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
19:56:44.0352 0x1634  Processor - ok
19:56:44.0386 0x1634  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
19:56:44.0416 0x1634  ProfSvc - ok
19:56:44.0442 0x1634  [ AF038FA3D3748B7595FE7096AD803696, 55263B2424BE1F59F16050C8A0A3B16B2A3A4C212051170DE8A49AC387BE1386 ] Ps2Kb2Hid       C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys
19:56:44.0454 0x1634  Ps2Kb2Hid - ok
19:56:44.0488 0x1634  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
19:56:44.0513 0x1634  Psched - ok
19:56:44.0580 0x1634  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
19:56:44.0617 0x1634  QWAVE - ok
19:56:44.0634 0x1634  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
19:56:44.0656 0x1634  QWAVEdrv - ok
19:56:44.0691 0x1634  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:56:44.0711 0x1634  RasAcd - ok
19:56:44.0750 0x1634  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
19:56:44.0781 0x1634  RasAuto - ok
19:56:44.0815 0x1634  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\WINDOWS\System32\rasmans.dll
19:56:44.0860 0x1634  RasMan - ok
19:56:44.0880 0x1634  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:56:44.0905 0x1634  RasPppoe - ok
19:56:44.0932 0x1634  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:56:44.0970 0x1634  rdbss - ok
19:56:44.0988 0x1634  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
19:56:45.0010 0x1634  rdpbus - ok
19:56:45.0049 0x1634  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
19:56:45.0078 0x1634  RDPDR - ok
19:56:45.0106 0x1634  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
19:56:45.0124 0x1634  RdpVideoMiniport - ok
19:56:45.0148 0x1634  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
19:56:45.0177 0x1634  rdyboost - ok
19:56:45.0220 0x1634  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
19:56:45.0288 0x1634  ReFS - ok
19:56:45.0329 0x1634  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
19:56:45.0364 0x1634  RemoteAccess - ok
19:56:45.0399 0x1634  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
19:56:45.0440 0x1634  RemoteRegistry - ok
19:56:45.0469 0x1634  [ CF59781FCB68F859EB6C835ED285211D, E979014C07BF45F4F27E4433ED6B8FA618E4416CB01075FBF52CB2536EC63984 ] RfButtonDriverService C:\Windows\RfBtnSvc64.exe
19:56:45.0483 0x1634  RfButtonDriverService - ok
19:56:45.0550 0x1634  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
19:56:45.0574 0x1634  RFCOMM - ok
19:56:45.0637 0x1634  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
19:56:45.0670 0x1634  RpcEptMapper - ok
19:56:45.0712 0x1634  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
19:56:45.0736 0x1634  RpcLocator - ok
19:56:45.0777 0x1634  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
19:56:45.0821 0x1634  RpcSs - ok
19:56:45.0857 0x1634  [ CD553B8633466A6D1C115812F2619F1F, B39B38DE8B97209BEABDBF062832A1BDE2303450238B9A4723829958C5C81A6B ] RsFx0103        C:\WINDOWS\system32\DRIVERS\RsFx0103.sys
19:56:45.0877 0x1634  RsFx0103 - ok
19:56:45.0922 0x1634  [ 7BFDFD1D2244B444D7BBC55087426518, 06DF03A734A8A1956C842E30B4A1F143CD59B2DD09E0F8F01E6B4CE2A3D1D418 ] RSPCIESTOR      C:\WINDOWS\system32\DRIVERS\RtsPStor.sys
19:56:45.0945 0x1634  RSPCIESTOR - ok
19:56:45.0975 0x1634  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
19:56:45.0999 0x1634  rspndr - ok
19:56:46.0018 0x1634  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
19:56:46.0041 0x1634  s3cap - ok
19:56:46.0086 0x1634  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
19:56:46.0109 0x1634  SamSs - ok
19:56:46.0215 0x1634  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
19:56:46.0234 0x1634  sbp2port - ok
19:56:46.0272 0x1634  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
19:56:46.0322 0x1634  SCardSvr - ok
19:56:46.0358 0x1634  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
19:56:46.0410 0x1634  ScDeviceEnum - ok
19:56:46.0432 0x1634  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
19:56:46.0460 0x1634  scfilter - ok
19:56:46.0607 0x1634  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
19:56:46.0674 0x1634  Schedule - ok
19:56:46.0754 0x1634  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
19:56:46.0789 0x1634  SCPolicySvc - ok
19:56:46.0824 0x1634  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
19:56:46.0856 0x1634  sdbus - ok
19:56:46.0984 0x1634  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
19:56:47.0079 0x1634  SDScannerService - ok
19:56:47.0109 0x1634  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
19:56:47.0137 0x1634  sdstor - ok
19:56:47.0243 0x1634  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
19:56:47.0369 0x1634  SDUpdateService - ok
19:56:47.0384 0x1634  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
19:56:47.0400 0x1634  SDWSCService - ok
19:56:47.0433 0x1634  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
19:56:47.0461 0x1634  secdrv - ok
19:56:47.0493 0x1634  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
19:56:47.0526 0x1634  seclogon - ok
19:56:47.0600 0x1634  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
19:56:47.0655 0x1634  SENS - ok
19:56:47.0930 0x1634  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
19:56:48.0084 0x1634  SensrSvc - ok
19:56:48.0124 0x1634  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
19:56:48.0143 0x1634  SerCx - ok
19:56:48.0159 0x1634  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
19:56:48.0181 0x1634  SerCx2 - ok
19:56:48.0198 0x1634  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
19:56:48.0221 0x1634  Serenum - ok
19:56:48.0240 0x1634  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
19:56:48.0264 0x1634  Serial - ok
19:56:48.0285 0x1634  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
19:56:48.0308 0x1634  sermouse - ok
19:56:48.0362 0x1634  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
19:56:48.0410 0x1634  SessionEnv - ok
19:56:48.0443 0x1634  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
19:56:48.0464 0x1634  sfloppy - ok
19:56:48.0613 0x1634  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
19:56:48.0730 0x1634  SharedAccess - ok
19:56:48.0936 0x1634  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:56:49.0020 0x1634  ShellHWDetection - ok
19:56:49.0057 0x1634  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
19:56:49.0075 0x1634  SiSRaid2 - ok
19:56:49.0092 0x1634  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
19:56:49.0111 0x1634  SiSRaid4 - ok
19:56:49.0204 0x1634  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:56:49.0237 0x1634  SkypeUpdate - ok
19:56:49.0270 0x1634  [ BCE703FE67976C57B789F19A77C4C7D1, 6D249386924AA443B3237BF71D9EFDB8C6D2CEE6E40823519694554224FB1538 ] SMARTMouseFilterx64 C:\WINDOWS\System32\drivers\SMARTMouseFilterx64.sys
19:56:49.0280 0x1634  SMARTMouseFilterx64 - detected UnsignedFile.Multi.Generic ( 1 )
19:56:51.0661 0x1634  Detect skipped due to KSN trusted
19:56:51.0661 0x1634  SMARTMouseFilterx64 - ok
19:56:51.0745 0x1634  [ C02C2D6EBC48A52C0C2922BD86CCEEDE, 07FB67B4EFEF315E071671884FFCCE5B39B486C8901BF9C8D62AEBF3CACF6937 ] SMARTVHidMiniVistaAmd64 C:\WINDOWS\System32\drivers\SMARTVHidMiniVistaAmd64.sys
19:56:51.0760 0x1634  SMARTVHidMiniVistaAmd64 - detected UnsignedFile.Multi.Generic ( 1 )
19:56:54.0394 0x1634  Detect skipped due to KSN trusted
19:56:54.0395 0x1634  SMARTVHidMiniVistaAmd64 - ok
19:56:54.0432 0x1634  [ 8588412F05C55E397374F97588CC7381, BF8A6AAA4FD0A2208EDE92294095A38337785EA3D5961DD069F2596344772ADD ] SMARTVTabletPCx64 C:\WINDOWS\System32\drivers\SMARTVTabletPCx64.sys
19:56:54.0444 0x1634  SMARTVTabletPCx64 - detected UnsignedFile.Multi.Generic ( 1 )
19:56:56.0806 0x1634  Detect skipped due to KSN trusted
19:56:56.0806 0x1634  SMARTVTabletPCx64 - ok
19:56:56.0848 0x1634  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
19:56:56.0875 0x1634  smphost - ok
19:56:56.0921 0x1634  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
19:56:56.0959 0x1634  SNMPTRAP - ok
19:56:57.0003 0x1634  [ 33977549C2CED09936E05BEE7659EAFF, EB95C72ED0EAC59A50E6882B2501049191A796542C42414FAF0028907C669B21 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
19:56:57.0044 0x1634  spaceport - ok
19:56:57.0082 0x1634  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
19:56:57.0102 0x1634  SpbCx - ok
19:56:57.0147 0x1634  [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
19:56:57.0235 0x1634  Spooler - ok
19:56:57.0465 0x1634  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
19:56:57.0794 0x1634  sppsvc - ok
19:56:57.0961 0x1634  [ 12E6D95CDE974B131DEFAA44BAB8B056, 3FEF55D97915BDB222E3A60B50D53BBD8D9C0FDFF85EDC025B8EFD33E575E596 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
19:56:58.0028 0x1634  SQLAgent$SQLEXPRESS - ok
19:56:58.0101 0x1634  [ B54B48F6D92423440C264E91225C5FF1, 7484D90CE309555E1FB54F011A2980D8491354223111B7AA16D1D2473570DC19 ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:56:58.0123 0x1634  SQLBrowser - ok
19:56:58.0173 0x1634  [ 6D65985945B03CA59B67D0B73702FC7B, B491EEFBCA2BB1145047AAF6A2DA02B012F3530F8B9306425486462358BD82CA ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:56:58.0192 0x1634  SQLWriter - ok
19:56:58.0235 0x1634  [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
19:56:58.0288 0x1634  srv - ok
19:56:58.0340 0x1634  [ FD163F487CBA9C98AFFEB546C80F49A2, 18DAAD173C0517F7BBF5D0C914302D98931E3BA6DAA36DC91D8DB0743EC40563 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
19:56:58.0395 0x1634  srv2 - ok
19:56:58.0422 0x1634  [ 716059F37BCCB1ABEDE99EBE82E8E362, 05F27B0FABBBC0E324F06D20ABEF51EDA3316C9F7F85C1AD24639CD6DE1BC8AC ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
19:56:58.0453 0x1634  srvnet - ok
19:56:58.0504 0x1634  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
19:56:58.0551 0x1634  SSDPSRV - ok
19:56:58.0589 0x1634  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
19:56:58.0618 0x1634  SstpSvc - ok
19:56:58.0651 0x1634  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
19:56:58.0669 0x1634  ssudmdm - ok
19:56:58.0709 0x1634  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
19:56:58.0727 0x1634  stexstor - ok
19:56:58.0790 0x1634  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
19:56:58.0861 0x1634  stisvc - ok
19:56:58.0919 0x1634  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
19:56:59.0040 0x1634  storahci - ok
19:56:59.0078 0x1634  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
19:56:59.0095 0x1634  storflt - ok
19:56:59.0117 0x1634  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
19:56:59.0171 0x1634  stornvme - ok
19:56:59.0222 0x1634  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
19:56:59.0260 0x1634  StorSvc - ok
19:56:59.0283 0x1634  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
19:56:59.0300 0x1634  storvsc - ok
19:56:59.0338 0x1634  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
19:56:59.0392 0x1634  svsvc - ok
19:56:59.0415 0x1634  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
19:56:59.0432 0x1634  swenum - ok
19:56:59.0542 0x1634  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\WINDOWS\System32\swprv.dll
19:56:59.0621 0x1634  swprv - ok
19:56:59.0683 0x1634  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\WINDOWS\system32\sysmain.dll
19:56:59.0806 0x1634  SysMain - ok
19:56:59.0896 0x1634  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
19:56:59.0950 0x1634  SystemEventsBroker - ok
19:57:00.0010 0x1634  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
19:57:00.0045 0x1634  TabletInputService - ok
19:57:00.0124 0x1634  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
19:57:00.0169 0x1634  TapiSrv - ok
19:57:00.0293 0x1634  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
19:57:00.0448 0x1634  Tcpip - ok
19:57:00.0550 0x1634  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:57:00.0707 0x1634  TCPIP6 - ok
19:57:00.0754 0x1634  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
19:57:00.0788 0x1634  tcpipreg - ok
19:57:00.0822 0x1634  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
19:57:00.0845 0x1634  tdx - ok
19:57:00.0880 0x1634  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
19:57:00.0896 0x1634  terminpt - ok
19:57:00.0960 0x1634  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService     C:\WINDOWS\System32\termsrv.dll
19:57:01.0036 0x1634  TermService - ok
19:57:01.0066 0x1634  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
19:57:01.0102 0x1634  Themes - ok
19:57:01.0136 0x1634  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
19:57:01.0160 0x1634  THREADORDER - ok
19:57:01.0183 0x1634  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
19:57:01.0220 0x1634  TimeBroker - ok
19:57:01.0260 0x1634  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
19:57:01.0286 0x1634  TPM - ok
19:57:01.0312 0x1634  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
19:57:01.0343 0x1634  TrkWks - ok
19:57:01.0405 0x1634  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
19:57:01.0437 0x1634  TrustedInstaller - ok
19:57:01.0459 0x1634  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
19:57:01.0489 0x1634  TsUsbFlt - ok
19:57:01.0511 0x1634  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
19:57:01.0534 0x1634  TsUsbGD - ok
19:57:01.0571 0x1634  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
19:57:01.0608 0x1634  tunnel - ok
19:57:01.0636 0x1634  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
19:57:01.0655 0x1634  uagp35 - ok
19:57:01.0674 0x1634  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
19:57:01.0695 0x1634  UASPStor - ok
19:57:01.0721 0x1634  [ 69CC6087483FCE6AEBF1DF5AE791044F, 64A2699447049F77A4A5469537F81124114978BF356C079B123B79782EDC760A ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
19:57:01.0733 0x1634  UBHelper - ok
19:57:01.0763 0x1634  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
19:57:01.0790 0x1634  UCX01000 - ok
19:57:01.0817 0x1634  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
19:57:01.0854 0x1634  udfs - ok
19:57:01.0884 0x1634  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
19:57:01.0900 0x1634  UEFI - ok
19:57:01.0942 0x1634  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
19:57:01.0974 0x1634  UI0Detect - ok
19:57:01.0990 0x1634  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
19:57:02.0009 0x1634  uliagpkx - ok
19:57:02.0023 0x1634  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
19:57:02.0043 0x1634  umbus - ok
19:57:02.0058 0x1634  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
19:57:02.0082 0x1634  UmPass - ok
19:57:02.0119 0x1634  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
19:57:02.0155 0x1634  UmRdpService - ok
19:57:02.0248 0x1634  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:57:02.0459 0x1634  UNS - ok
19:57:02.0564 0x1634  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
19:57:02.0612 0x1634  upnphost - ok
19:57:02.0638 0x1634  [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
19:57:02.0661 0x1634  usbccgp - ok
19:57:02.0695 0x1634  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
19:57:02.0718 0x1634  usbcir - ok
19:57:02.0753 0x1634  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
19:57:02.0803 0x1634  usbehci - ok
19:57:02.0880 0x1634  [ 93435654DCA210298BA0F986EB51C679, 926313A0499100EA5C49C5EC44BB8FE5F8F2A7F57F3EA56D59DA694F8396A409 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
19:57:02.0916 0x1634  usbhub - ok
19:57:02.0970 0x1634  [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
19:57:03.0009 0x1634  USBHUB3 - ok
19:57:03.0046 0x1634  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
19:57:03.0081 0x1634  usbohci - ok
19:57:03.0099 0x1634  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
19:57:03.0136 0x1634  usbprint - ok
19:57:03.0173 0x1634  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
19:57:03.0193 0x1634  USBSTOR - ok
19:57:03.0224 0x1634  [ C44D96B1CDDE705B23F55AB423CCA73D, AB9842E90DD3D686E66BDBE043EB0068272B611D6F63C818EB9D1B6FE2FE23BD ] USBTINSP        C:\WINDOWS\System32\drivers\tinspusb.sys
19:57:03.0260 0x1634  USBTINSP - ok
19:57:03.0279 0x1634  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
19:57:03.0308 0x1634  usbuhci - ok
19:57:03.0353 0x1634  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
19:57:03.0384 0x1634  usbvideo - ok
19:57:03.0417 0x1634  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
19:57:03.0444 0x1634  USBXHCI - ok
19:57:03.0454 0x1634  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
19:57:03.0473 0x1634  VaultSvc - ok
19:57:03.0537 0x1634  [ 75C78B509E98DADBD219D687B218E81D, B003F2DF61C7F67C7DF04E470EE4493DF484FD15A10AC71E6B18D493B9110460 ] VBoxDrv         C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
19:57:03.0665 0x1634  VBoxDrv - ok
19:57:03.0689 0x1634  [ C41B43417F77FCB2D2D81C9C2B9A85FE, 88EE5D47BFB2A6FE0B5C56479FA3C4B829E8ABCE0FB001C45C42E2E8B4A4EF62 ] VBoxNetAdp      C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys
19:57:03.0704 0x1634  VBoxNetAdp - ok
19:57:03.0727 0x1634  [ 1A7C1EFDF525E481E29A6A0085FDCA82, 748F36A6FD14C23BB7E97D9F01D3A0299EB8C41CE3299BE5C419C021200E7D7D ] VBoxNetLwf      C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys
19:57:03.0745 0x1634  VBoxNetLwf - ok
19:57:03.0778 0x1634  [ 7CA7D2359E2312A288FA8073255AFF2C, 7136D1160857BE3409D424EB79976B7C29917D3A1CBD41046B5110FF2E48B431 ] VBoxUSBMon      C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
19:57:03.0794 0x1634  VBoxUSBMon - ok
19:57:03.0841 0x1634  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
19:57:03.0862 0x1634  vdrvroot - ok
19:57:04.0396 0x1634  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\WINDOWS\System32\vds.exe
19:57:04.0536 0x1634  vds - ok
19:57:04.0579 0x1634  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
19:57:04.0601 0x1634  VerifierExt - ok
19:57:04.0768 0x1634  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
19:57:04.0807 0x1634  vhdmp - ok
19:57:04.0819 0x1634  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
19:57:04.0833 0x1634  viaide - ok
19:57:04.0879 0x1634  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
19:57:04.0901 0x1634  vmbus - ok
19:57:04.0922 0x1634  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
19:57:04.0947 0x1634  VMBusHID - ok
19:57:05.0004 0x1634  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
19:57:05.0061 0x1634  vmicguestinterface - ok
19:57:05.0134 0x1634  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
19:57:05.0181 0x1634  vmicheartbeat - ok
19:57:05.0206 0x1634  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
19:57:05.0267 0x1634  vmickvpexchange - ok
19:57:05.0294 0x1634  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
19:57:05.0346 0x1634  vmicrdv - ok
19:57:05.0377 0x1634  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
19:57:05.0421 0x1634  vmicshutdown - ok
19:57:05.0452 0x1634  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
19:57:05.0492 0x1634  vmictimesync - ok
19:57:05.0511 0x1634  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
19:57:05.0547 0x1634  vmicvss - ok
19:57:05.0570 0x1634  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
19:57:05.0591 0x1634  volmgr - ok
19:57:05.0616 0x1634  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
19:57:05.0649 0x1634  volmgrx - ok
19:57:05.0808 0x1634  [ 4BB9BC49DEE1A319EC58274A7BBED663, 624491089623A5B68C01A6A000E60D450E8E467619ACEBB90C6FDED0CF670F95 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
19:57:05.0856 0x1634  volsnap - ok
19:57:05.0897 0x1634  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
19:57:05.0927 0x1634  vpci - ok
19:57:05.0984 0x1634  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
19:57:06.0006 0x1634  vsmraid - ok
19:57:06.0079 0x1634  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\WINDOWS\system32\vssvc.exe
19:57:06.0169 0x1634  VSS - ok
19:57:06.0199 0x1634  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
19:57:06.0228 0x1634  VSTXRAID - ok
19:57:06.0290 0x1634  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
19:57:06.0326 0x1634  vwifibus - ok
19:57:06.0367 0x1634  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
19:57:06.0404 0x1634  vwififlt - ok
19:57:06.0427 0x1634  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
19:57:06.0447 0x1634  vwifimp - ok
19:57:06.0481 0x1634  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
19:57:06.0527 0x1634  W32Time - ok
19:57:06.0547 0x1634  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
19:57:06.0567 0x1634  WacomPen - ok
19:57:06.0650 0x1634  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
19:57:06.0745 0x1634  wbengine - ok
19:57:06.0796 0x1634  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
19:57:06.0858 0x1634  WbioSrvc - ok
19:57:06.0883 0x1634  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
19:57:06.0924 0x1634  Wcmsvc - ok
19:57:06.0961 0x1634  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
19:57:07.0014 0x1634  wcncsvc - ok
19:57:07.0028 0x1634  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
19:57:07.0064 0x1634  WcsPlugInService - ok
19:57:07.0090 0x1634  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
19:57:07.0106 0x1634  WdBoot - ok
19:57:07.0173 0x1634  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
19:57:07.0230 0x1634  Wdf01000 - ok
19:57:07.0261 0x1634  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
19:57:07.0291 0x1634  WdFilter - ok
19:57:07.0329 0x1634  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
19:57:07.0374 0x1634  WdiServiceHost - ok
19:57:07.0383 0x1634  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
19:57:07.0429 0x1634  WdiSystemHost - ok
19:57:07.0459 0x1634  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
19:57:07.0479 0x1634  WdNisDrv - ok
19:57:07.0512 0x1634  WdNisSvc - ok
19:57:07.0550 0x1634  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\WINDOWS\System32\webclnt.dll
19:57:07.0606 0x1634  WebClient - ok
19:57:07.0626 0x1634  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
19:57:07.0677 0x1634  Wecsvc - ok
19:57:07.0699 0x1634  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
19:57:07.0742 0x1634  WEPHOSTSVC - ok
19:57:07.0781 0x1634  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
19:57:07.0829 0x1634  wercplsupport - ok
19:57:07.0851 0x1634  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
19:57:07.0893 0x1634  WerSvc - ok
19:57:07.0918 0x1634  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
19:57:07.0940 0x1634  WFPLWFS - ok
19:57:07.0956 0x1634  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
19:57:07.0988 0x1634  WiaRpc - ok
19:57:07.0999 0x1634  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
19:57:08.0017 0x1634  WIMMount - ok
19:57:08.0021 0x1634  WinDefend - ok
19:57:08.0081 0x1634  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
19:57:08.0148 0x1634  WinHttpAutoProxySvc - ok
19:57:08.0198 0x1634  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
19:57:08.0226 0x1634  Winmgmt - ok
19:57:08.0325 0x1634  [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
19:57:08.0459 0x1634  WinRM - ok
19:57:08.0514 0x1634  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
19:57:08.0534 0x1634  WinUsb - ok
19:57:08.0616 0x1634  [ EF252510DB6C3511E30418BD2AC95A2D, 75B496F5C611129D9D19B382503830FDB0E2E61D4880D2821AE381DF578C5E56 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
19:57:08.0694 0x1634  WlanSvc - ok
19:57:08.0764 0x1634  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
19:57:08.0848 0x1634  wlidsvc - ok
19:57:08.0879 0x1634  [ 810D99C5DB8A44D1E3733B93DAACB65A, 98AFD5FCAB54B4235856A293C106B59C5A093ED102BAE759EC9D03396A5ECA2C ] wmbclass        C:\WINDOWS\system32\DRIVERS\wmbclass.sys
19:57:08.0934 0x1634  wmbclass - ok
19:57:08.0970 0x1634  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
19:57:08.0986 0x1634  WmiAcpi - ok
19:57:09.0039 0x1634  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
19:57:09.0074 0x1634  wmiApSrv - ok
19:57:09.0102 0x1634  WMPNetworkSvc - ok
19:57:09.0132 0x1634  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
19:57:09.0154 0x1634  Wof - ok
19:57:09.0244 0x1634  [ 5071E71CC05346D88C5A08EB8B5A05E3, EA2B14130EDD1846B2E25D310B0D49253CFB43C22D3DC7B3179DF7349CC4AEFB ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
19:57:09.0340 0x1634  workfolderssvc - ok
19:57:09.0375 0x1634  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
19:57:09.0392 0x1634  wpcfltr - ok
19:57:09.0422 0x1634  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
19:57:09.0482 0x1634  WPCSvc - ok
19:57:09.0495 0x1634  [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
19:57:09.0547 0x1634  WPDBusEnum - ok
19:57:09.0576 0x1634  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
19:57:09.0589 0x1634  WpdUpFltr - ok
19:57:09.0616 0x1634  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
19:57:09.0638 0x1634  ws2ifsl - ok
19:57:09.0674 0x1634  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
19:57:09.0714 0x1634  wscsvc - ok
19:57:09.0720 0x1634  WSearch - ok
19:57:09.0867 0x1634  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\WINDOWS\System32\WSService.dll
19:57:10.0054 0x1634  WSService - ok
19:57:10.0209 0x1634  [ 4BD3138EF061E24F9FDC722B49274B40, F9339F6AA8822E5E1334E41BE4140F9E8E5B24D1CD85B4C746D714AFDD485B49 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
19:57:10.0396 0x1634  wuauserv - ok
19:57:10.0442 0x1634  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
19:57:10.0485 0x1634  WudfPf - ok
19:57:10.0528 0x1634  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
19:57:10.0549 0x1634  WUDFRd - ok
19:57:10.0594 0x1634  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP    C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:57:10.0621 0x1634  WUDFSensorLP - ok
19:57:10.0648 0x1634  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
19:57:10.0670 0x1634  wudfsvc - ok
19:57:10.0685 0x1634  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:57:10.0708 0x1634  WUDFWpdFs - ok
19:57:10.0717 0x1634  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:57:10.0739 0x1634  WUDFWpdMtp - ok
19:57:10.0788 0x1634  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
19:57:10.0848 0x1634  WwanSvc - ok
19:57:10.0892 0x1634  [ BB1842E3AA602B401F7692718B0D0F9A, 6DE508F6CC917D046E61730706C70EF2965B12A7A31F180C22DF8BFA30C0CF67 ] ZAtheros Wlan Agent C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
19:57:10.0905 0x1634  ZAtheros Wlan Agent - detected UnsignedFile.Multi.Generic ( 1 )
19:57:13.0274 0x1634  Detect skipped due to KSN trusted
19:57:13.0274 0x1634  ZAtheros Wlan Agent - ok
19:57:13.0293 0x1634  ================ Scan global ===============================
19:57:13.0370 0x1634  [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\WINDOWS\system32\basesrv.dll
19:57:13.0446 0x1634  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
19:57:13.0513 0x1634  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
19:57:13.0571 0x1634  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
19:57:13.0604 0x1634  [ Global ] - ok
19:57:13.0604 0x1634  ================ Scan MBR ==================================
19:57:13.0618 0x1634  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
19:57:13.0708 0x1634  \Device\Harddisk0\DR0 - ok
19:57:13.0708 0x1634  ================ Scan VBR ==================================
19:57:13.0712 0x1634  [ D03DC24BCF9818ABE6C4944239407D1E ] \Device\Harddisk0\DR0\Partition1
19:57:13.0740 0x1634  \Device\Harddisk0\DR0\Partition1 - ok
19:57:13.0754 0x1634  [ 60C0AE69B9F8378C21E595FE5EE9711C ] \Device\Harddisk0\DR0\Partition2
19:57:13.0768 0x1634  \Device\Harddisk0\DR0\Partition2 - ok
19:57:13.0785 0x1634  [ FFAD4BA8A844DD0E08C3E63F592A565A ] \Device\Harddisk0\DR0\Partition3
19:57:13.0785 0x1634  \Device\Harddisk0\DR0\Partition3 - ok
19:57:13.0801 0x1634  [ EFC76ED9DF7F8C1429BF0E1AE370978E ] \Device\Harddisk0\DR0\Partition4
19:57:13.0809 0x1634  \Device\Harddisk0\DR0\Partition4 - ok
19:57:13.0832 0x1634  [ 94AC5131977264F814758093BCD5660D ] \Device\Harddisk0\DR0\Partition5
19:57:13.0840 0x1634  \Device\Harddisk0\DR0\Partition5 - ok
19:57:13.0850 0x1634  [ B2FFEDC0FF5B095315B60817C396F63E ] \Device\Harddisk0\DR0\Partition6
19:57:13.0858 0x1634  \Device\Harddisk0\DR0\Partition6 - ok
19:57:13.0859 0x1634  ================ Scan generic autorun ======================
19:57:13.0919 0x1634  [ 1E2A1B886B7804FE9CC0D6E6F16A70E8, 6056FF391870CAF422E47CB4F16B43C5F4C58EEE29E769242C211C334ECFB104 ] C:\Program Files\Apoint2K\Apoint.exe
19:57:13.0946 0x1634  Apoint - ok
19:57:14.0469 0x1634  [ B0666DF6D554879AE8A7C91E26A5972F, 81112CFA81E26C388D36F0472A4983728AFE4C4C04910849AF22C191E206CF39 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
19:57:14.0853 0x1634  RtHDVCpl - ok
19:57:14.0933 0x1634  [ 5E53A66C680A06E26B1234CB0C3CD99B, D782E724FF487459704BFA2BC5BA5E6E7E85BC9D71ECF68BE78F9C74449EB207 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
19:57:14.0978 0x1634  RtHDVBg_Dolby - ok
19:57:15.0017 0x1634  [ 21B21AB05ABDB4DC64D2C1D21155D402, FEEB04089BA3471F50144857A32A76EB8F26AC142462FDA23444EA9C7CC662B4 ] C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe
19:57:15.0047 0x1634  BtPreLoad - detected UnsignedFile.Multi.Generic ( 1 )
19:57:17.0478 0x1634  Detect skipped due to KSN trusted
19:57:17.0478 0x1634  BtPreLoad - ok
19:57:17.0558 0x1634  [ 50D1476C84446135A990F4939DC2DC1D, D062F92863E32EC075BD672F3C185CE8C9329F8B679D5508C396131B1DB30EF7 ] C:\Dolby PCEE4\pcee4.exe
19:57:17.0587 0x1634  Dolby Home Theater v4 - ok
19:57:17.0652 0x1634  [ 3CB07566302BCEEB898DE270A0BEC175, B234D1044D8702A0929BB48F729EB5078B44AA7CD574B6482633B51289E70200 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
19:57:17.0704 0x1634  Adobe ARM - ok
19:57:17.0754 0x1634  [ 94A4D6915D4F572309DF6137E1846528, E46BDF83CAA6683AA655DBA3D2C8DC7AC06251E952466A20CFDA3A16B1840455 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
19:57:17.0766 0x1634  APSDaemon - ok
19:57:17.0814 0x1634  [ 79C28DDF889C26FDD6162F796FD49BC4, C1E2468B4F0F52BD707D16656F33CC438AF8E18A38BB6CFB64D11F23993F72F0 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
19:57:17.0831 0x1634  iTunesHelper - ok
19:57:18.0032 0x1634  [ 21B8FAAFA5CCD89663AAD5833ABF4B35, DE46AD49AE1ED34697EE387BB77E73BCD7DA60E6063E02660021A9C2EA3C0801 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
19:57:18.0221 0x1634  AvastUI.exe - ok
19:57:18.0441 0x1634  [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
19:57:18.0581 0x1634  SDTray - ok
19:57:18.0669 0x1634  [ 9AC10DF42CC1E811BB8608A0B609A7D0, 8337D83D40E5FA5A38109F3C4E6AF217AA4D112E9174FC2E5662A0DE77249F63 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:57:18.0696 0x1634  SunJavaUpdateSched - ok
19:57:18.0753 0x1634  Dropbox - ok
19:57:18.0824 0x1634  [ 2A65AE735E0C439762072787AD61FA07, 19E4A96924BBD51F45DD5D34D18B16D614779F508B3DF5895DF2218043BEF0E0 ] C:\Program Files (x86)\Windows Mail\wab.exe
19:57:18.0878 0x1634  WAB Migrate - ok
19:57:19.0004 0x1634  [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Users\Ich\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
19:57:19.0029 0x1634  AmazonMP3DownloaderHelper - ok
19:57:19.0083 0x1634  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Ich\AppData\Local\Google\Update\GoogleUpdate.exe
19:57:19.0097 0x1634  Google Update - ok
19:57:19.0235 0x1634  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
19:57:19.0281 0x1634  SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
19:57:21.0724 0x1634  Detect skipped due to KSN trusted
19:57:21.0724 0x1634  SpybotPostWindows10UpgradeReInstall - ok
19:57:21.0816 0x1634  Skype - ok
19:57:21.0819 0x1634  Waiting for KSN requests completion. In queue: 156
19:57:22.0819 0x1634  Waiting for KSN requests completion. In queue: 156
19:57:23.0820 0x1634  Waiting for KSN requests completion. In queue: 156
19:57:24.0881 0x1634  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
19:57:24.0891 0x1634  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2018.391 ), 0x41000 ( enabled : updated )
19:57:24.0895 0x1634  Win FW state via NFP2: enabled ( trusted )
19:57:27.0286 0x1634  ============================================================
19:57:27.0286 0x1634  Scan finished
19:57:27.0286 0x1634  ============================================================
19:57:27.0294 0x1630  Detected object count: 0
19:57:27.0294 0x1630  Actual detected object count: 0
         
Danke! MfG John


Alt 28.11.2015, 13:18   #6
M-K-D-B
/// TB-Ausbilder
 
watch4 virus - Standard

watch4 virus



Servus,








Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.
__________________
--> watch4 virus

Alt 28.11.2015, 15:45   #7
xJohnDoe
 
watch4 virus - Standard

watch4 virus



Hallo, hier ist das Log vom ADW-Cleaner
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v5.022 - Bericht erstellt am 28/11/2015 um 14:21:42
# Aktualisiert am 22/11/2015 von Xplode
# Datenbank : 2015-11-22.2 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Ich - MEINPC
# Gestartet von : C:\Users\Ich\Desktop\AdwCleaner_5.022.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\ext_piccshare
[-] Ordner Gelöscht : C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh
[-] Ordner Gelöscht : C:\Users\Ich\AppData\LocalLow\Internet Explorer BHO

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.search.ask.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.search.ask.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C32F5BF7-6918-4F78-A97A-53CDF7D07C8C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C32F5BF7-6918-4F78-A97A-53CDF7D07C8C}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C32F5BF7-6918-4F78-A97A-53CDF7D07C8C}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C32F5BF7-6918-4F78-A97A-53CDF7D07C8C}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\WEDLMNGR
[-] Schlüssel Gelöscht : HKCU\Software\DownLite
[-] Schlüssel Gelöscht : HKCU\Software\Squeaky
[-] Schlüssel Gelöscht : HKCU\Software\Snoozer
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\hosts
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Foxy Secure
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739

***** [ Internetbrowser ] *****

[-] [C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : trovi.search
[-] [C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : oiokahphinmbmakkehgelkmpolmnbkdh

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [4134 Bytes] ##########
         
--- --- ---


Hier von MBAM
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 28.11.2015
Suchlaufzeit: 14:30
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.11.28.02
Rootkit-Datenbank: v2015.11.26.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Ich

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 430817
Abgelaufene Zeit: 31 Min., 5 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 3
PUP.Optional.Zulu, C:\Users\Ich\Downloads\dev c setup.exe, In Quarantäne, [b0b280034d3efc3a3dbc0bf17291c53b], 
PUP.Optional.Downloader, C:\Users\Ich\Downloads\AdwCleaner - CHIP-Installer.exe, In Quarantäne, [3f231e656d1e3cfa59fb37e470909c64], 
PUP.Optional.OpenCandy, C:\Users\Ich\Downloads\CheatEngine63.exe, In Quarantäne, [3032552eb9d2ac8a7c56c3f2f60bd12f], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
JRT:

Code:
ATTFilter
Operating System: Windows 8.1 x64 
Ran by Ich (Administrator) on 28.11.2015 at 15:14:47,08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 


Deleted the following from C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default\prefs.js
user_pref(browser.startup.homepage, hxxps://startpage.com/deu/make-startpage-your-homepage.html?&hmb=1);



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.11.2015 at 15:20:16,65
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Das hier ist das FRST-LOG


FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-11-2015
durchgeführt von Ich (Administrator) auf MEINPC (28-11-2015 15:28:20)
Gestartet von C:\Users\Ich\Desktop
Geladene Profile: UpdatusUser & Ich (Verfügbare Profile: UpdatusUser & Ich)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [655256 2012-08-24] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-10] ()
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-08] (AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36713096 2015-11-05] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3959979219-1793462969-950886862-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Ich\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\Run: [Google Update] => C:\Users\Ich\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50515584 2015-11-17] (Skype Technologies S.A.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-05-12] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-09-03]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-11-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.226\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013-03-04]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKU\S-1-5-21-3959979219-1793462969-950886862-1002\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2B04F56E-A692-425A-A59D-4E154188ECB6}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\Software\Microsoft\Internet Explorer\Main,Start Page Before = hxxp://acer13.msn.com
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3959979219-1793462969-950886862-1002 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-11-11] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10] (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-05-12] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-11-11] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-12] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default
FF DefaultSearchEngine: Ecosia
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF SearchEngineOrder.1: Bing (Microsoft)
FF SelectedSearchEngine: Ecosia
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll [2013-11-23] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-11-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-11-11] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll [2013-11-23] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-04-11] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3959979219-1793462969-950886862-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Ich\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3959979219-1793462969-950886862-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Ich\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF SearchPlugin: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default\searchplugins\ecosia.xml [2015-10-16]
FF SearchPlugin: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default\searchplugins\startpage---deutsch.xml [2015-09-26]
FF Extension: Battlefield Heroes Updater - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default\extensions\battlefieldheroespatcher@ea.com [2014-05-13] [ist nicht signiert]
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-12] [ist nicht signiert]
FF Extension: ProxTube - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2015-04-15] [ist nicht signiert]
FF Extension: Ecosia — The search engine that plants trees! - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2015-10-16]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=AV01
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=AV01"
CHR Plugin: (Shockwave Flash) - C:\Users\Ich\AppData\Local\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Users\Ich\AppData\Local\Google\Chrome\Application\46.0.2490.80\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Ich\AppData\Local\Google\Chrome\Application\46.0.2490.80\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\Ich\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll => Keine Datei
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Ich\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => Keine Datei
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Ich\AppData\Roaming\Mozilla\plugins\npo1d.dll => Keine Datei
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll => Keine Datei
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Users\Ich\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL => Keine Datei
CHR Profile: C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-09-26]
CHR Extension: (Google Drive) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-07]
CHR Extension: (Battlefield Heroes) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2013-06-09]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-07]
CHR Extension: (Avast Online Security) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-07]
CHR Extension: (Skype Click to Call) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-09-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-07]
CHR Extension: (Amazon) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2015-02-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Ich\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-08-10]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-12] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-02] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-02] (Dropbox, Inc.)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.226\McCHSvc.exe [289256 2015-10-30] (McAfee, Inc.)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-08-28] ()
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-25] (Dritek System INC.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-07-31] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-12] ()
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R2 IntelHaxm; C:\Windows\system32\DRIVERS\IntelHaxm.sys [84992 2015-01-30] (Intel  Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-25] (Dritek System Inc.)
S3 SMARTMouseFilterx64; C:\Windows\System32\drivers\SMARTMouseFilterx64.sys [10240 2013-10-18] (SMART Technologies) [Datei ist nicht signiert]
S3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\drivers\SMARTVHidMiniVistaAmd64.sys [9216 2013-10-18] (SMART Technologies) [Datei ist nicht signiert]
S3 SMARTVTabletPCx64; C:\Windows\System32\drivers\SMARTVTabletPCx64.sys [22184 2013-10-18] (SMART Technologies ULC) [Datei ist nicht signiert]
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146072 2015-09-08] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wmbclass; C:\Windows\system32\DRIVERS\wmbclass.sys [268288 2014-03-18] (Microsoft Corporation)
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-28 15:28 - 2015-11-28 15:28 - 00000000 ____D C:\Users\Ich\Desktop\FRST-OlderVersion
2015-11-28 15:20 - 2015-11-28 15:20 - 00000757 _____ C:\Users\Ich\Desktop\JRT.txt
2015-11-28 15:12 - 2015-11-28 15:12 - 01599336 _____ (Malwarebytes) C:\Users\Ich\Desktop\JRT.exe
2015-11-28 14:27 - 2015-11-28 14:27 - 22908888 _____ (Malwarebytes ) C:\Users\Ich\Desktop\mbam-setup-2.2.0.1024.exe
2015-11-28 14:24 - 2015-11-28 14:24 - 00004248 _____ C:\Users\Ich\Desktop\AdwCleaner[C4].txt
2015-11-28 14:15 - 2015-11-28 14:15 - 01733632 _____ C:\Users\Ich\Desktop\AdwCleaner_5.022.exe
2015-11-27 19:55 - 2015-11-27 20:30 - 00245158 _____ C:\TDSSKiller.3.1.0.6_27.11.2015_19.55.24_log.txt
2015-11-27 19:44 - 2015-11-27 19:48 - 00055190 _____ C:\Users\Ich\Desktop\Addition.txt
2015-11-27 19:42 - 2015-11-28 15:28 - 00030263 _____ C:\Users\Ich\Desktop\FRST.txt
2015-11-27 19:42 - 2015-11-28 15:28 - 00000000 ____D C:\FRST
2015-11-27 19:41 - 2015-11-28 15:28 - 02349056 _____ (Farbar) C:\Users\Ich\Desktop\FRST64.exe
2015-11-27 19:41 - 2015-11-27 19:41 - 04397752 _____ (Kaspersky Lab ZAO) C:\Users\Ich\Desktop\tdsskiller.exe
2015-11-26 16:49 - 2015-11-26 16:49 - 00352398 _____ C:\Users\Ich\Downloads\S35C-115112610570.pdf
2015-11-25 22:32 - 2015-11-28 14:04 - 00000000 ____D C:\Users\Ich\Desktop\Javaprogrammierung
2015-11-24 22:19 - 2015-11-24 22:23 - 00000000 ____D C:\Users\Ich\Desktop\JavDoc
2015-11-20 23:38 - 2015-11-20 23:38 - 00002018 _____ C:\Users\UpdatusUser\Desktop\Gothic Multiplayer.lnk
2015-11-20 23:38 - 2015-11-20 23:38 - 00002018 _____ C:\Users\Ich\Desktop\Gothic Multiplayer.lnk
2015-11-20 23:38 - 2015-11-20 23:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gothic Multiplayer
2015-11-20 23:37 - 2015-11-20 23:37 - 05152599 _____ C:\Users\Ich\Downloads\gmp.exe
2015-11-17 18:16 - 2015-11-17 18:16 - 00104217 _____ C:\Users\Ich\Downloads\FHL_WS15_DBPra_05.pdf
2015-11-16 21:57 - 2015-11-16 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-11-16 21:57 - 2015-11-16 21:57 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-11-16 00:14 - 2015-11-16 00:14 - 00009334 _____ C:\Users\Ich\Desktop\sakila_statements.sql
2015-11-12 19:12 - 2015-11-12 19:12 - 15897561 _____ C:\Users\Ich\Desktop\Unit_03.pdf
2015-11-11 08:50 - 2015-11-11 08:50 - 00000809 _____ C:\Users\Ich\Desktop\eclipse.exe - Verknüpfung.lnk
2015-11-11 08:42 - 2015-11-11 08:42 - 00000000 ____D C:\Users\Ich\Desktop\eclipse-jee-mars-1-win32-x86_64
2015-11-11 08:41 - 2015-11-11 08:42 - 288024166 _____ C:\Users\Ich\Downloads\eclipse-jee-mars-1-win32-x86_64.zip
2015-11-11 08:20 - 2015-11-11 08:20 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-11-11 08:19 - 2015-11-11 08:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-11-11 08:07 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 08:07 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 08:07 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-11-11 08:07 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-11-11 08:07 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 08:07 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 08:07 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-11-11 08:07 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 08:07 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-11-11 08:07 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 08:07 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-11-11 08:07 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-11-11 08:07 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 08:07 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-11-11 08:07 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-11-11 08:07 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-11-11 08:07 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-11-11 08:07 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 08:07 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 08:07 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-11-11 08:07 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-11-11 08:07 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 08:07 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-11-11 08:07 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-11-11 08:07 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-11-11 08:07 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-11-11 08:07 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-11-11 08:07 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-11-11 08:07 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-11-11 08:07 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-11-11 08:07 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-11-11 08:07 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-11-11 08:07 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-11-11 08:07 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-11-11 08:07 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-11-11 08:07 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 08:07 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 08:07 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 08:07 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-11-11 08:07 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-11-11 08:07 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-11-11 08:07 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-11-11 08:07 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 08:07 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 08:07 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2015-11-11 08:07 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2015-11-11 08:07 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2015-11-11 08:07 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2015-11-11 08:07 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2015-11-11 08:07 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2015-11-11 08:07 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-11-11 08:07 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-11-11 08:07 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-11-11 08:07 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-11-11 08:07 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-11-11 08:07 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-11-11 08:07 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-11-11 08:07 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-11-11 08:07 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-11-11 08:07 - 2015-09-29 13:24 - 00155480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2015-11-11 08:07 - 2015-09-12 14:47 - 00414559 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-11-11 08:07 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-11-11 08:07 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-11-11 08:07 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-11-11 08:07 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-11-11 08:07 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2015-11-11 08:07 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-11-11 08:07 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-11-11 08:07 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-11-11 08:07 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-11-11 08:07 - 2014-10-29 02:21 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHostProxy.dll
2015-11-11 08:07 - 2014-10-29 01:40 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2015-11-11 08:07 - 2014-10-29 01:34 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2015-11-11 08:06 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-11-11 08:06 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-11-11 08:06 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-11-11 08:06 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-11-11 08:06 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-11-11 08:06 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-11-11 08:06 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-11-11 08:06 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-11-11 01:05 - 2015-11-11 01:05 - 00000000 _____ C:\Users\Ich\where
2015-11-11 01:01 - 2015-11-11 01:01 - 00005689 _____ C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jdk-8u60-windows-x64.lnk
2015-11-09 21:04 - 2015-11-09 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-09 18:38 - 2015-11-09 18:38 - 01255099 _____ C:\Users\Ich\Desktop\M1-KIMESAINF-stud.pdf
2015-11-08 16:32 - 2015-07-28 02:09 - 00987848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-11-08 16:32 - 2015-07-28 02:09 - 00484552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2015-11-08 16:32 - 2015-07-28 02:08 - 00993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-11-08 16:32 - 2015-07-28 02:08 - 00690016 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2015-11-07 19:43 - 2015-06-22 07:31 - 00027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-11-07 19:43 - 2015-06-22 07:30 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-11-07 19:40 - 2015-11-07 19:40 - 00000000 ____D C:\ProgramData\VsTelemetry
2015-11-07 19:39 - 2015-11-07 19:39 - 02987408 _____ (Microsoft Corporation) C:\Users\Ich\Downloads\wdexpress_full.exe
2015-11-07 19:25 - 2015-11-07 19:25 - 05633578 _____ C:\Users\Ich\Downloads\guc2081(1).zip
2015-11-07 19:25 - 2015-11-07 19:25 - 00000000 ____D C:\Users\Ich\Desktop\guc2081(1)
2015-11-07 11:46 - 2015-11-07 11:46 - 00001764 _____ C:\Users\Ich\Desktop\GO_Launcher.exe - Verknüpfung.lnk
2015-11-07 01:38 - 2015-11-07 01:38 - 00000000 ____D C:\Users\Ich\Desktop\Gothic Online 0.1b dev 5 Server for Win32
2015-11-07 01:36 - 2015-11-07 01:36 - 00001259 _____ C:\Users\Ich\Desktop\Gothic 2 Online.lnk
2015-11-07 01:31 - 2015-11-07 01:31 - 02021388 _____ C:\Users\Ich\Desktop\Gothic Online 0.1b dev 5 Server for Win32.zip
2015-11-07 01:30 - 2015-11-07 01:30 - 11741448 _____ (GO Team ) C:\Users\Ich\Desktop\G2O_021015.exe
2015-11-06 17:00 - 2015-11-06 17:00 - 00003184 _____ C:\Users\Ich\Desktop\NUMMERN.abw
2015-11-04 14:57 - 2015-11-08 19:26 - 00000000 ____D C:\Users\Ich\Desktop\sakila-db
2015-11-04 14:57 - 2015-11-04 14:58 - 00000000 ____D C:\Users\Ich\Downloads\sakila-db
2015-11-04 14:57 - 2015-11-04 14:57 - 00741576 _____ C:\Users\Ich\Downloads\sakila-db.zip
2015-11-04 14:57 - 2015-11-04 14:57 - 00092038 _____ C:\Users\Ich\Downloads\FHL_WS15_DBPra_04.pdf
2015-11-04 12:14 - 2015-11-04 12:14 - 00088968 _____ C:\Users\Ich\Downloads\uebungen_2.pdf
2015-11-02 17:55 - 2015-11-28 15:07 - 00001246 _____ C:\Users\Ich\Desktop\Dropbox.lnk
2015-11-02 17:55 - 2015-11-28 15:07 - 00000000 ___RD C:\Users\Ich\Dropbox
2015-11-02 17:52 - 2015-11-28 15:05 - 00001218 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-11-02 17:52 - 2015-11-28 14:57 - 00001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-11-02 17:52 - 2015-11-09 21:05 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-11-02 17:52 - 2015-11-02 17:52 - 00004194 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2015-11-02 17:52 - 2015-11-02 17:52 - 00003958 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2015-11-02 17:52 - 2015-11-02 17:52 - 00000000 ____D C:\Users\Ich\AppData\Local\Dropbox
2015-11-02 17:52 - 2015-11-02 17:52 - 00000000 ____D C:\ProgramData\Dropbox
2015-11-02 17:51 - 2015-11-02 17:51 - 00660960 _____ (Dropbox, Inc.) C:\Users\Ich\Downloads\DropboxInstaller.exe
2015-11-02 17:04 - 2015-11-02 17:23 - 00001195 _____ C:\Users\Ich\Desktop\sfmlAPI.txt
2015-11-02 11:28 - 2015-11-02 11:28 - 00000383 _____ C:\ftconfig.ini
2015-11-01 11:34 - 2015-11-01 11:34 - 10892026 _____ C:\Users\Ich\Downloads\SFML-2.1-windows-vc10-32bits.zip
2015-11-01 11:34 - 2015-11-01 11:34 - 00000000 ____D C:\Users\Ich\Desktop\SFML-2.1-windows-vc10-32bits
2015-11-01 10:11 - 2015-11-01 10:11 - 00034914 _____ C:\Users\Ich\Downloads\GOL.rar
2015-11-01 10:11 - 2015-11-01 10:11 - 00000000 ____D C:\Users\Ich\Downloads\GOL
2015-10-31 21:11 - 2015-10-31 21:11 - 00000000 ____D C:\Users\Ich\AppData\Roaming\Smokin' Guns
2015-10-31 21:10 - 2015-10-31 21:11 - 00000000 ____D C:\Program Files (x86)\Smokin' Guns
2015-10-31 21:10 - 2015-10-31 21:10 - 00001061 _____ C:\Users\Public\Desktop\Smokin' Guns.lnk
2015-10-31 21:10 - 2015-10-31 21:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smokin' Guns
2015-10-31 21:07 - 2015-10-31 21:09 - 409494295 _____ (Smokin' Guns Productions ) C:\Users\Ich\Downloads\Smokin_Guns_1.1.exe
2015-10-29 21:44 - 2015-10-29 21:44 - 00001246 _____ C:\Users\Ich\Desktop\statements.sql
2015-10-29 20:22 - 2015-10-29 20:23 - 00076971 _____ C:\Users\Ich\Downloads\FHL_WS15_DBPra_02.pdf
2015-10-29 17:45 - 2015-10-29 17:45 - 00075252 _____ C:\Users\Ich\Downloads\FHL_WS15_DBPra_03.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-28 15:23 - 2013-01-02 12:27 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3959979219-1793462969-950886862-1002UA.job
2015-11-28 15:08 - 2014-08-22 12:11 - 00000000 ___DO C:\Users\Ich\OneDrive
2015-11-28 15:07 - 2014-05-12 17:34 - 00000000 ____D C:\Users\Ich\AppData\Roaming\Dropbox
2015-11-28 15:05 - 2015-09-09 17:12 - 00000091 _____ C:\HaxLogs.txt
2015-11-28 15:04 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-28 15:03 - 2013-11-23 15:42 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-28 14:47 - 2012-12-13 17:40 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3959979219-1793462969-950886862-1002
2015-11-28 14:29 - 2014-05-14 13:48 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-28 14:28 - 2014-05-14 13:47 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-11-28 14:27 - 2014-05-14 13:47 - 00001118 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-11-28 14:27 - 2014-05-14 13:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-28 14:26 - 2013-02-09 14:18 - 00000000 ____D C:\Users\Ich\AppData\Roaming\AbiSuite
2015-11-28 14:22 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-28 14:21 - 2014-05-30 10:50 - 00000000 ____D C:\AdwCleaner
2015-11-28 14:14 - 2012-12-13 18:01 - 00000000 ____D C:\Users\Ich\AppData\Roaming\Skype
2015-11-28 13:54 - 2015-08-20 12:14 - 00000000 ____D C:\Users\Ich\workspace
2015-11-28 13:10 - 2015-09-10 08:36 - 00000000 ____D C:\Users\Ich\.p2
2015-11-28 13:10 - 2015-08-20 12:14 - 00000000 ____D C:\Users\Ich\AppData\Local\Eclipse
2015-11-28 10:06 - 2015-02-21 16:13 - 00003914 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{536408FC-A54F-4099-B525-5A19EAC9FC4E}
2015-11-27 21:02 - 2015-10-26 21:23 - 00000327 _____ C:\Users\Ich\Desktop\h.txt
2015-11-27 19:46 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-11-27 16:42 - 2014-05-12 17:23 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-11-26 22:32 - 2013-10-11 15:21 - 00000000 ____D C:\Users\Ich\AppData\Roaming\vlc
2015-11-25 19:42 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2015-11-24 22:44 - 2014-03-18 11:03 - 01960188 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-24 22:44 - 2014-03-18 10:25 - 00830894 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-24 22:44 - 2014-03-18 10:25 - 00183768 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-22 10:24 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-21 15:36 - 2014-08-22 14:11 - 00997888 ___SH C:\Users\Ich\Desktop\Thumbs.db
2015-11-21 11:03 - 2012-12-13 18:01 - 00000000 ____D C:\ProgramData\Skype
2015-11-20 09:36 - 2015-09-19 14:22 - 00000000 ____D C:\Users\Ich\Desktop\Musik_Zum_Coden
2015-11-16 21:57 - 2013-03-09 21:57 - 00001954 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-11-15 22:15 - 2015-09-17 15:38 - 00000000 ____D C:\Users\Ich\Desktop\GhanaS
2015-11-13 18:57 - 2013-08-21 17:07 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-13 18:51 - 2012-12-15 12:01 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-11 23:47 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2015-11-11 14:13 - 2013-08-22 15:44 - 00377592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-11 09:35 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-11-11 08:41 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-11 08:20 - 2015-08-20 07:57 - 00000000 ____D C:\Program Files\Java
2015-11-11 08:20 - 2013-10-31 08:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-11 08:09 - 2015-08-20 07:38 - 00000000 ____D C:\Users\Ich\.oracle_jre_usage
2015-11-11 01:05 - 2014-08-22 10:57 - 00000000 ____D C:\Users\Ich
2015-11-09 22:33 - 2014-10-30 14:15 - 00165888 ___SH C:\Users\Ich\Downloads\Thumbs.db
2015-11-09 22:32 - 2014-08-22 13:39 - 01906688 ___SH C:\Users\Ich\Documents\Thumbs.db
2015-11-08 13:35 - 2015-09-14 17:08 - 00000251 _____ C:\Users\Ich\Desktop\pawaws.txt
2015-11-07 19:45 - 2015-08-21 17:20 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-07 19:41 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-07 19:26 - 2015-10-03 20:06 - 00000000 ____D C:\Users\Ich\Documents\Visual Studio 2010
2015-11-07 01:41 - 2014-07-09 09:16 - 00000000 ____D C:\Program Files (x86)\Modifikationen
2015-11-06 16:56 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-11-03 01:23 - 2015-03-17 16:54 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 01:23 - 2015-03-17 16:54 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-31 23:13 - 2015-10-27 14:18 - 00000000 ____D C:\Users\Ich\Documents\lcc
2015-10-31 23:13 - 2015-10-27 14:15 - 00000000 ____D C:\lcc
2015-10-29 20:25 - 2015-10-27 18:23 - 00019821 _____ C:\Users\Ich\Desktop\BHF.mwb.bak

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-20 07:37 - 2015-08-20 07:37 - 0003244 _____ () C:\Program Files (x86)\COPYRIGHT
2015-08-20 07:37 - 2015-08-20 07:37 - 0000040 _____ () C:\Program Files (x86)\LICENSE
2015-08-20 07:37 - 2015-08-20 07:37 - 0000046 _____ () C:\Program Files (x86)\README.txt
2015-08-20 07:38 - 2015-08-20 07:38 - 0000527 _____ () C:\Program Files (x86)\release
2015-08-20 07:37 - 2015-08-20 07:37 - 0110114 _____ () C:\Program Files (x86)\THIRDPARTYLICENSEREADME-JAVAFX.txt
2015-08-20 07:37 - 2015-08-20 07:37 - 0177094 _____ () C:\Program Files (x86)\THIRDPARTYLICENSEREADME.txt
2015-08-20 07:37 - 2015-08-20 07:37 - 0000955 _____ () C:\Program Files (x86)\Welcome.html
2006-12-11 18:13 - 2006-12-11 18:13 - 0097336 _____ (Un4seen Developments) C:\Users\Ich\AppData\Local\bass.dll
2006-12-11 18:13 - 2006-12-11 18:13 - 0013872 _____ (Un4seen Developments) C:\Users\Ich\AppData\Local\basscd.dll
2007-08-13 16:46 - 2007-08-13 16:46 - 0102912 _____ (Albert L Faber) C:\Users\Ich\AppData\Local\CDRip.dll
2007-01-18 20:09 - 2007-01-18 20:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\Ich\AppData\Local\No23 Recorder.exe
2013-04-05 14:40 - 2014-02-23 18:18 - 0001467 _____ () C:\Users\Ich\AppData\Local\RecConfig.xml
2012-09-25 17:06 - 2012-09-25 17:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Ich\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfru66e.dll
C:\Users\Ich\AppData\Local\Temp\sqlite3.dll
C:\Users\Ich\AppData\Local\Temp\VP6Install.exe
C:\Users\Ich\AppData\Local\Temp\VP6VFW.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-28 15:21

==================== Ende von FRST.txt ============================
         
--- --- ---


und Addition:
FRST Additions Logfile:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-11-2015
durchgeführt von Ich (2015-11-28 15:29:14)
Gestartet von C:\Users\Ich\Desktop
Windows 8.1 (X64) (2014-08-22 11:08:39)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3959979219-1793462969-950886862-500 - Administrator - Disabled)
Gast (S-1-5-21-3959979219-1793462969-950886862-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3959979219-1793462969-950886862-1004 - Limited - Enabled)
Ich (S-1-5-21-3959979219-1793462969-950886862-1002 - Administrator - Enabled) => C:\Users\Ich
UpdatusUser (S-1-5-21-3959979219-1793462969-950886862-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

0 A.D. (HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\0 A.D.) (Version: r15148P-alpha - Wildfire Games)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
AbiWord 2.9.4 (HKLM-x32\...\AbiWord2) (Version: 2.9.4 - AbiSource Developers)
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0059 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{8215A318-CC27-435E-B3EA-2E3443C8998C}) (Version: 1.00.3013 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3115 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3201 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\{BFBC6337-B7B9-4AEE-BC19-CA910EED755D}) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.02) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.02 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.100.2020.110 - Alps Electric)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.4 - Atheros Communications Inc.)
Aus dem Leben eines Diebes (HKLM-x32\...\Aus dem Leben eines Diebes) (Version: 1.1 - Team K)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Avatar - Legends of The Arena (HKLM-x32\...\{E02C0C32-1103-42E3-B2B3-1630675B778C}) (Version: 1.03.0008 - NickOnline)
Backup Manager v4 (x32 Version: 4.0.0.0059 - NTI Corporation) Hidden
Battlefield Heroes (HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version:  - EA Digital illusions)
Battlefield Play4Free (Ich) (HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
Bauernleben (HKLM-x32\...\Bauernleben) (Version: 1.0 - Orcjäger)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3108 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3108 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.1925 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2008 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 1.82 - NCH Software)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Desktopicon Trends auf OTTO.de (HKLM\...\DesktopIconotto) (Version: 1.0.1 - )
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.8.2 - Bloodshed Software)
Die Rückkehr (HKLM-x32\...\Die Rückkehr) (Version: 1.0 - Übersetzer-Team Lonewulf & Co)
Die Sims 2: Open For Business (HKLM-x32\...\{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}) (Version:  - )
Die Sims™ 2 Apartment-Leben (HKLM-x32\...\{B6F5B704-06D3-4687-90F3-6195304AD755}) (Version:  - Electronic Arts)
Die Sims™ 2 Super Deluxe (HKLM-x32\...\{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}) (Version:  - Electronic Arts)
Die Sims™ 2 Vier Jahreszeiten (HKLM-x32\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version:  - )
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
Google Chrome (HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Gothic 1+2 Windows 8 fixes (HKLM\...\{9084b1e7-83b4-406a-8705-374300ee2d84}.sdb) (Version:  - )
Gothic 2 Gold (HKLM-x32\...\{40FE74B5-71A1-4393-A0AB-21D6E1DA5A66}) (Version: 1.0.0 - JoWood)
Gothic 2 Online - 0.1b dev 5 (HKLM-x32\...\Gothic 2 Online - 0.1b dev 5) (Version: 0.1b dev 5 - GO Team)
Gothic II - Modification Development Kit (HKLM-x32\...\G2MDK) (Version: 2.6 - Piranha Bytes)
Gothic Multiplayer (HKLM-x32\...\Gothic Multiplayer) (Version: 0.1.11.0 - Gothic Multiplayer Team)
GOTHIC2 ADDON - 'Odyssey — on behalf of the King' (HKLM-x32\...\GOTHIC2 ADDON - 'Odyssey — on behalf of the King') (Version: 1.3 - World of Gothic DE - Community © 2015)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
Icy Tower v1.5 (HKLM-x32\...\Icy Tower v1.5_is1) (Version:  - Free Lunch Design)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Programm für die Prozessorerkennung (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Kinovea (HKLM-x32\...\Kinovea) (Version: 0.8.15 - Kinovea)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.4 - Acer Inc.)
lcc-win32 version 3.2 (base system) (HKLM-x32\...\lcc-win32 (base system)_is1) (Version:  - Logiciels/Informatique, Jacob Navia)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Legend of Ahssûn (HKLM-x32\...\Legend of Ahssûn) (Version: 1.0 - LoA-Team)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3004 - Acer Incorporated)
Lua for Windows 5.1.4-46 (HKLM-x32\...\Lua_is1) (Version: 5.1.4.46 - The Lua for Windows Project and Lua and Tecgraf, PUC-Rio)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.226.1 - McAfee, Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Compatibility Toolkit 5.6 (HKLM-x32\...\{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}) (Version: 5.6.7324.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2015 für Windows Desktop - DEU (HKLM-x32\...\{1541de02-c602-410d-9962-8f1c6cc255ff}) (Version: 14.0.23107.10 - Microsoft Corporation)
Moorhuhn Wanted XS (HKLM-x32\...\{3F0DD9B2-A9F2-4D67-B6A1-E4864CBF2E61}) (Version:  - )
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MTA:SA v1.3.5 (HKLM-x32\...\MTA:SA 1.3) (Version: v1.3.5 - Multi Theft Auto)
MTA:SA v1.4.0 (HKLM-x32\...\MTA:SA 1.4) (Version: v1.4.0 - Multi Theft Auto)
MTA:SA v1.5.0 (HKLM-x32\...\MTA:SA 1.5) (Version: v1.5.0 - Multi Theft Auto)
MySQL Workbench 6.3 CE (HKLM\...\{40AFAA5A-72EE-45A7-B8D2-CC7E08C9370B}) (Version: 6.3.4 - Oracle Corporation)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Odyssee_Speech 1.0 (HKLM-x32\...\Odyssee_Speech) (Version: 1.0 - OdysseeModTeam)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3200 - Acer)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenCity 0.0.6.2 stable (HKLM-x32\...\OpenCity 0.0.6.2 stable_is1) (Version: OpenCity 0.0.6.2 stable - Duong Khang NGUYEN)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera Stable 21.0.1432.57 (HKLM-x32\...\Opera 21.0.1432.57) (Version: 21.0.1432.57 - Opera Software ASA)
Oracle VM VirtualBox 5.0.4 (HKLM\...\{FC191F32-1A67-4231-91D0-0059A57C99A8}) (Version: 5.0.4 - Oracle Corporation)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Ihr Firmenname)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.05 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.)
Regnum Online 1.6.2 (HKLM-x32\...\Regnum Online) (Version: 1.6.2 - NGD Studios)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.15 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.15.102 - Skype Technologies S.A.)
Smokin' Guns version 1.1 (HKLM-x32\...\{C0F2B168-5C5C-4B55-B76E-035813CC559E}_is1) (Version: 1.1 - Smokin' Guns Productions)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Stampfer 0.5.0.2 (HKLM-x32\...\Stampfer) (Version: 0.5.0.2 - Sumpfkrautjunkie)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TuxGuitar (HKLM-x32\...\{03534DA5-2F88-4B8E-A978-849B979E1B8F}) (Version: 1.2 - Herac)
Universal Document Converter (Demo) (HKLM-x32\...\Universal Document Converter_is1) (Version: 5.8 - fCoder Group, Inc.)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.0.6 (HKLM-x32\...\VLC media player) (Version: 2.0.6 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.3 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinHTTrack Website Copier 3.48-17 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.17 - HTTrack)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.11-1 - Bitnami)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ich\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Ich\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ich\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Ich\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei

==================== Wiederherstellungspunkte =========================

14-11-2015 14:12:47 Windows Update
17-11-2015 19:07:17 Windows Update
20-11-2015 20:45:10 Windows Update
27-11-2015 21:17:51 Windows Update
28-11-2015 15:14:53 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2012-07-26 06:26 - 2015-11-16 21:57 - 00000061 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
0.0.0.1	mssplus.mcafee.com

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07B30BD9-A60E-43E4-9273-76F3E28834C5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-13] (Microsoft Corporation)
Task: {08EB8921-4663-4DD2-8C4C-A4BA04543BDE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {14238981-97D8-48A3-A470-248B76FCC63A} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {224773CA-F2CC-4E38-9F31-3A7A6B3D61E1} - System32\Tasks\{26D3CCCF-FB28-42B4-89A5-452620F51B14} => pcalua.exe -a "C:\Program Files (x86)\Wajam\uninstall.exe"
Task: {2A5FC1F1-0921-44C0-B14F-98AC6F4C6D66} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-22] ()
Task: {300F13DF-70AE-4CEC-95B2-ABC1DDFB0496} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {34198156-68D7-4791-B722-EE7ECFE62B77} - System32\Tasks\{37606DBC-5BE6-484F-9173-6F62C9E08612} => pcalua.exe -a D:\Install.exe -d D:\
Task: {446DCAE7-347F-458F-83BC-0112B0E51013} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] ()
Task: {50378902-5F20-4B11-B489-7084968D689E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-02] (Dropbox, Inc.)
Task: {55C8B2C7-54CA-4684-AB39-C68FF8EC8D04} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {57EE0DA7-B5F8-4B19-8E61-D2BA98C89CC4} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
Task: {5A711C3C-3F08-4E75-BC40-010D226DF220} - System32\Tasks\Amazon Music Helper => C:\Users\Ich\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
Task: {663C69D9-37B0-4ACA-82AB-5E6E7023FCAB} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {769D7839-DBBD-4780-B6AB-35E7889522E0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3959979219-1793462969-950886862-1002UA => C:\Users\Ich\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7F3747FF-4F3F-43E1-8966-0F972453AD6C} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {9FB2D80F-9B30-4E43-90EB-2B0254138EFD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-08-25] (AVAST Software)
Task: {B75AE49F-3F94-45E5-9D3B-D12B4A24E397} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {D2807B6A-0559-46B6-AC6D-645EEFA1D46B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {D2F6DCFD-8A44-45F5-8537-2399B536DCBC} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-22] ()
Task: {D53B1135-166E-4811-B4BA-D404A574A094} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-02] (Dropbox, Inc.)
Task: {D7275FA9-3B5F-432C-9645-0727E82CD148} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {D72AC33D-F527-4D8B-B931-1368F9D03636} - System32\Tasks\{B3FE6AA6-379C-4AAD-B9EB-B83FDFA9FF8C} => pcalua.exe -a "C:\Program Files (x86)\Stampfer\Stampfer.exe" -d "C:\Program Files (x86)\Stampfer"
Task: {DE58430C-7C63-411E-904D-6F9D85FF2A5E} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2012-07-31] (Acer Incorporated)
Task: {F49CB3C1-1222-4D71-AC3A-C7122CE4093D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-23] (Adobe Systems Incorporated)
Task: {F891D15F-9900-4A20-BBB9-884E1134737A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3959979219-1793462969-950886862-1002Core => C:\Users\Ich\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {FC3A0CB9-6EBB-45AB-9BC9-D30BE87CF807} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3959979219-1793462969-950886862-1002Core.job => C:\Users\Ich\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3959979219-1793462969-950886862-1002UA.job => C:\Users\Ich\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\0 A.D. alpha\Open logs folder.lnk -> C:\Users\Ich\AppData\Local\0 A.D. alpha\OpenLogsFolder.bat () <==== ACHTUNG

ShortcutWithArgument: C:\Users\Public\Desktop\Online kaufen.lnk -> C:\Program Files\Accessory Store\StartURL.exe () -> hxxp://go.acer.com/?id=13400 <==== ACHTUNG

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-09-05 01:36 - 2013-09-05 01:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2012-06-22 02:12 - 2012-06-22 02:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-01-23 15:46 - 2014-08-28 18:21 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-11-27 23:12 - 2015-11-27 23:12 - 02995712 _____ () C:\Program Files\AVAST Software\Avast\defs\15112701\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-23 07:26 - 2012-08-23 07:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-23 07:25 - 2012-08-23 07:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-08-23 07:26 - 2012-08-23 07:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-08-23 07:25 - 2012-08-23 07:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-08-23 07:25 - 2012-08-23 07:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-08-23 07:25 - 2012-08-23 07:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-08-23 07:26 - 2012-08-23 07:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2015-05-10 17:56 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-05-10 17:56 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-05-10 17:56 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-05-10 17:56 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-05-10 17:56 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-05-12 17:21 - 2014-05-12 17:21 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-09-25 17:10 - 2012-06-25 03:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-07-31 15:02 - 2014-07-31 15:02 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\ProgramData\Temp:AD022376
AlternateDataStreams: C:\Users\Ich\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Ich\AppData\Roaming:NT

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3959979219-1793462969-950886862-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SMART Board Service"
HKLM\...\StartupApproved\Run32: => "SMART Floating Tools"
HKLM\...\StartupApproved\Run32: => "SMARTNotification"
HKLM\...\StartupApproved\Run32: => "SMART Tray Tools"
HKLM\...\StartupApproved\Run32: => "SMART Ink"
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk"
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\StartupApproved\Run: => "AmazonMP3DownloaderHelper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{217A4FF2-831B-485D-80A1-AD353E2E9AF2}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [TCP Query User{2E60A8CC-853B-4605-B23F-95D1FC456CD7}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [UDP Query User{74983DAD-AD10-41EE-96F9-FFEA9D35784B}C:\users\ich\desktop\server 0.1a r-9 windows\server_gmp.exe] => (Allow) C:\users\ich\desktop\server 0.1a r-9 windows\server_gmp.exe
FirewallRules: [TCP Query User{AA841A9B-D954-4793-8AB3-37154E86910B}C:\users\ich\desktop\server 0.1a r-9 windows\server_gmp.exe] => (Allow) C:\users\ich\desktop\server 0.1a r-9 windows\server_gmp.exe
FirewallRules: [UDP Query User{77EA9650-3F65-4E2D-9FF0-5F8D231EF942}C:\program files (x86)\modding\gothic ii gold\_work\tools\zspy\zspy.exe] => (Allow) C:\program files (x86)\modding\gothic ii gold\_work\tools\zspy\zspy.exe
FirewallRules: [TCP Query User{48920CE1-4D84-4A85-88DE-23775DF8DA70}C:\program files (x86)\modding\gothic ii gold\_work\tools\zspy\zspy.exe] => (Allow) C:\program files (x86)\modding\gothic ii gold\_work\tools\zspy\zspy.exe
FirewallRules: [{9A4355B3-C21D-4D24-8E79-C5EB075F45C3}] => (Block) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [{BC1F1CFD-D70C-4008-ADE6-4F23AB108F0A}] => (Block) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [UDP Query User{4A8288D1-AE3C-40AE-BBF7-FD33C1F9CC75}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [TCP Query User{CFE6DAAD-3DA4-4C65-9AC0-2713A67CC1C7}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [{61E529E2-39C7-42F9-87F4-FD4ACE565287}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{C825F568-EDEA-499B-BAF2-A3F0F3D6E020}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ED3E2633-5EE8-46C1-A56D-C6162B5C85C3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0944A773-922D-4C07-A564-AAA0E45440C6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{91B80A1A-503E-4222-99DA-083B853C50B2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A301FD69-22FE-4388-80D4-1E99A962C2E3}] => (Allow) LPort=1900
FirewallRules: [{4497760E-5805-4311-B36B-B773377B2AAA}] => (Allow) LPort=2869
FirewallRules: [{D1E6D330-88D1-4A16-85B7-A1EECA09458C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1ADF29A0-8D11-419E-882F-0E12666DBF54}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0187286E-65D9-43C7-A1B5-82DC942214F8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BA9B6E10-2E97-4B21-B628-1E89D8067CE4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{65866DEF-264A-418E-A10A-25BA02DC9B3C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{31244750-0EFC-4081-A2C7-9B7158AE29B3}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCService.exe
FirewallRules: [{61B57827-1B9C-4511-BB18-10DD2B2B5FB2}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCService.exe
FirewallRules: [{FCEBC343-3E78-42B5-AFE8-C12953F49519}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCGui.exe
FirewallRules: [{DAA1509A-D454-4195-A66B-2C881CC64A5C}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCGui.exe
FirewallRules: [{FBFA7237-007B-413F-BD56-F35C125CDE60}] => (Allow) C:\Users\Ich\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{A359FE8B-2B2F-45B1-9F64-0688CA45F9CA}] => (Allow) C:\Users\Ich\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{4DA81EDE-CD04-4F1D-BADC-7257AE6D71B9}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{4F4E93DE-8FEC-427A-855F-3CFB13512C9A}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{03CF7716-962C-41F3-9C25-DC2935F5E7C1}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{C30F28AF-396F-4154-8A1E-77B2FAE527E3}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{9718CAED-3B3C-4FA6-9F61-C5C7413E4932}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{0BD2D6BC-5AEB-47E5-B27F-8DE4D4501887}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{0FA7FADC-CC2B-4387-8857-20B7EE160120}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{CD0C8C9D-D154-48DC-8074-C6E6B1DB824F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{E4A60ED4-19F3-4292-905A-E26AC33F983E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{BBD1A6A2-43E1-4F10-9F8F-930673F2024E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{A9051570-0B3C-4D2B-8572-A3CC55B202E4}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{7A4494AE-F92A-4CD0-9690-B52330F39142}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{2CD3B7DF-15B6-46A9-A3C6-E99F5C49000D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{AA864CF5-25C5-4094-A2E4-19F0596D3F00}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{4578D12F-925A-4A61-AAF6-E6CC7C5774B0}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{C26E9432-6C9E-46B0-9751-AFB7982CC52A}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{882F4811-DF5A-45C0-B2ED-6C95BF90F203}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{188237BE-78DB-4D72-94AC-2B082EFE447A}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{262C27E2-B2E9-4B73-90CF-AF14B428EBFE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{C2F61F32-2F48-49A3-A368-479F2A3E1B77}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{C44F4001-5117-4E3F-972D-06FD998E2275}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{554A9B34-A045-4F77-8BBF-31B886DF4369}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{22CD2F9A-7FF3-4EDC-9339-DCDB0B172F41}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [TCP Query User{93BD9022-6E92-464D-8012-EE641AC38482}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{BDFB01D8-2445-404F-AF9B-A89C22180E3B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{E946CC2B-277D-4840-9AE4-193BFB5378E8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{9EC5F6FD-94DA-48C6-80EF-F3CFB57BAC21}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{882CD626-BE74-450B-8DB8-ABCB175ECC6B}C:\program files (x86)\mta san andreas 1.5\server\mta server.exe] => (Block) C:\program files (x86)\mta san andreas 1.5\server\mta server.exe
FirewallRules: [UDP Query User{1141E08A-B283-48DD-94E7-9101F7B349E3}C:\program files (x86)\mta san andreas 1.5\server\mta server.exe] => (Block) C:\program files (x86)\mta san andreas 1.5\server\mta server.exe
FirewallRules: [TCP Query User{E8B49ED1-B073-431D-B0B5-127D62774812}C:\users\ich\desktop\eclipse-jee-juno-win32-x86_64\eclipse\eclipse.exe] => (Block) C:\users\ich\desktop\eclipse-jee-juno-win32-x86_64\eclipse\eclipse.exe
FirewallRules: [UDP Query User{6321E5F2-BAC4-4A53-9885-5190A44A4D64}C:\users\ich\desktop\eclipse-jee-juno-win32-x86_64\eclipse\eclipse.exe] => (Block) C:\users\ich\desktop\eclipse-jee-juno-win32-x86_64\eclipse\eclipse.exe
FirewallRules: [TCP Query User{4DC18B49-EE78-4408-9FAA-CBD605A729F4}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{AA7A3386-4973-4DC7-A546-260416C2D522}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [TCP Query User{4ABEE83A-C9E8-4522-BC49-326DC178AFBC}C:\program files\java\jdk1.8.0_60\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_60\bin\java.exe
FirewallRules: [UDP Query User{5952A740-2F1D-4B5A-9AD5-8F21283750C0}C:\program files\java\jdk1.8.0_60\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_60\bin\java.exe
FirewallRules: [TCP Query User{BF036C93-96C2-4EF5-AC71-A0626B302854}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{D267E2F9-6BD5-4F21-B6B7-1EB525861E08}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{C120493B-FC9A-4807-A24A-05DBB28B8D5B}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{04170A94-9352-4608-B292-FB1C70EC6F35}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{A1455A5F-20C2-4076-ACD8-18CEBD4DE245}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{293918FA-85A1-4940-B2BF-102891A928AB}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{B39A3E76-2E11-4304-AAEE-F98C24DC3492}C:\users\ich\desktop\r10\server_windows\server_gmp.exe] => (Allow) C:\users\ich\desktop\r10\server_windows\server_gmp.exe
FirewallRules: [UDP Query User{8285040D-0205-4D32-B7EA-F3E327A14404}C:\users\ich\desktop\r10\server_windows\server_gmp.exe] => (Allow) C:\users\ich\desktop\r10\server_windows\server_gmp.exe
FirewallRules: [TCP Query User{BDC047C4-A655-4715-846A-3D13E484E818}C:\users\ich\downloads\openarena-0.8.8\openarena-0.8.8\openarena.exe] => (Allow) C:\users\ich\downloads\openarena-0.8.8\openarena-0.8.8\openarena.exe
FirewallRules: [UDP Query User{CB18137B-F009-4B02-A2B2-FFDBE1041F68}C:\users\ich\downloads\openarena-0.8.8\openarena-0.8.8\openarena.exe] => (Allow) C:\users\ich\downloads\openarena-0.8.8\openarena-0.8.8\openarena.exe
FirewallRules: [TCP Query User{CA797B9D-E490-4407-AA83-1F4A361272F3}C:\program files (x86)\smokin' guns\smokinguns.exe] => (Allow) C:\program files (x86)\smokin' guns\smokinguns.exe
FirewallRules: [UDP Query User{E48B6664-D55D-4E27-9C1A-2DF1781ED398}C:\program files (x86)\smokin' guns\smokinguns.exe] => (Allow) C:\program files (x86)\smokin' guns\smokinguns.exe
FirewallRules: [TCP Query User{592AAFB5-D09A-4903-A329-5FB8B9976FEE}C:\users\ich\desktop\gothic online 0.1b dev 5 server for win32\gothic online 0.1b dev 5 server for win32\g2o_server.exe] => (Allow) C:\users\ich\desktop\gothic online 0.1b dev 5 server for win32\gothic online 0.1b dev 5 server for win32\g2o_server.exe
FirewallRules: [UDP Query User{7854E905-15F5-4B51-ACE6-8F238E3EE535}C:\users\ich\desktop\gothic online 0.1b dev 5 server for win32\gothic online 0.1b dev 5 server for win32\g2o_server.exe] => (Allow) C:\users\ich\desktop\gothic online 0.1b dev 5 server for win32\gothic online 0.1b dev 5 server for win32\g2o_server.exe
FirewallRules: [{EC2A25FF-87E3-4372-A5BD-5111B1A8E69C}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/28/2015 02:18:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm AdwCleaner_5.022.exe, Version 5.0.2.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1eb0

Startzeit: 01d129dee58bb8e8

Endzeit: 4294967295

Anwendungspfad: C:\Users\Ich\Desktop\AdwCleaner_5.022.exe

Berichts-ID: 7dea99be-95d2-11e5-87e3-4c72b9cc84ec

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/27/2015 11:41:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 31.0.0.5310, Zeitstempel: 0x53c75e91
Name des fehlerhaften Moduls: mozalloc.dll, Version: 31.0.0.5310, Zeitstempel: 0x53c72e91
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x184c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (11/27/2015 11:41:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 31.0.0.5310 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 738

Startzeit: 01d129402493e3f0

Endzeit: 25

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: f9f373ad-9557-11e5-87e2-4c72b9cc84ec

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/25/2015 10:03:47 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (11/12/2015 03:59:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ROClientGame.exe, Version: 1.10.1.39397, Zeitstempel: 0x55f99214
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4bc8e
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e5904
ID des fehlerhaften Prozesses: 0x48c
Startzeit der fehlerhaften Anwendung: 0xROClientGame.exe0
Pfad der fehlerhaften Anwendung: ROClientGame.exe1
Pfad des fehlerhaften Moduls: ROClientGame.exe2
Berichtskennung: ROClientGame.exe3
Vollständiger Name des fehlerhaften Pakets: ROClientGame.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ROClientGame.exe5

Error: (11/11/2015 02:29:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1125

Error: (11/11/2015 02:29:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1125

Error: (11/11/2015 02:29:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/10/2015 03:59:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3375

Error: (11/10/2015 03:59:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3375


Systemfehler:
=============
Error: (11/28/2015 03:24:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Microsoft Visual Studio 2010 Service Pack 1

Error: (11/28/2015 03:15:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/28/2015 03:15:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/28/2015 03:15:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/28/2015 03:15:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/28/2015 03:15:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/28/2015 03:07:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/28/2015 03:07:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/28/2015 03:06:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/28/2015 03:05:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127


CodeIntegrity:
===================================
  Date: 2014-05-13 16:08:49.254
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 8010.27 MB
Verfügbarer physikalischer RAM: 6132.33 MB
Summe virtueller Speicher: 9290.27 MB
Verfügbarer virtueller Speicher: 7157.17 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:680.39 GB) (Free:549.69 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: D06C910E)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
--- --- ---


Vielen Dank!
MfG
John

Alt 28.11.2015, 16:37   #8
M-K-D-B
/// TB-Ausbilder
 
watch4 virus - Standard

watch4 virus



Servus,



tritt das Problem noch immer auf? Wenn ja, in welchem Browser?




  • Starte FRST erneut. Kopiere den Inhalt der folgenden Code-Box oben in die Zeile:
    Code:
    ATTFilter
    wajam;{26D3CCCF-FB28-42B4-89A5-452620F51B14};
             
  • Drücke auf Registry-Suche.
  • FRST beginnt mit dem Suchlauf. Dies kann einige Zeit dauern.
  • Am Ende erstellt FRST eine Textdatei Search.txt.
  • Poste mir deren Inhalt mit deiner nächsten Antwort.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 28.11.2015, 19:34   #9
xJohnDoe
 
watch4 virus - Standard

watch4 virus



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-11-2015
durchgeführt von Ich (Administrator) auf MEINPC (28-11-2015 19:31:37)
Gestartet von C:\Users\Ich\Desktop
Geladene Profile: UpdatusUser & Ich (Verfügbare Profile: UpdatusUser & Ich)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.226\SSScheduler.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [655256 2012-08-24] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-10] ()
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-08] (AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36713096 2015-11-05] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3959979219-1793462969-950886862-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Ich\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\Run: [Google Update] => C:\Users\Ich\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50515584 2015-11-17] (Skype Technologies S.A.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-05-12] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-09-03]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-11-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.226\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013-03-04]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKU\S-1-5-21-3959979219-1793462969-950886862-1002\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2B04F56E-A692-425A-A59D-4E154188ECB6}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\Software\Microsoft\Internet Explorer\Main,Start Page Before = hxxp://acer13.msn.com
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3959979219-1793462969-950886862-1002 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-11-11] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10] (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-05-12] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-11-11] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-12] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default
FF DefaultSearchEngine: Ecosia
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF SearchEngineOrder.1: Bing (Microsoft)
FF SelectedSearchEngine: Ecosia
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll [2013-11-23] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-11-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-11-11] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll [2013-11-23] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-04-11] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3959979219-1793462969-950886862-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Ich\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3959979219-1793462969-950886862-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Ich\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF SearchPlugin: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default\searchplugins\ecosia.xml [2015-10-16]
FF SearchPlugin: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default\searchplugins\startpage---deutsch.xml [2015-09-26]
FF Extension: Battlefield Heroes Updater - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default\extensions\battlefieldheroespatcher@ea.com [2014-05-13] [ist nicht signiert]
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-12] [ist nicht signiert]
FF Extension: ProxTube - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2015-04-15] [ist nicht signiert]
FF Extension: Ecosia — The search engine that plants trees! - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2015-10-16]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=AV01
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=AV01"
CHR Plugin: (Shockwave Flash) - C:\Users\Ich\AppData\Local\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Users\Ich\AppData\Local\Google\Chrome\Application\46.0.2490.80\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Ich\AppData\Local\Google\Chrome\Application\46.0.2490.80\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\Ich\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll => Keine Datei
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Ich\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => Keine Datei
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Ich\AppData\Roaming\Mozilla\plugins\npo1d.dll => Keine Datei
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll => Keine Datei
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Users\Ich\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL => Keine Datei
CHR Profile: C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-09-26]
CHR Extension: (Google Drive) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-07]
CHR Extension: (Battlefield Heroes) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2013-06-09]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-07]
CHR Extension: (Avast Online Security) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-07]
CHR Extension: (Skype Click to Call) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-09-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-07]
CHR Extension: (Amazon) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2015-02-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Ich\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-08-10]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-12] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-02] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-02] (Dropbox, Inc.)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.226\McCHSvc.exe [289256 2015-10-30] (McAfee, Inc.)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-08-28] ()
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-25] (Dritek System INC.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-07-31] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-12] ()
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R2 IntelHaxm; C:\Windows\system32\DRIVERS\IntelHaxm.sys [84992 2015-01-30] (Intel  Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-25] (Dritek System Inc.)
S3 SMARTMouseFilterx64; C:\Windows\System32\drivers\SMARTMouseFilterx64.sys [10240 2013-10-18] (SMART Technologies) [Datei ist nicht signiert]
S3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\drivers\SMARTVHidMiniVistaAmd64.sys [9216 2013-10-18] (SMART Technologies) [Datei ist nicht signiert]
S3 SMARTVTabletPCx64; C:\Windows\System32\drivers\SMARTVTabletPCx64.sys [22184 2013-10-18] (SMART Technologies ULC) [Datei ist nicht signiert]
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146072 2015-09-08] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wmbclass; C:\Windows\system32\DRIVERS\wmbclass.sys [268288 2014-03-18] (Microsoft Corporation)
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-28 15:42 - 2015-11-28 15:42 - 00001522 _____ C:\Users\Ich\Desktop\mbam.txt
2015-11-28 15:28 - 2015-11-28 15:28 - 00000000 ____D C:\Users\Ich\Desktop\FRST-OlderVersion
2015-11-28 15:20 - 2015-11-28 15:20 - 00000757 _____ C:\Users\Ich\Desktop\JRT.txt
2015-11-28 15:12 - 2015-11-28 15:12 - 01599336 _____ (Malwarebytes) C:\Users\Ich\Desktop\JRT.exe
2015-11-28 14:27 - 2015-11-28 14:27 - 22908888 _____ (Malwarebytes ) C:\Users\Ich\Desktop\mbam-setup-2.2.0.1024.exe
2015-11-28 14:24 - 2015-11-28 14:24 - 00004248 _____ C:\Users\Ich\Desktop\AdwCleaner[C4].txt
2015-11-28 14:15 - 2015-11-28 14:15 - 01733632 _____ C:\Users\Ich\Desktop\AdwCleaner_5.022.exe
2015-11-27 19:55 - 2015-11-27 20:30 - 00245158 _____ C:\TDSSKiller.3.1.0.6_27.11.2015_19.55.24_log.txt
2015-11-27 19:44 - 2015-11-28 15:30 - 00056049 _____ C:\Users\Ich\Desktop\Addition.txt
2015-11-27 19:42 - 2015-11-28 19:31 - 00032289 _____ C:\Users\Ich\Desktop\FRST.txt
2015-11-27 19:42 - 2015-11-28 19:31 - 00000000 ____D C:\FRST
2015-11-27 19:41 - 2015-11-28 15:28 - 02349056 _____ (Farbar) C:\Users\Ich\Desktop\FRST64.exe
2015-11-27 19:41 - 2015-11-27 19:41 - 04397752 _____ (Kaspersky Lab ZAO) C:\Users\Ich\Desktop\tdsskiller.exe
2015-11-26 16:49 - 2015-11-26 16:49 - 00352398 _____ C:\Users\Ich\Downloads\S35C-115112610570.pdf
2015-11-25 22:32 - 2015-11-28 14:04 - 00000000 ____D C:\Users\Ich\Desktop\Javaprogrammierung
2015-11-24 22:19 - 2015-11-24 22:23 - 00000000 ____D C:\Users\Ich\Desktop\JavDoc
2015-11-20 23:38 - 2015-11-20 23:38 - 00002018 _____ C:\Users\UpdatusUser\Desktop\Gothic Multiplayer.lnk
2015-11-20 23:38 - 2015-11-20 23:38 - 00002018 _____ C:\Users\Ich\Desktop\Gothic Multiplayer.lnk
2015-11-20 23:38 - 2015-11-20 23:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gothic Multiplayer
2015-11-20 23:37 - 2015-11-20 23:37 - 05152599 _____ C:\Users\Ich\Downloads\gmp.exe
2015-11-17 18:16 - 2015-11-17 18:16 - 00104217 _____ C:\Users\Ich\Downloads\FHL_WS15_DBPra_05.pdf
2015-11-16 21:57 - 2015-11-16 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-11-16 21:57 - 2015-11-16 21:57 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-11-16 00:14 - 2015-11-16 00:14 - 00009334 _____ C:\Users\Ich\Desktop\sakila_statements.sql
2015-11-12 19:12 - 2015-11-12 19:12 - 15897561 _____ C:\Users\Ich\Desktop\Unit_03.pdf
2015-11-11 08:50 - 2015-11-11 08:50 - 00000809 _____ C:\Users\Ich\Desktop\eclipse.exe - Verknüpfung.lnk
2015-11-11 08:42 - 2015-11-11 08:42 - 00000000 ____D C:\Users\Ich\Desktop\eclipse-jee-mars-1-win32-x86_64
2015-11-11 08:41 - 2015-11-11 08:42 - 288024166 _____ C:\Users\Ich\Downloads\eclipse-jee-mars-1-win32-x86_64.zip
2015-11-11 08:20 - 2015-11-11 08:20 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-11-11 08:19 - 2015-11-11 08:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-11-11 08:07 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 08:07 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 08:07 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-11-11 08:07 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-11-11 08:07 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 08:07 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 08:07 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-11-11 08:07 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 08:07 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-11-11 08:07 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 08:07 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-11-11 08:07 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-11-11 08:07 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 08:07 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-11-11 08:07 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-11-11 08:07 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-11-11 08:07 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-11-11 08:07 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 08:07 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 08:07 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-11-11 08:07 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-11-11 08:07 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 08:07 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-11-11 08:07 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-11-11 08:07 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-11-11 08:07 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-11-11 08:07 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-11-11 08:07 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-11-11 08:07 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-11-11 08:07 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-11-11 08:07 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-11-11 08:07 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-11-11 08:07 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-11-11 08:07 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-11-11 08:07 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-11-11 08:07 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 08:07 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 08:07 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 08:07 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-11-11 08:07 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-11-11 08:07 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-11-11 08:07 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-11-11 08:07 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 08:07 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 08:07 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2015-11-11 08:07 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2015-11-11 08:07 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2015-11-11 08:07 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2015-11-11 08:07 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2015-11-11 08:07 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2015-11-11 08:07 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-11-11 08:07 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-11-11 08:07 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-11-11 08:07 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-11-11 08:07 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-11-11 08:07 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-11-11 08:07 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-11-11 08:07 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-11-11 08:07 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-11-11 08:07 - 2015-09-29 13:24 - 00155480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2015-11-11 08:07 - 2015-09-12 14:47 - 00414559 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-11-11 08:07 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-11-11 08:07 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-11-11 08:07 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-11-11 08:07 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-11-11 08:07 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2015-11-11 08:07 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-11-11 08:07 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-11-11 08:07 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-11-11 08:07 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-11-11 08:07 - 2014-10-29 02:21 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHostProxy.dll
2015-11-11 08:07 - 2014-10-29 01:40 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2015-11-11 08:07 - 2014-10-29 01:34 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2015-11-11 08:06 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-11-11 08:06 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-11-11 08:06 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-11-11 08:06 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-11-11 08:06 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-11-11 08:06 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-11-11 08:06 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-11-11 08:06 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-11-11 01:05 - 2015-11-11 01:05 - 00000000 _____ C:\Users\Ich\where
2015-11-11 01:01 - 2015-11-11 01:01 - 00005689 _____ C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jdk-8u60-windows-x64.lnk
2015-11-09 21:04 - 2015-11-09 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-09 18:38 - 2015-11-09 18:38 - 01255099 _____ C:\Users\Ich\Desktop\M1-KIMESAINF-stud.pdf
2015-11-08 16:32 - 2015-07-28 02:09 - 00987848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-11-08 16:32 - 2015-07-28 02:09 - 00484552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2015-11-08 16:32 - 2015-07-28 02:08 - 00993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-11-08 16:32 - 2015-07-28 02:08 - 00690016 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2015-11-07 19:43 - 2015-06-22 07:31 - 00027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-11-07 19:43 - 2015-06-22 07:30 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-11-07 19:40 - 2015-11-07 19:40 - 00000000 ____D C:\ProgramData\VsTelemetry
2015-11-07 19:39 - 2015-11-07 19:39 - 02987408 _____ (Microsoft Corporation) C:\Users\Ich\Downloads\wdexpress_full.exe
2015-11-07 19:25 - 2015-11-07 19:25 - 05633578 _____ C:\Users\Ich\Downloads\guc2081(1).zip
2015-11-07 19:25 - 2015-11-07 19:25 - 00000000 ____D C:\Users\Ich\Desktop\guc2081(1)
2015-11-07 11:46 - 2015-11-07 11:46 - 00001764 _____ C:\Users\Ich\Desktop\GO_Launcher.exe - Verknüpfung.lnk
2015-11-07 01:38 - 2015-11-07 01:38 - 00000000 ____D C:\Users\Ich\Desktop\Gothic Online 0.1b dev 5 Server for Win32
2015-11-07 01:36 - 2015-11-07 01:36 - 00001259 _____ C:\Users\Ich\Desktop\Gothic 2 Online.lnk
2015-11-07 01:31 - 2015-11-07 01:31 - 02021388 _____ C:\Users\Ich\Desktop\Gothic Online 0.1b dev 5 Server for Win32.zip
2015-11-07 01:30 - 2015-11-07 01:30 - 11741448 _____ (GO Team ) C:\Users\Ich\Desktop\G2O_021015.exe
2015-11-06 17:00 - 2015-11-06 17:00 - 00003184 _____ C:\Users\Ich\Desktop\NUMMERN.abw
2015-11-04 14:57 - 2015-11-08 19:26 - 00000000 ____D C:\Users\Ich\Desktop\sakila-db
2015-11-04 14:57 - 2015-11-04 14:58 - 00000000 ____D C:\Users\Ich\Downloads\sakila-db
2015-11-04 14:57 - 2015-11-04 14:57 - 00741576 _____ C:\Users\Ich\Downloads\sakila-db.zip
2015-11-04 14:57 - 2015-11-04 14:57 - 00092038 _____ C:\Users\Ich\Downloads\FHL_WS15_DBPra_04.pdf
2015-11-04 12:14 - 2015-11-04 12:14 - 00088968 _____ C:\Users\Ich\Downloads\uebungen_2.pdf
2015-11-02 17:55 - 2015-11-28 19:28 - 00001246 _____ C:\Users\Ich\Desktop\Dropbox.lnk
2015-11-02 17:55 - 2015-11-28 19:28 - 00000000 ___RD C:\Users\Ich\Dropbox
2015-11-02 17:52 - 2015-11-28 19:26 - 00001218 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-11-02 17:52 - 2015-11-28 17:57 - 00001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-11-02 17:52 - 2015-11-09 21:05 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-11-02 17:52 - 2015-11-02 17:52 - 00004194 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2015-11-02 17:52 - 2015-11-02 17:52 - 00003958 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2015-11-02 17:52 - 2015-11-02 17:52 - 00000000 ____D C:\Users\Ich\AppData\Local\Dropbox
2015-11-02 17:52 - 2015-11-02 17:52 - 00000000 ____D C:\ProgramData\Dropbox
2015-11-02 17:51 - 2015-11-02 17:51 - 00660960 _____ (Dropbox, Inc.) C:\Users\Ich\Downloads\DropboxInstaller.exe
2015-11-02 17:04 - 2015-11-02 17:23 - 00001195 _____ C:\Users\Ich\Desktop\sfmlAPI.txt
2015-11-02 11:28 - 2015-11-02 11:28 - 00000383 _____ C:\ftconfig.ini
2015-11-01 11:34 - 2015-11-01 11:34 - 10892026 _____ C:\Users\Ich\Downloads\SFML-2.1-windows-vc10-32bits.zip
2015-11-01 11:34 - 2015-11-01 11:34 - 00000000 ____D C:\Users\Ich\Desktop\SFML-2.1-windows-vc10-32bits
2015-11-01 10:11 - 2015-11-01 10:11 - 00034914 _____ C:\Users\Ich\Downloads\GOL.rar
2015-11-01 10:11 - 2015-11-01 10:11 - 00000000 ____D C:\Users\Ich\Downloads\GOL
2015-10-31 21:11 - 2015-10-31 21:11 - 00000000 ____D C:\Users\Ich\AppData\Roaming\Smokin' Guns
2015-10-31 21:10 - 2015-10-31 21:11 - 00000000 ____D C:\Program Files (x86)\Smokin' Guns
2015-10-31 21:10 - 2015-10-31 21:10 - 00001061 _____ C:\Users\Public\Desktop\Smokin' Guns.lnk
2015-10-31 21:10 - 2015-10-31 21:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smokin' Guns
2015-10-31 21:07 - 2015-10-31 21:09 - 409494295 _____ (Smokin' Guns Productions ) C:\Users\Ich\Downloads\Smokin_Guns_1.1.exe
2015-10-29 21:44 - 2015-10-29 21:44 - 00001246 _____ C:\Users\Ich\Desktop\statements.sql
2015-10-29 20:22 - 2015-10-29 20:23 - 00076971 _____ C:\Users\Ich\Downloads\FHL_WS15_DBPra_02.pdf
2015-10-29 17:45 - 2015-10-29 17:45 - 00075252 _____ C:\Users\Ich\Downloads\FHL_WS15_DBPra_03.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-28 19:30 - 2014-08-22 12:11 - 00000000 ___DO C:\Users\Ich\OneDrive
2015-11-28 19:29 - 2012-12-13 18:01 - 00000000 ____D C:\Users\Ich\AppData\Roaming\Skype
2015-11-28 19:28 - 2014-05-12 17:34 - 00000000 ____D C:\Users\Ich\AppData\Roaming\Dropbox
2015-11-28 19:26 - 2015-09-09 17:12 - 00000091 _____ C:\HaxLogs.txt
2015-11-28 19:26 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-28 18:23 - 2013-01-02 12:27 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3959979219-1793462969-950886862-1002UA.job
2015-11-28 18:21 - 2015-09-10 08:36 - 00000000 ____D C:\Users\Ich\.p2
2015-11-28 18:21 - 2015-08-20 12:14 - 00000000 ____D C:\Users\Ich\AppData\Local\Eclipse
2015-11-28 18:03 - 2013-11-23 15:42 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-28 16:09 - 2015-02-21 16:13 - 00003914 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{536408FC-A54F-4099-B525-5A19EAC9FC4E}
2015-11-28 15:40 - 2014-05-14 13:48 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-28 15:39 - 2014-05-30 10:50 - 00000000 ____D C:\AdwCleaner
2015-11-28 15:30 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-11-28 14:47 - 2012-12-13 17:40 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3959979219-1793462969-950886862-1002
2015-11-28 14:28 - 2014-05-14 13:47 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-11-28 14:27 - 2014-05-14 13:47 - 00001118 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-11-28 14:27 - 2014-05-14 13:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-28 14:26 - 2013-02-09 14:18 - 00000000 ____D C:\Users\Ich\AppData\Roaming\AbiSuite
2015-11-28 14:22 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-28 13:54 - 2015-08-20 12:14 - 00000000 ____D C:\Users\Ich\workspace
2015-11-27 21:02 - 2015-10-26 21:23 - 00000327 _____ C:\Users\Ich\Desktop\h.txt
2015-11-27 16:42 - 2014-05-12 17:23 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-11-26 22:32 - 2013-10-11 15:21 - 00000000 ____D C:\Users\Ich\AppData\Roaming\vlc
2015-11-25 19:42 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2015-11-24 22:44 - 2014-03-18 11:03 - 01960188 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-24 22:44 - 2014-03-18 10:25 - 00830894 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-24 22:44 - 2014-03-18 10:25 - 00183768 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-22 10:24 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-21 15:36 - 2014-08-22 14:11 - 00997888 ___SH C:\Users\Ich\Desktop\Thumbs.db
2015-11-21 11:03 - 2012-12-13 18:01 - 00000000 ____D C:\ProgramData\Skype
2015-11-20 09:36 - 2015-09-19 14:22 - 00000000 ____D C:\Users\Ich\Desktop\Musik_Zum_Coden
2015-11-16 21:57 - 2013-03-09 21:57 - 00001954 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-11-15 22:15 - 2015-09-17 15:38 - 00000000 ____D C:\Users\Ich\Desktop\GhanaS
2015-11-13 18:57 - 2013-08-21 17:07 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-13 18:51 - 2012-12-15 12:01 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-11 23:47 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2015-11-11 14:13 - 2013-08-22 15:44 - 00377592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-11 09:35 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-11-11 08:41 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-11 08:20 - 2015-08-20 07:57 - 00000000 ____D C:\Program Files\Java
2015-11-11 08:20 - 2013-10-31 08:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-11 08:09 - 2015-08-20 07:38 - 00000000 ____D C:\Users\Ich\.oracle_jre_usage
2015-11-11 01:05 - 2014-08-22 10:57 - 00000000 ____D C:\Users\Ich
2015-11-09 22:33 - 2014-10-30 14:15 - 00165888 ___SH C:\Users\Ich\Downloads\Thumbs.db
2015-11-09 22:32 - 2014-08-22 13:39 - 01906688 ___SH C:\Users\Ich\Documents\Thumbs.db
2015-11-08 13:35 - 2015-09-14 17:08 - 00000251 _____ C:\Users\Ich\Desktop\pawaws.txt
2015-11-07 19:45 - 2015-08-21 17:20 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-07 19:41 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-07 19:26 - 2015-10-03 20:06 - 00000000 ____D C:\Users\Ich\Documents\Visual Studio 2010
2015-11-07 01:41 - 2014-07-09 09:16 - 00000000 ____D C:\Program Files (x86)\Modifikationen
2015-11-06 16:56 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-11-03 01:23 - 2015-03-17 16:54 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 01:23 - 2015-03-17 16:54 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-31 23:13 - 2015-10-27 14:18 - 00000000 ____D C:\Users\Ich\Documents\lcc
2015-10-31 23:13 - 2015-10-27 14:15 - 00000000 ____D C:\lcc
2015-10-29 20:25 - 2015-10-27 18:23 - 00019821 _____ C:\Users\Ich\Desktop\BHF.mwb.bak

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-20 07:37 - 2015-08-20 07:37 - 0003244 _____ () C:\Program Files (x86)\COPYRIGHT
2015-08-20 07:37 - 2015-08-20 07:37 - 0000040 _____ () C:\Program Files (x86)\LICENSE
2015-08-20 07:37 - 2015-08-20 07:37 - 0000046 _____ () C:\Program Files (x86)\README.txt
2015-08-20 07:38 - 2015-08-20 07:38 - 0000527 _____ () C:\Program Files (x86)\release
2015-08-20 07:37 - 2015-08-20 07:37 - 0110114 _____ () C:\Program Files (x86)\THIRDPARTYLICENSEREADME-JAVAFX.txt
2015-08-20 07:37 - 2015-08-20 07:37 - 0177094 _____ () C:\Program Files (x86)\THIRDPARTYLICENSEREADME.txt
2015-08-20 07:37 - 2015-08-20 07:37 - 0000955 _____ () C:\Program Files (x86)\Welcome.html
2006-12-11 18:13 - 2006-12-11 18:13 - 0097336 _____ (Un4seen Developments) C:\Users\Ich\AppData\Local\bass.dll
2006-12-11 18:13 - 2006-12-11 18:13 - 0013872 _____ (Un4seen Developments) C:\Users\Ich\AppData\Local\basscd.dll
2007-08-13 16:46 - 2007-08-13 16:46 - 0102912 _____ (Albert L Faber) C:\Users\Ich\AppData\Local\CDRip.dll
2007-01-18 20:09 - 2007-01-18 20:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\Ich\AppData\Local\No23 Recorder.exe
2013-04-05 14:40 - 2014-02-23 18:18 - 0001467 _____ () C:\Users\Ich\AppData\Local\RecConfig.xml
2012-09-25 17:06 - 2012-09-25 17:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Ich\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvuymwf.dll
C:\Users\Ich\AppData\Local\Temp\sqlite3.dll
C:\Users\Ich\AppData\Local\Temp\VP6Install.exe
C:\Users\Ich\AppData\Local\Temp\VP6VFW.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-28 15:21

==================== Ende von FRST.txt ============================
         
Das Problem ist nicht mehr aufgetaucht (:
Ich glaub das wars. Vielen lieben Dank!

Alt 28.11.2015, 19:48   #10
M-K-D-B
/// TB-Ausbilder
 
watch4 virus - Standard

watch4 virus



Servus,


wir sind noch nicht fertig, da ist noch Adware auf dem Rechner.

Lies dir bitte meine letzte Anleitung nochmal genau durch und führe FRST richtig aus:


  • Starte FRST erneut. Kopiere den Inhalt der folgenden Code-Box oben in die Zeile:
    Code:
    ATTFilter
    wajam;{26D3CCCF-FB28-42B4-89A5-452620F51B14};
             
  • Drücke auf Registry-Suche.
  • FRST beginnt mit dem Suchlauf. Dies kann einige Zeit dauern.
  • Am Ende erstellt FRST eine Textdatei Search.txt.
  • Poste mir deren Inhalt mit deiner nächsten Antwort.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 29.11.2015, 02:21   #11
xJohnDoe
 
watch4 virus - Standard

watch4 virus



Hallo, das hier müsste es sein,
MfG

Code:
ATTFilter
Farbar Recovery Scan Tool (x64) Version:28-11-2015
durchgeführt von Ich (2015-11-29 02:20:03)
Gestartet von C:\Users\Ich\Desktop
Start-Modus: Normal

================== Registry-Suche: "wajam;{26D3CCCF-FB28-42B4-89A5-452620F51B14}" ===========


===================== Suchergebnis für "wajam" ==========

[HKEY_USERS\S-1-5-21-3959979219-1793462969-950886862-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\Wajam\uninstall.exe"="0x5341435001000000000000000700000028000000608F0500F9CC0500030000000000000000000106000100002EF6C8A3A56ACD010000000000000000010000000400000001000000060000000800000000008000000000000500000010000000000000000000000000000000000000000200000050000000000000000000000000008000000000000000800000000000456700000000000002000000010000000000010600000060000080000000000000008000000000005E270000000000000100000000000000"

===================== Suchergebnis für "{26D3CCCF-FB28-42B4-89A5-452620F51B14}" ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{224773CA-F2CC-4E38-9F31-3A7A6B3D61E1}]
"Path"="\{26D3CCCF-FB28-42B4-89A5-452620F51B14}"

====== Ende von Suche ======
         

Alt 29.11.2015, 13:04   #12
M-K-D-B
/// TB-Ausbilder
 
watch4 virus - Standard

watch4 virus



Servus,




Hinweis: Der Suchlauf mit ESET kann länger dauern.





Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
CHR HKU\S-1-5-21-3959979219-1793462969-950886862-1002\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
SearchScopes: HKU\S-1-5-21-3959979219-1793462969-950886862-1002 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
Task: {224773CA-F2CC-4E38-9F31-3A7A6B3D61E1} - System32\Tasks\{26D3CCCF-FB28-42B4-89A5-452620F51B14} => pcalua.exe -a "C:\Program Files (x86)\Wajam\uninstall.exe"
Task: {34198156-68D7-4791-B722-EE7ECFE62B77} - System32\Tasks\{37606DBC-5BE6-484F-9173-6F62C9E08612} => pcalua.exe -a D:\Install.exe -d D:\
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\ProgramData\Temp:AD022376
AlternateDataStreams: C:\Users\Ich\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Ich\AppData\Roaming:NT
RemoveProxy:
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 3

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset








Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von HitmanPro,
  • die Logdatei von ESET,
  • die beiden neuen Logdateien von FRST.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 29.11.2015, 18:28   #13
xJohnDoe
 
watch4 virus - Standard

watch4 virus



Hier ist das FixLog

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-11-2015
durchgeführt von Ich (2015-11-29 14:39:32) Run:1
Gestartet von C:\Users\Ich\Desktop
Geladene Profile: UpdatusUser & Ich (Verfügbare Profile: UpdatusUser & Ich)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
CHR HKU\S-1-5-21-3959979219-1793462969-950886862-1002\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
SearchScopes: HKU\S-1-5-21-3959979219-1793462969-950886862-1002 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
Task: {224773CA-F2CC-4E38-9F31-3A7A6B3D61E1} - System32\Tasks\{26D3CCCF-FB28-42B4-89A5-452620F51B14} => pcalua.exe -a "C:\Program Files (x86)\Wajam\uninstall.exe"
Task: {34198156-68D7-4791-B722-EE7ECFE62B77} - System32\Tasks\{37606DBC-5BE6-484F-9173-6F62C9E08612} => pcalua.exe -a D:\Install.exe -d D:\
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\ProgramData\Temp:AD022376
AlternateDataStreams: C:\Users\Ich\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Ich\AppData\Roaming:NT
RemoveProxy:
EmptyTemp:
end
*****************

Prozess erfolgreich geschlossen.
"HKU\S-1-5-21-3959979219-1793462969-950886862-1002\SOFTWARE\Policies\Google" => Schlüssel erfolgreich entfernt
"HKU\S-1-5-21-3959979219-1793462969-950886862-1002\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
"HKU\S-1-5-21-3959979219-1793462969-950886862-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} => Schlüssel nicht gefunden. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{224773CA-F2CC-4E38-9F31-3A7A6B3D61E1}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{224773CA-F2CC-4E38-9F31-3A7A6B3D61E1}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{26D3CCCF-FB28-42B4-89A5-452620F51B14} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{26D3CCCF-FB28-42B4-89A5-452620F51B14}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{34198156-68D7-4791-B722-EE7ECFE62B77}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34198156-68D7-4791-B722-EE7ECFE62B77}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{37606DBC-5BE6-484F-9173-6F62C9E08612} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{37606DBC-5BE6-484F-9173-6F62C9E08612}" => Schlüssel erfolgreich entfernt
C:\ProgramData => ":NT" ADS erfolgreich entfernt.
"C:\Users\All Users" => ":NT" ADS nicht gefunden.
"C:\ProgramData\Anwendungsdaten" => ":NT" ADS nicht gefunden.
"C:\ProgramData\Application Data" => ":NT" ADS nicht gefunden.
C:\ProgramData\MTA San Andreas All => ":NT" ADS erfolgreich entfernt.
C:\ProgramData\MTA San Andreas All => ":NT2" ADS erfolgreich entfernt.
C:\ProgramData\Temp => ":AD022376" ADS erfolgreich entfernt.
"C:\Users\Ich\Anwendungsdaten" => ":NT" ADS nicht gefunden.
C:\Users\Ich\AppData\Roaming => ":NT" ADS erfolgreich entfernt.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3959979219-1793462969-950886862-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3959979219-1793462969-950886862-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========

EmptyTemp: => 2.2 GB temporäre Dateien entfernt.
         
Hitman-Pro

Code:
ATTFilter
Code:
ATTFilter
HitmanPro 3.7.10.251
www.hitmanpro.com

   Computer name . . . . : MEINPC
   Windows . . . . . . . : 6.3.0.9600.X64/4
   User name . . . . . . : MEINPC\Ich
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2015-11-29 14:51:32
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 12m 31s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 6

   Objects scanned . . . : 2.581.402
   Files scanned . . . . : 146.852
   Remnants scanned  . . : 1.058.791 files / 1.375.759 keys

Suspicious files ____________________________________________________________

   C:\Users\Ich\Desktop\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2.348.544 bytes
      Age  . . . . . . . : 1.8 days (2015-11-27 19:41:04)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 58BC967E2F963DBA54B4A8B343498C45B37052CC51EC84A03AF9D8AF85CFB69C
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\Ich\Desktop\FRST64.exe
      Size . . . . . . . : 2.349.056 bytes
      Age  . . . . . . . : 1.0 days (2015-11-28 15:28:12)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 303916A6226B2FE0A6E7C246718FE8CF8531518871AF56B4125876F4E47BA90F
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\Ich\Desktop\FRST64.exe
          2.1s C:\Users\Ich\Desktop\FRST-OlderVersion\

   C:\Users\Ich\Desktop\PrivateDokumente-Moothhafuckker\Pokemon Zeta 1.4 (Win)\Pokemon Zeta 1.4 (Win)\gif.dll
      Size . . . . . . . : 32.768 bytes
      Age  . . . . . . . : 548.2 days (2014-05-30 09:13:59)
      Entropy  . . . . . : 5.7
      SHA-256  . . . . . : C388F705424AC6EFE60F9BBA0D6F83F0D9A7F4D8E37513BB51587D3721F25221
      Fuzzy  . . . . . . : 25.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Ich\Desktop\PrivateDokumente-Moothhafuckker\Pokemon Zeta 1.4 (Win)\Pokemon Zeta 1.4 (Win)\rubyscreen.dll
      Size . . . . . . . : 28.160 bytes
      Age  . . . . . . . : 548.2 days (2014-05-30 09:15:40)
      Entropy  . . . . . : 5.6
      SHA-256  . . . . . : 777055E7400B49941CC083F86343C8BB5C8C067021B32435809E87E4BEBE3807
      Fuzzy  . . . . . . : 25.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.


Potential Unwanted Programs _________________________________________________

   HKLM\SOFTWARE\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}\ (Iminent)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}\ (Iminent)
         
Eset:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=de761ba6fcf87f49915c0459247c7d33
# end=init
# utc_time=2015-11-29 02:05:46
# local_time=2015-11-29 03:05:46 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 26958
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=de761ba6fcf87f49915c0459247c7d33
# end=updated
# utc_time=2015-11-29 02:08:16
# local_time=2015-11-29 03:08:16 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=de761ba6fcf87f49915c0459247c7d33
# engine=26958
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-29 05:09:44
# local_time=2015-11-29 06:09:44 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 95 8297093 48905370 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 8763721 51173207 0 0
# scanned=468266
# found=21
# cleaned=0
# scan_time=10888
sh=81FBC911F6F39943B5A508257ED317C6A388CA54 ft=1 fh=f881a71255879118 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe.vir"
sh=6F4FD559E82ECD0E9BF238374A8AE7763D9AF88F ft=1 fh=0fe3e64a55eab364 vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll.vir"
sh=09975ED04166B761DC1CED0B15BAE6D37DCC0560 ft=1 fh=919d2464905062de vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe.vir"
sh=CC7735B51ACFC778DAFCE7B9C25798C1149059CA ft=1 fh=bdcf262ba56c13e6 vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe.vir"
sh=C2BF9E02AAF8CD61356523AF0425BD4DEEE8A0E8 ft=1 fh=aed2a53e39c1b826 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe.vir"
sh=E07AC00C609A9096EFEDCF5839D77AD91C96BD2D ft=1 fh=a44174895411af10 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll.vir"
sh=6C0CFF21847BEBDC22C8ED1C8A24ED19724D7741 ft=1 fh=91d5fb4f6ab1ad55 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll.vir"
sh=19D4CD0E4DDB51C3B3A25676F68963807BE1710C ft=1 fh=5c3c9fe0db73a8b4 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll.vir"
sh=3AE79DE1D9A3C56075DB1B53DF9D7880AE03A5F6 ft=1 fh=bd390a3911fc5a39 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll.vir"
sh=0F00EB8310C851AAD8AE9C7C17EF5F0D81617D3A ft=1 fh=1090c94a8e08b65e vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe.vir"
sh=8DF50905D446BB48FE2F7AB41C311B36348B3F73 ft=1 fh=912592a930237e15 vn="Win32/Adware.Synatix.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ich\AppData\LocalLow\Internet Explorer BHO\bho.dll.vir"
sh=63B7888AFAD76FDA1C29A207F8944BC6A5488D4C ft=1 fh=27deff491a62c7de vn="Win32/Adware.Synatix.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ich\AppData\Roaming\Hub Timer\hub.exe.vir"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ich\AppData\Roaming\OpenCandy\3019CC90C1954AB3897AA22F52E7AA6F\sp-downloader.exe.vir"
sh=7C620D1FDA9B0BCB94387A0E5AFD2565B2FB5B08 ft=1 fh=0ea7a7a2438ec590 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ich\AppData\Roaming\OpenCandy\3019CC90C1954AB3897AA22F52E7AA6F\Whitesmoke_directN_p1v1.exe.vir"
sh=18F17ABCFC630C0F55E44F5315156F1C9E84AEB2 ft=1 fh=ca0992d7beaa5a1c vn="Variante von Win32/Adware.Synatix.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ich\AppData\Roaming\Security Systems\uninstall.exe.vir"
sh=97D215B08CD536A07FE7EECCC7CAE4ED09536D1E ft=1 fh=da5628e57511ab34 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ich\Downloads\Java SDK 64 Bit - CHIP-Installer.exe"
sh=54936D5B04D1AB8D76B8180AA0F4449A7DCD0A9C ft=1 fh=ff19306f61dedc45 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ich\Downloads\OpenArena - CHIP-Installer.exe"
sh=A6B536A38AA8112E0D06A41D360375E18AA9FE18 ft=1 fh=380e918a58a8df85 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ich\Downloads\SpyBot Search Destroy - CHIP-Installer.exe"
sh=E7097D471338062C0218A6A829DCD0C32CE0E021 ft=1 fh=e8c7e5092cd06f7a vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ich\Downloads\VirtualBox - CHIP-Installer.exe"
sh=C82EC3D9730BB20657770E09D4A2B9AEBCD7CABE ft=1 fh=200fcaf440c751c4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ich\Downloads\Visual C 2010 Express - CHIP-Installer.exe"
sh=B394D61454BCE7676B401555E7F20E5E1EA41913 ft=1 fh=e04dfb520e0e5833 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ich\Downloads\XAMPP - CHIP-Installer.exe"
         
FRST:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-11-2015
durchgeführt von Ich (Administrator) auf MEINPC (29-11-2015 18:23:50)
Gestartet von C:\Users\Ich\Desktop
Geladene Profile: UpdatusUser & Ich (Verfügbare Profile: UpdatusUser & Ich)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.226\SSScheduler.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [655256 2012-08-24] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-10] ()
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-08] (AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36713096 2015-11-05] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3959979219-1793462969-950886862-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Ich\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\Run: [Google Update] => C:\Users\Ich\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50515584 2015-11-17] (Skype Technologies S.A.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-05-12] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-09-03]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-11-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.226\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013-03-04]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2B04F56E-A692-425A-A59D-4E154188ECB6}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\Software\Microsoft\Internet Explorer\Main,Start Page Before = hxxp://acer13.msn.com
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-11-11] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10] (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-05-12] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-11-11] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-12] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default
FF DefaultSearchEngine: Ecosia
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF SearchEngineOrder.1: Bing (Microsoft)
FF SelectedSearchEngine: Ecosia
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll [2013-11-23] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-11-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-11-11] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll [2013-11-23] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-04-11] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3959979219-1793462969-950886862-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Ich\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3959979219-1793462969-950886862-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Ich\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF SearchPlugin: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default\searchplugins\ecosia.xml [2015-10-16]
FF SearchPlugin: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default\searchplugins\startpage---deutsch.xml [2015-09-26]
FF Extension: Battlefield Heroes Updater - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default\extensions\battlefieldheroespatcher@ea.com [2014-05-13] [ist nicht signiert]
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-12] [ist nicht signiert]
FF Extension: ProxTube - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2015-04-15] [ist nicht signiert]
FF Extension: Ecosia — The search engine that plants trees! - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\4uaxz8l9.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2015-10-16]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=AV01
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=AV01"
CHR Plugin: (Shockwave Flash) - C:\Users\Ich\AppData\Local\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Users\Ich\AppData\Local\Google\Chrome\Application\46.0.2490.80\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Ich\AppData\Local\Google\Chrome\Application\46.0.2490.80\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\Ich\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll => Keine Datei
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Ich\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => Keine Datei
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Ich\AppData\Roaming\Mozilla\plugins\npo1d.dll => Keine Datei
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll => Keine Datei
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Users\Ich\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL => Keine Datei
CHR Profile: C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-09-26]
CHR Extension: (Google Drive) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-07]
CHR Extension: (Battlefield Heroes) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2013-06-09]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-07]
CHR Extension: (Avast Online Security) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-07]
CHR Extension: (Skype Click to Call) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-09-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-07]
CHR Extension: (Amazon) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2015-02-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Ich\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-08-10]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-12] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-02] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-02] (Dropbox, Inc.)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.226\McCHSvc.exe [289256 2015-10-30] (McAfee, Inc.)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-08-28] ()
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-25] (Dritek System INC.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-07-31] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-12] ()
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R2 IntelHaxm; C:\Windows\system32\DRIVERS\IntelHaxm.sys [84992 2015-01-30] (Intel  Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-25] (Dritek System Inc.)
S3 SMARTMouseFilterx64; C:\Windows\System32\drivers\SMARTMouseFilterx64.sys [10240 2013-10-18] (SMART Technologies) [Datei ist nicht signiert]
S3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\drivers\SMARTVHidMiniVistaAmd64.sys [9216 2013-10-18] (SMART Technologies) [Datei ist nicht signiert]
S3 SMARTVTabletPCx64; C:\Windows\System32\drivers\SMARTVTabletPCx64.sys [22184 2013-10-18] (SMART Technologies ULC) [Datei ist nicht signiert]
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146072 2015-09-08] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wmbclass; C:\Windows\system32\DRIVERS\wmbclass.sys [268288 2014-03-18] (Microsoft Corporation)
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-29 18:23 - 2015-11-29 18:24 - 00032025 _____ C:\Users\Ich\Desktop\FRST.txt
2015-11-29 15:05 - 2015-11-29 15:05 - 02870984 _____ (ESET) C:\Users\Ich\Desktop\esetsmartinstaller_deu.exe
2015-11-29 15:05 - 2015-11-29 15:05 - 00000000 ____D C:\Program Files (x86)\ESET
2015-11-29 14:50 - 2015-11-29 15:04 - 00000000 ____D C:\ProgramData\HitmanPro
2015-11-29 14:49 - 2015-11-29 14:50 - 11337112 _____ (SurfRight B.V.) C:\Users\Ich\Desktop\HitmanPro_x64.exe
2015-11-29 14:39 - 2015-11-29 14:42 - 00005051 _____ C:\Users\Ich\Desktop\Fixlog.txt
2015-11-29 02:20 - 2015-11-29 02:20 - 00001229 _____ C:\Users\Ich\Desktop\Search.txt
2015-11-28 15:42 - 2015-11-28 15:42 - 00001522 _____ C:\Users\Ich\Desktop\mbam.txt
2015-11-28 15:28 - 2015-11-28 15:28 - 00000000 ____D C:\Users\Ich\Desktop\FRST-OlderVersion
2015-11-28 15:20 - 2015-11-28 15:20 - 00000757 _____ C:\Users\Ich\Desktop\JRT.txt
2015-11-28 15:12 - 2015-11-28 15:12 - 01599336 _____ (Malwarebytes) C:\Users\Ich\Desktop\JRT.exe
2015-11-28 14:27 - 2015-11-28 14:27 - 22908888 _____ (Malwarebytes ) C:\Users\Ich\Desktop\mbam-setup-2.2.0.1024.exe
2015-11-28 14:15 - 2015-11-28 14:15 - 01733632 _____ C:\Users\Ich\Desktop\AdwCleaner_5.022.exe
2015-11-27 19:55 - 2015-11-27 20:30 - 00245158 _____ C:\TDSSKiller.3.1.0.6_27.11.2015_19.55.24_log.txt
2015-11-27 19:42 - 2015-11-29 18:23 - 00000000 ____D C:\FRST
2015-11-27 19:41 - 2015-11-28 15:28 - 02349056 _____ (Farbar) C:\Users\Ich\Desktop\FRST64.exe
2015-11-27 19:41 - 2015-11-27 19:41 - 04397752 _____ (Kaspersky Lab ZAO) C:\Users\Ich\Desktop\tdsskiller.exe
2015-11-26 16:49 - 2015-11-26 16:49 - 00352398 _____ C:\Users\Ich\Downloads\S35C-115112610570.pdf
2015-11-25 22:32 - 2015-11-29 00:40 - 00000000 ____D C:\Users\Ich\Desktop\Javaprogrammierung
2015-11-24 22:19 - 2015-11-24 22:23 - 00000000 ____D C:\Users\Ich\Desktop\JavDoc
2015-11-20 23:38 - 2015-11-20 23:38 - 00002018 _____ C:\Users\UpdatusUser\Desktop\Gothic Multiplayer.lnk
2015-11-20 23:38 - 2015-11-20 23:38 - 00002018 _____ C:\Users\Ich\Desktop\Gothic Multiplayer.lnk
2015-11-20 23:38 - 2015-11-20 23:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gothic Multiplayer
2015-11-20 23:37 - 2015-11-20 23:37 - 05152599 _____ C:\Users\Ich\Downloads\gmp.exe
2015-11-17 18:16 - 2015-11-17 18:16 - 00104217 _____ C:\Users\Ich\Downloads\FHL_WS15_DBPra_05.pdf
2015-11-16 21:57 - 2015-11-16 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-11-16 21:57 - 2015-11-16 21:57 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-11-16 00:14 - 2015-11-16 00:14 - 00009334 _____ C:\Users\Ich\Desktop\sakila_statements.sql
2015-11-12 19:12 - 2015-11-12 19:12 - 15897561 _____ C:\Users\Ich\Desktop\Unit_03.pdf
2015-11-11 08:50 - 2015-11-11 08:50 - 00000809 _____ C:\Users\Ich\Desktop\eclipse.exe - Verknüpfung.lnk
2015-11-11 08:42 - 2015-11-11 08:42 - 00000000 ____D C:\Users\Ich\Desktop\eclipse-jee-mars-1-win32-x86_64
2015-11-11 08:41 - 2015-11-11 08:42 - 288024166 _____ C:\Users\Ich\Downloads\eclipse-jee-mars-1-win32-x86_64.zip
2015-11-11 08:20 - 2015-11-11 08:20 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-11-11 08:19 - 2015-11-11 08:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-11-11 08:07 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 08:07 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 08:07 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-11-11 08:07 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-11-11 08:07 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 08:07 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 08:07 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-11-11 08:07 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 08:07 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-11-11 08:07 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 08:07 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-11-11 08:07 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-11-11 08:07 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 08:07 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-11-11 08:07 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-11-11 08:07 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-11-11 08:07 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-11-11 08:07 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 08:07 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 08:07 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-11-11 08:07 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-11-11 08:07 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 08:07 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-11-11 08:07 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-11-11 08:07 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-11-11 08:07 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-11-11 08:07 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-11-11 08:07 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-11-11 08:07 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-11-11 08:07 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-11-11 08:07 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-11-11 08:07 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-11-11 08:07 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-11-11 08:07 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-11-11 08:07 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-11-11 08:07 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 08:07 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 08:07 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 08:07 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-11-11 08:07 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-11-11 08:07 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-11-11 08:07 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-11-11 08:07 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 08:07 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 08:07 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2015-11-11 08:07 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2015-11-11 08:07 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2015-11-11 08:07 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2015-11-11 08:07 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2015-11-11 08:07 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2015-11-11 08:07 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-11-11 08:07 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-11-11 08:07 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-11-11 08:07 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-11-11 08:07 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-11-11 08:07 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-11-11 08:07 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-11-11 08:07 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-11-11 08:07 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-11-11 08:07 - 2015-09-29 13:24 - 00155480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2015-11-11 08:07 - 2015-09-12 14:47 - 00414559 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-11-11 08:07 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-11-11 08:07 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-11-11 08:07 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-11-11 08:07 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-11-11 08:07 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2015-11-11 08:07 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-11-11 08:07 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-11-11 08:07 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-11-11 08:07 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-11-11 08:07 - 2014-10-29 02:21 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHostProxy.dll
2015-11-11 08:07 - 2014-10-29 01:40 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2015-11-11 08:07 - 2014-10-29 01:34 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2015-11-11 08:06 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-11-11 08:06 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-11-11 08:06 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-11-11 08:06 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-11-11 08:06 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-11-11 08:06 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-11-11 08:06 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-11-11 08:06 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-11-11 01:05 - 2015-11-11 01:05 - 00000000 _____ C:\Users\Ich\where
2015-11-11 01:01 - 2015-11-11 01:01 - 00005689 _____ C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jdk-8u60-windows-x64.lnk
2015-11-09 21:04 - 2015-11-09 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-09 18:38 - 2015-11-09 18:38 - 01255099 _____ C:\Users\Ich\Desktop\M1-KIMESAINF-stud.pdf
2015-11-08 16:32 - 2015-07-28 02:09 - 00987848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-11-08 16:32 - 2015-07-28 02:09 - 00484552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2015-11-08 16:32 - 2015-07-28 02:08 - 00993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-11-08 16:32 - 2015-07-28 02:08 - 00690016 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2015-11-07 19:43 - 2015-06-22 07:31 - 00027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-11-07 19:43 - 2015-06-22 07:30 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-11-07 19:40 - 2015-11-07 19:40 - 00000000 ____D C:\ProgramData\VsTelemetry
2015-11-07 19:39 - 2015-11-07 19:39 - 02987408 _____ (Microsoft Corporation) C:\Users\Ich\Downloads\wdexpress_full.exe
2015-11-07 19:25 - 2015-11-07 19:25 - 05633578 _____ C:\Users\Ich\Downloads\guc2081(1).zip
2015-11-07 19:25 - 2015-11-07 19:25 - 00000000 ____D C:\Users\Ich\Desktop\guc2081(1)
2015-11-07 11:46 - 2015-11-07 11:46 - 00001764 _____ C:\Users\Ich\Desktop\GO_Launcher.exe - Verknüpfung.lnk
2015-11-07 01:38 - 2015-11-07 01:38 - 00000000 ____D C:\Users\Ich\Desktop\Gothic Online 0.1b dev 5 Server for Win32
2015-11-07 01:36 - 2015-11-07 01:36 - 00001259 _____ C:\Users\Ich\Desktop\Gothic 2 Online.lnk
2015-11-07 01:31 - 2015-11-07 01:31 - 02021388 _____ C:\Users\Ich\Desktop\Gothic Online 0.1b dev 5 Server for Win32.zip
2015-11-07 01:30 - 2015-11-07 01:30 - 11741448 _____ (GO Team ) C:\Users\Ich\Desktop\G2O_021015.exe
2015-11-06 17:00 - 2015-11-06 17:00 - 00003184 _____ C:\Users\Ich\Desktop\NUMMERN.abw
2015-11-04 14:57 - 2015-11-08 19:26 - 00000000 ____D C:\Users\Ich\Desktop\sakila-db
2015-11-04 14:57 - 2015-11-04 14:58 - 00000000 ____D C:\Users\Ich\Downloads\sakila-db
2015-11-04 14:57 - 2015-11-04 14:57 - 00741576 _____ C:\Users\Ich\Downloads\sakila-db.zip
2015-11-04 14:57 - 2015-11-04 14:57 - 00092038 _____ C:\Users\Ich\Downloads\FHL_WS15_DBPra_04.pdf
2015-11-04 12:14 - 2015-11-04 12:14 - 00088968 _____ C:\Users\Ich\Downloads\uebungen_2.pdf
2015-11-02 17:55 - 2015-11-29 14:47 - 00001246 _____ C:\Users\Ich\Desktop\Dropbox.lnk
2015-11-02 17:55 - 2015-11-29 14:47 - 00000000 ___RD C:\Users\Ich\Dropbox
2015-11-02 17:52 - 2015-11-29 17:57 - 00001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-11-02 17:52 - 2015-11-29 17:57 - 00001218 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-11-02 17:52 - 2015-11-09 21:05 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-11-02 17:52 - 2015-11-02 17:52 - 00004194 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2015-11-02 17:52 - 2015-11-02 17:52 - 00003958 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2015-11-02 17:52 - 2015-11-02 17:52 - 00000000 ____D C:\Users\Ich\AppData\Local\Dropbox
2015-11-02 17:52 - 2015-11-02 17:52 - 00000000 ____D C:\ProgramData\Dropbox
2015-11-02 17:51 - 2015-11-02 17:51 - 00660960 _____ (Dropbox, Inc.) C:\Users\Ich\Downloads\DropboxInstaller.exe
2015-11-02 17:04 - 2015-11-02 17:23 - 00001195 _____ C:\Users\Ich\Desktop\sfmlAPI.txt
2015-11-02 11:28 - 2015-11-02 11:28 - 00000383 _____ C:\ftconfig.ini
2015-11-01 11:34 - 2015-11-01 11:34 - 10892026 _____ C:\Users\Ich\Downloads\SFML-2.1-windows-vc10-32bits.zip
2015-11-01 11:34 - 2015-11-01 11:34 - 00000000 ____D C:\Users\Ich\Desktop\SFML-2.1-windows-vc10-32bits
2015-11-01 10:11 - 2015-11-01 10:11 - 00034914 _____ C:\Users\Ich\Downloads\GOL.rar
2015-11-01 10:11 - 2015-11-01 10:11 - 00000000 ____D C:\Users\Ich\Downloads\GOL
2015-10-31 21:11 - 2015-10-31 21:11 - 00000000 ____D C:\Users\Ich\AppData\Roaming\Smokin' Guns
2015-10-31 21:10 - 2015-10-31 21:11 - 00000000 ____D C:\Program Files (x86)\Smokin' Guns
2015-10-31 21:10 - 2015-10-31 21:10 - 00001061 _____ C:\Users\Public\Desktop\Smokin' Guns.lnk
2015-10-31 21:10 - 2015-10-31 21:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smokin' Guns
2015-10-31 21:07 - 2015-10-31 21:09 - 409494295 _____ (Smokin' Guns Productions ) C:\Users\Ich\Downloads\Smokin_Guns_1.1.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-29 18:23 - 2013-01-02 12:27 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3959979219-1793462969-950886862-1002UA.job
2015-11-29 18:10 - 2012-12-13 18:01 - 00000000 ____D C:\Users\Ich\AppData\Roaming\Skype
2015-11-29 18:03 - 2013-11-23 15:42 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-29 17:52 - 2015-02-21 16:13 - 00003914 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{536408FC-A54F-4099-B525-5A19EAC9FC4E}
2015-11-29 14:49 - 2014-08-22 12:11 - 00000000 ___DO C:\Users\Ich\OneDrive
2015-11-29 14:47 - 2014-05-12 17:34 - 00000000 ____D C:\Users\Ich\AppData\Roaming\Dropbox
2015-11-29 14:46 - 2014-08-22 14:11 - 00997888 ___SH C:\Users\Ich\Desktop\Thumbs.db
2015-11-29 14:46 - 2014-05-12 17:23 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-11-29 14:44 - 2015-09-09 17:12 - 00000091 _____ C:\HaxLogs.txt
2015-11-29 14:44 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-29 14:43 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-29 11:07 - 2015-09-10 08:36 - 00000000 ____D C:\Users\Ich\.p2
2015-11-29 11:07 - 2015-08-20 12:14 - 00000000 ____D C:\Users\Ich\AppData\Local\Eclipse
2015-11-28 15:40 - 2014-05-14 13:48 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-28 15:39 - 2014-05-30 10:50 - 00000000 ____D C:\AdwCleaner
2015-11-28 15:30 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-11-28 14:47 - 2012-12-13 17:40 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3959979219-1793462969-950886862-1002
2015-11-28 14:28 - 2014-05-14 13:47 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-11-28 14:27 - 2014-05-14 13:47 - 00001118 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-11-28 14:27 - 2014-05-14 13:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-28 14:26 - 2013-02-09 14:18 - 00000000 ____D C:\Users\Ich\AppData\Roaming\AbiSuite
2015-11-28 13:54 - 2015-08-20 12:14 - 00000000 ____D C:\Users\Ich\workspace
2015-11-27 21:02 - 2015-10-26 21:23 - 00000327 _____ C:\Users\Ich\Desktop\h.txt
2015-11-26 22:32 - 2013-10-11 15:21 - 00000000 ____D C:\Users\Ich\AppData\Roaming\vlc
2015-11-25 19:42 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2015-11-24 22:44 - 2014-03-18 11:03 - 01960188 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-24 22:44 - 2014-03-18 10:25 - 00830894 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-24 22:44 - 2014-03-18 10:25 - 00183768 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-22 10:24 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-21 11:03 - 2012-12-13 18:01 - 00000000 ____D C:\ProgramData\Skype
2015-11-20 09:36 - 2015-09-19 14:22 - 00000000 ____D C:\Users\Ich\Desktop\Musik_Zum_Coden
2015-11-16 21:57 - 2013-03-09 21:57 - 00001954 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-11-15 22:15 - 2015-09-17 15:38 - 00000000 ____D C:\Users\Ich\Desktop\GhanaS
2015-11-13 18:57 - 2013-08-21 17:07 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-13 18:51 - 2012-12-15 12:01 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-11 23:47 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2015-11-11 14:13 - 2013-08-22 15:44 - 00377592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-11 09:35 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-11-11 08:41 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-11 08:20 - 2015-08-20 07:57 - 00000000 ____D C:\Program Files\Java
2015-11-11 08:20 - 2013-10-31 08:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-11 08:09 - 2015-08-20 07:38 - 00000000 ____D C:\Users\Ich\.oracle_jre_usage
2015-11-11 01:05 - 2014-08-22 10:57 - 00000000 ____D C:\Users\Ich
2015-11-09 22:33 - 2014-10-30 14:15 - 00165888 ___SH C:\Users\Ich\Downloads\Thumbs.db
2015-11-09 22:32 - 2014-08-22 13:39 - 01906688 ___SH C:\Users\Ich\Documents\Thumbs.db
2015-11-08 13:35 - 2015-09-14 17:08 - 00000251 _____ C:\Users\Ich\Desktop\pawaws.txt
2015-11-07 19:45 - 2015-08-21 17:20 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-07 19:41 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-07 19:26 - 2015-10-03 20:06 - 00000000 ____D C:\Users\Ich\Documents\Visual Studio 2010
2015-11-07 01:41 - 2014-07-09 09:16 - 00000000 ____D C:\Program Files (x86)\Modifikationen
2015-11-06 16:56 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-11-03 01:23 - 2015-03-17 16:54 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 01:23 - 2015-03-17 16:54 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-31 23:13 - 2015-10-27 14:18 - 00000000 ____D C:\Users\Ich\Documents\lcc
2015-10-31 23:13 - 2015-10-27 14:15 - 00000000 ____D C:\lcc

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-20 07:37 - 2015-08-20 07:37 - 0003244 _____ () C:\Program Files (x86)\COPYRIGHT
2015-08-20 07:37 - 2015-08-20 07:37 - 0000040 _____ () C:\Program Files (x86)\LICENSE
2015-08-20 07:37 - 2015-08-20 07:37 - 0000046 _____ () C:\Program Files (x86)\README.txt
2015-08-20 07:38 - 2015-08-20 07:38 - 0000527 _____ () C:\Program Files (x86)\release
2015-08-20 07:37 - 2015-08-20 07:37 - 0110114 _____ () C:\Program Files (x86)\THIRDPARTYLICENSEREADME-JAVAFX.txt
2015-08-20 07:37 - 2015-08-20 07:37 - 0177094 _____ () C:\Program Files (x86)\THIRDPARTYLICENSEREADME.txt
2015-08-20 07:37 - 2015-08-20 07:37 - 0000955 _____ () C:\Program Files (x86)\Welcome.html
2006-12-11 18:13 - 2006-12-11 18:13 - 0097336 _____ (Un4seen Developments) C:\Users\Ich\AppData\Local\bass.dll
2006-12-11 18:13 - 2006-12-11 18:13 - 0013872 _____ (Un4seen Developments) C:\Users\Ich\AppData\Local\basscd.dll
2007-08-13 16:46 - 2007-08-13 16:46 - 0102912 _____ (Albert L Faber) C:\Users\Ich\AppData\Local\CDRip.dll
2007-01-18 20:09 - 2007-01-18 20:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\Ich\AppData\Local\No23 Recorder.exe
2013-04-05 14:40 - 2014-02-23 18:18 - 0001467 _____ () C:\Users\Ich\AppData\Local\RecConfig.xml
2012-09-25 17:06 - 2012-09-25 17:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Ich\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjept4j.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-29 11:53

==================== Ende von FRST.txt ============================
         

Alt 29.11.2015, 18:31   #14
xJohnDoe
 
watch4 virus - Standard

watch4 virus



Addition

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-11-2015
durchgeführt von Ich (2015-11-29 18:24:57)
Gestartet von C:\Users\Ich\Desktop
Windows 8.1 (X64) (2014-08-22 11:08:39)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3959979219-1793462969-950886862-500 - Administrator - Disabled)
Gast (S-1-5-21-3959979219-1793462969-950886862-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3959979219-1793462969-950886862-1004 - Limited - Enabled)
Ich (S-1-5-21-3959979219-1793462969-950886862-1002 - Administrator - Enabled) => C:\Users\Ich
UpdatusUser (S-1-5-21-3959979219-1793462969-950886862-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

0 A.D. (HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\0 A.D.) (Version: r15148P-alpha - Wildfire Games)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
AbiWord 2.9.4 (HKLM-x32\...\AbiWord2) (Version: 2.9.4 - AbiSource Developers)
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0059 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{8215A318-CC27-435E-B3EA-2E3443C8998C}) (Version: 1.00.3013 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3115 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3201 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\{BFBC6337-B7B9-4AEE-BC19-CA910EED755D}) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.02) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.02 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.100.2020.110 - Alps Electric)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.4 - Atheros Communications Inc.)
Aus dem Leben eines Diebes (HKLM-x32\...\Aus dem Leben eines Diebes) (Version: 1.1 - Team K)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Avatar - Legends of The Arena (HKLM-x32\...\{E02C0C32-1103-42E3-B2B3-1630675B778C}) (Version: 1.03.0008 - NickOnline)
Backup Manager v4 (x32 Version: 4.0.0.0059 - NTI Corporation) Hidden
Battlefield Heroes (HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version:  - EA Digital illusions)
Battlefield Play4Free (Ich) (HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
Bauernleben (HKLM-x32\...\Bauernleben) (Version: 1.0 - Orcjäger)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3108 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3108 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.1925 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2008 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 1.82 - NCH Software)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Desktopicon Trends auf OTTO.de (HKLM\...\DesktopIconotto) (Version: 1.0.1 - )
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.8.2 - Bloodshed Software)
Die Rückkehr (HKLM-x32\...\Die Rückkehr) (Version: 1.0 - Übersetzer-Team Lonewulf & Co)
Die Sims 2: Open For Business (HKLM-x32\...\{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}) (Version:  - )
Die Sims™ 2 Apartment-Leben (HKLM-x32\...\{B6F5B704-06D3-4687-90F3-6195304AD755}) (Version:  - Electronic Arts)
Die Sims™ 2 Super Deluxe (HKLM-x32\...\{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}) (Version:  - Electronic Arts)
Die Sims™ 2 Vier Jahreszeiten (HKLM-x32\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version:  - )
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Gothic 1+2 Windows 8 fixes (HKLM\...\{9084b1e7-83b4-406a-8705-374300ee2d84}.sdb) (Version:  - )
Gothic 2 Gold (HKLM-x32\...\{40FE74B5-71A1-4393-A0AB-21D6E1DA5A66}) (Version: 1.0.0 - JoWood)
Gothic 2 Online - 0.1b dev 5 (HKLM-x32\...\Gothic 2 Online - 0.1b dev 5) (Version: 0.1b dev 5 - GO Team)
Gothic II - Modification Development Kit (HKLM-x32\...\G2MDK) (Version: 2.6 - Piranha Bytes)
Gothic Multiplayer (HKLM-x32\...\Gothic Multiplayer) (Version: 0.1.11.0 - Gothic Multiplayer Team)
GOTHIC2 ADDON - 'Odyssey — on behalf of the King' (HKLM-x32\...\GOTHIC2 ADDON - 'Odyssey — on behalf of the King') (Version: 1.3 - World of Gothic DE - Community © 2015)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
Icy Tower v1.5 (HKLM-x32\...\Icy Tower v1.5_is1) (Version:  - Free Lunch Design)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Programm für die Prozessorerkennung (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Kinovea (HKLM-x32\...\Kinovea) (Version: 0.8.15 - Kinovea)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.4 - Acer Inc.)
lcc-win32 version 3.2 (base system) (HKLM-x32\...\lcc-win32 (base system)_is1) (Version:  - Logiciels/Informatique, Jacob Navia)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Legend of Ahssûn (HKLM-x32\...\Legend of Ahssûn) (Version: 1.0 - LoA-Team)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3004 - Acer Incorporated)
Lua for Windows 5.1.4-46 (HKLM-x32\...\Lua_is1) (Version: 5.1.4.46 - The Lua for Windows Project and Lua and Tecgraf, PUC-Rio)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.226.1 - McAfee, Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Compatibility Toolkit 5.6 (HKLM-x32\...\{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}) (Version: 5.6.7324.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2015 für Windows Desktop - DEU (HKLM-x32\...\{1541de02-c602-410d-9962-8f1c6cc255ff}) (Version: 14.0.23107.10 - Microsoft Corporation)
Moorhuhn Wanted XS (HKLM-x32\...\{3F0DD9B2-A9F2-4D67-B6A1-E4864CBF2E61}) (Version:  - )
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MTA:SA v1.3.5 (HKLM-x32\...\MTA:SA 1.3) (Version: v1.3.5 - Multi Theft Auto)
MTA:SA v1.4.0 (HKLM-x32\...\MTA:SA 1.4) (Version: v1.4.0 - Multi Theft Auto)
MTA:SA v1.5.0 (HKLM-x32\...\MTA:SA 1.5) (Version: v1.5.0 - Multi Theft Auto)
MySQL Workbench 6.3 CE (HKLM\...\{40AFAA5A-72EE-45A7-B8D2-CC7E08C9370B}) (Version: 6.3.4 - Oracle Corporation)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Odyssee_Speech 1.0 (HKLM-x32\...\Odyssee_Speech) (Version: 1.0 - OdysseeModTeam)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3200 - Acer)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenCity 0.0.6.2 stable (HKLM-x32\...\OpenCity 0.0.6.2 stable_is1) (Version: OpenCity 0.0.6.2 stable - Duong Khang NGUYEN)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera Stable 21.0.1432.57 (HKLM-x32\...\Opera 21.0.1432.57) (Version: 21.0.1432.57 - Opera Software ASA)
Oracle VM VirtualBox 5.0.4 (HKLM\...\{FC191F32-1A67-4231-91D0-0059A57C99A8}) (Version: 5.0.4 - Oracle Corporation)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Ihr Firmenname)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.05 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.)
Regnum Online 1.6.2 (HKLM-x32\...\Regnum Online) (Version: 1.6.2 - NGD Studios)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.15 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.15.102 - Skype Technologies S.A.)
Smokin' Guns version 1.1 (HKLM-x32\...\{C0F2B168-5C5C-4B55-B76E-035813CC559E}_is1) (Version: 1.1 - Smokin' Guns Productions)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Stampfer 0.5.0.2 (HKLM-x32\...\Stampfer) (Version: 0.5.0.2 - Sumpfkrautjunkie)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TuxGuitar (HKLM-x32\...\{03534DA5-2F88-4B8E-A978-849B979E1B8F}) (Version: 1.2 - Herac)
Universal Document Converter (Demo) (HKLM-x32\...\Universal Document Converter_is1) (Version: 5.8 - fCoder Group, Inc.)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.0.6 (HKLM-x32\...\VLC media player) (Version: 2.0.6 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.3 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinHTTrack Website Copier 3.48-17 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.17 - HTTrack)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.11-1 - Bitnami)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ich\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Ich\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ich\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ich\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3959979219-1793462969-950886862-1002_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Ich\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei

==================== Wiederherstellungspunkte =========================

14-11-2015 14:12:47 Windows Update
17-11-2015 19:07:17 Windows Update
20-11-2015 20:45:10 Windows Update
27-11-2015 21:17:51 Windows Update
28-11-2015 15:14:53 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2012-07-26 06:26 - 2015-11-16 21:57 - 00000061 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
0.0.0.1	mssplus.mcafee.com

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07B30BD9-A60E-43E4-9273-76F3E28834C5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-13] (Microsoft Corporation)
Task: {08EB8921-4663-4DD2-8C4C-A4BA04543BDE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {14238981-97D8-48A3-A470-248B76FCC63A} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {2A5FC1F1-0921-44C0-B14F-98AC6F4C6D66} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-22] ()
Task: {300F13DF-70AE-4CEC-95B2-ABC1DDFB0496} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {446DCAE7-347F-458F-83BC-0112B0E51013} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] ()
Task: {50378902-5F20-4B11-B489-7084968D689E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-02] (Dropbox, Inc.)
Task: {55C8B2C7-54CA-4684-AB39-C68FF8EC8D04} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {57EE0DA7-B5F8-4B19-8E61-D2BA98C89CC4} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
Task: {5A711C3C-3F08-4E75-BC40-010D226DF220} - System32\Tasks\Amazon Music Helper => C:\Users\Ich\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
Task: {663C69D9-37B0-4ACA-82AB-5E6E7023FCAB} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {769D7839-DBBD-4780-B6AB-35E7889522E0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3959979219-1793462969-950886862-1002UA => C:\Users\Ich\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7F3747FF-4F3F-43E1-8966-0F972453AD6C} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {9FB2D80F-9B30-4E43-90EB-2B0254138EFD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-08-25] (AVAST Software)
Task: {B75AE49F-3F94-45E5-9D3B-D12B4A24E397} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {D2807B6A-0559-46B6-AC6D-645EEFA1D46B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {D2F6DCFD-8A44-45F5-8537-2399B536DCBC} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-22] ()
Task: {D53B1135-166E-4811-B4BA-D404A574A094} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-02] (Dropbox, Inc.)
Task: {D7275FA9-3B5F-432C-9645-0727E82CD148} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {D72AC33D-F527-4D8B-B931-1368F9D03636} - System32\Tasks\{B3FE6AA6-379C-4AAD-B9EB-B83FDFA9FF8C} => pcalua.exe -a "C:\Program Files (x86)\Stampfer\Stampfer.exe" -d "C:\Program Files (x86)\Stampfer"
Task: {DE58430C-7C63-411E-904D-6F9D85FF2A5E} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2012-07-31] (Acer Incorporated)
Task: {F49CB3C1-1222-4D71-AC3A-C7122CE4093D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-23] (Adobe Systems Incorporated)
Task: {F891D15F-9900-4A20-BBB9-884E1134737A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3959979219-1793462969-950886862-1002Core => C:\Users\Ich\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {FC3A0CB9-6EBB-45AB-9BC9-D30BE87CF807} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3959979219-1793462969-950886862-1002Core.job => C:\Users\Ich\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3959979219-1793462969-950886862-1002UA.job => C:\Users\Ich\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\0 A.D. alpha\Open logs folder.lnk -> C:\Users\Ich\AppData\Local\0 A.D. alpha\OpenLogsFolder.bat () <==== ACHTUNG

ShortcutWithArgument: C:\Users\Public\Desktop\Online kaufen.lnk -> C:\Program Files\Accessory Store\StartURL.exe () -> hxxp://go.acer.com/?id=13400 <==== ACHTUNG

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-09-05 01:36 - 2013-09-05 01:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2012-06-22 02:12 - 2012-06-22 02:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-01-23 15:46 - 2014-08-28 18:21 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2012-08-22 23:04 - 2012-08-22 23:04 - 00025232 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2012-08-22 23:04 - 2012-08-22 23:04 - 00044176 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2012-08-10 17:28 - 2012-08-10 17:28 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2015-11-29 10:58 - 2015-11-29 10:58 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\15112900\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-23 07:26 - 2012-08-23 07:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-23 07:25 - 2012-08-23 07:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-08-23 07:26 - 2012-08-23 07:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-08-23 07:25 - 2012-08-23 07:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-08-23 07:25 - 2012-08-23 07:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-08-23 07:25 - 2012-08-23 07:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-08-23 07:26 - 2012-08-23 07:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2015-05-10 17:56 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-05-10 17:56 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-05-10 17:56 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-05-10 17:56 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-05-10 17:56 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-11-14 03:30 - 2015-11-14 03:30 - 00147136 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2014-05-12 17:21 - 2014-05-12 17:21 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-11-29 14:46 - 2015-11-29 14:46 - 00071168 _____ () c:\users\ich\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjept4j.dll
2015-11-02 17:53 - 2015-09-03 01:11 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-11-02 17:53 - 2015-09-03 01:11 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-11-02 17:53 - 2015-09-03 01:11 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-11-02 17:53 - 2015-09-03 01:11 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2014-07-31 15:02 - 2014-07-31 15:02 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2012-09-25 17:10 - 2012-06-25 03:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3959979219-1793462969-950886862-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SMART Board Service"
HKLM\...\StartupApproved\Run32: => "SMART Floating Tools"
HKLM\...\StartupApproved\Run32: => "SMARTNotification"
HKLM\...\StartupApproved\Run32: => "SMART Tray Tools"
HKLM\...\StartupApproved\Run32: => "SMART Ink"
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk"
HKU\S-1-5-21-3959979219-1793462969-950886862-1002\...\StartupApproved\Run: => "AmazonMP3DownloaderHelper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{217A4FF2-831B-485D-80A1-AD353E2E9AF2}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [TCP Query User{2E60A8CC-853B-4605-B23F-95D1FC456CD7}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [UDP Query User{74983DAD-AD10-41EE-96F9-FFEA9D35784B}C:\users\ich\desktop\server 0.1a r-9 windows\server_gmp.exe] => (Allow) C:\users\ich\desktop\server 0.1a r-9 windows\server_gmp.exe
FirewallRules: [TCP Query User{AA841A9B-D954-4793-8AB3-37154E86910B}C:\users\ich\desktop\server 0.1a r-9 windows\server_gmp.exe] => (Allow) C:\users\ich\desktop\server 0.1a r-9 windows\server_gmp.exe
FirewallRules: [UDP Query User{77EA9650-3F65-4E2D-9FF0-5F8D231EF942}C:\program files (x86)\modding\gothic ii gold\_work\tools\zspy\zspy.exe] => (Allow) C:\program files (x86)\modding\gothic ii gold\_work\tools\zspy\zspy.exe
FirewallRules: [TCP Query User{48920CE1-4D84-4A85-88DE-23775DF8DA70}C:\program files (x86)\modding\gothic ii gold\_work\tools\zspy\zspy.exe] => (Allow) C:\program files (x86)\modding\gothic ii gold\_work\tools\zspy\zspy.exe
FirewallRules: [{9A4355B3-C21D-4D24-8E79-C5EB075F45C3}] => (Block) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [{BC1F1CFD-D70C-4008-ADE6-4F23AB108F0A}] => (Block) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [UDP Query User{4A8288D1-AE3C-40AE-BBF7-FD33C1F9CC75}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [TCP Query User{CFE6DAAD-3DA4-4C65-9AC0-2713A67CC1C7}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [{61E529E2-39C7-42F9-87F4-FD4ACE565287}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{C825F568-EDEA-499B-BAF2-A3F0F3D6E020}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ED3E2633-5EE8-46C1-A56D-C6162B5C85C3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0944A773-922D-4C07-A564-AAA0E45440C6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{91B80A1A-503E-4222-99DA-083B853C50B2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A301FD69-22FE-4388-80D4-1E99A962C2E3}] => (Allow) LPort=1900
FirewallRules: [{4497760E-5805-4311-B36B-B773377B2AAA}] => (Allow) LPort=2869
FirewallRules: [{D1E6D330-88D1-4A16-85B7-A1EECA09458C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1ADF29A0-8D11-419E-882F-0E12666DBF54}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0187286E-65D9-43C7-A1B5-82DC942214F8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BA9B6E10-2E97-4B21-B628-1E89D8067CE4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{65866DEF-264A-418E-A10A-25BA02DC9B3C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{31244750-0EFC-4081-A2C7-9B7158AE29B3}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCService.exe
FirewallRules: [{61B57827-1B9C-4511-BB18-10DD2B2B5FB2}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCService.exe
FirewallRules: [{FCEBC343-3E78-42B5-AFE8-C12953F49519}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCGui.exe
FirewallRules: [{DAA1509A-D454-4195-A66B-2C881CC64A5C}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCGui.exe
FirewallRules: [{FBFA7237-007B-413F-BD56-F35C125CDE60}] => (Allow) C:\Users\Ich\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{A359FE8B-2B2F-45B1-9F64-0688CA45F9CA}] => (Allow) C:\Users\Ich\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{4DA81EDE-CD04-4F1D-BADC-7257AE6D71B9}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{4F4E93DE-8FEC-427A-855F-3CFB13512C9A}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{03CF7716-962C-41F3-9C25-DC2935F5E7C1}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{C30F28AF-396F-4154-8A1E-77B2FAE527E3}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{9718CAED-3B3C-4FA6-9F61-C5C7413E4932}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{0BD2D6BC-5AEB-47E5-B27F-8DE4D4501887}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{0FA7FADC-CC2B-4387-8857-20B7EE160120}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{CD0C8C9D-D154-48DC-8074-C6E6B1DB824F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{E4A60ED4-19F3-4292-905A-E26AC33F983E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{BBD1A6A2-43E1-4F10-9F8F-930673F2024E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{A9051570-0B3C-4D2B-8572-A3CC55B202E4}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{7A4494AE-F92A-4CD0-9690-B52330F39142}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{2CD3B7DF-15B6-46A9-A3C6-E99F5C49000D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{AA864CF5-25C5-4094-A2E4-19F0596D3F00}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{4578D12F-925A-4A61-AAF6-E6CC7C5774B0}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{C26E9432-6C9E-46B0-9751-AFB7982CC52A}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{882F4811-DF5A-45C0-B2ED-6C95BF90F203}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{188237BE-78DB-4D72-94AC-2B082EFE447A}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{262C27E2-B2E9-4B73-90CF-AF14B428EBFE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{C2F61F32-2F48-49A3-A368-479F2A3E1B77}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{C44F4001-5117-4E3F-972D-06FD998E2275}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{554A9B34-A045-4F77-8BBF-31B886DF4369}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{22CD2F9A-7FF3-4EDC-9339-DCDB0B172F41}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [TCP Query User{93BD9022-6E92-464D-8012-EE641AC38482}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{BDFB01D8-2445-404F-AF9B-A89C22180E3B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{E946CC2B-277D-4840-9AE4-193BFB5378E8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{9EC5F6FD-94DA-48C6-80EF-F3CFB57BAC21}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{882CD626-BE74-450B-8DB8-ABCB175ECC6B}C:\program files (x86)\mta san andreas 1.5\server\mta server.exe] => (Block) C:\program files (x86)\mta san andreas 1.5\server\mta server.exe
FirewallRules: [UDP Query User{1141E08A-B283-48DD-94E7-9101F7B349E3}C:\program files (x86)\mta san andreas 1.5\server\mta server.exe] => (Block) C:\program files (x86)\mta san andreas 1.5\server\mta server.exe
FirewallRules: [TCP Query User{E8B49ED1-B073-431D-B0B5-127D62774812}C:\users\ich\desktop\eclipse-jee-juno-win32-x86_64\eclipse\eclipse.exe] => (Block) C:\users\ich\desktop\eclipse-jee-juno-win32-x86_64\eclipse\eclipse.exe
FirewallRules: [UDP Query User{6321E5F2-BAC4-4A53-9885-5190A44A4D64}C:\users\ich\desktop\eclipse-jee-juno-win32-x86_64\eclipse\eclipse.exe] => (Block) C:\users\ich\desktop\eclipse-jee-juno-win32-x86_64\eclipse\eclipse.exe
FirewallRules: [TCP Query User{4DC18B49-EE78-4408-9FAA-CBD605A729F4}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{AA7A3386-4973-4DC7-A546-260416C2D522}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [TCP Query User{4ABEE83A-C9E8-4522-BC49-326DC178AFBC}C:\program files\java\jdk1.8.0_60\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_60\bin\java.exe
FirewallRules: [UDP Query User{5952A740-2F1D-4B5A-9AD5-8F21283750C0}C:\program files\java\jdk1.8.0_60\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_60\bin\java.exe
FirewallRules: [TCP Query User{BF036C93-96C2-4EF5-AC71-A0626B302854}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{D267E2F9-6BD5-4F21-B6B7-1EB525861E08}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{C120493B-FC9A-4807-A24A-05DBB28B8D5B}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{04170A94-9352-4608-B292-FB1C70EC6F35}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{A1455A5F-20C2-4076-ACD8-18CEBD4DE245}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{293918FA-85A1-4940-B2BF-102891A928AB}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{B39A3E76-2E11-4304-AAEE-F98C24DC3492}C:\users\ich\desktop\r10\server_windows\server_gmp.exe] => (Allow) C:\users\ich\desktop\r10\server_windows\server_gmp.exe
FirewallRules: [UDP Query User{8285040D-0205-4D32-B7EA-F3E327A14404}C:\users\ich\desktop\r10\server_windows\server_gmp.exe] => (Allow) C:\users\ich\desktop\r10\server_windows\server_gmp.exe
FirewallRules: [TCP Query User{BDC047C4-A655-4715-846A-3D13E484E818}C:\users\ich\downloads\openarena-0.8.8\openarena-0.8.8\openarena.exe] => (Allow) C:\users\ich\downloads\openarena-0.8.8\openarena-0.8.8\openarena.exe
FirewallRules: [UDP Query User{CB18137B-F009-4B02-A2B2-FFDBE1041F68}C:\users\ich\downloads\openarena-0.8.8\openarena-0.8.8\openarena.exe] => (Allow) C:\users\ich\downloads\openarena-0.8.8\openarena-0.8.8\openarena.exe
FirewallRules: [TCP Query User{CA797B9D-E490-4407-AA83-1F4A361272F3}C:\program files (x86)\smokin' guns\smokinguns.exe] => (Allow) C:\program files (x86)\smokin' guns\smokinguns.exe
FirewallRules: [UDP Query User{E48B6664-D55D-4E27-9C1A-2DF1781ED398}C:\program files (x86)\smokin' guns\smokinguns.exe] => (Allow) C:\program files (x86)\smokin' guns\smokinguns.exe
FirewallRules: [TCP Query User{592AAFB5-D09A-4903-A329-5FB8B9976FEE}C:\users\ich\desktop\gothic online 0.1b dev 5 server for win32\gothic online 0.1b dev 5 server for win32\g2o_server.exe] => (Allow) C:\users\ich\desktop\gothic online 0.1b dev 5 server for win32\gothic online 0.1b dev 5 server for win32\g2o_server.exe
FirewallRules: [UDP Query User{7854E905-15F5-4B51-ACE6-8F238E3EE535}C:\users\ich\desktop\gothic online 0.1b dev 5 server for win32\gothic online 0.1b dev 5 server for win32\g2o_server.exe] => (Allow) C:\users\ich\desktop\gothic online 0.1b dev 5 server for win32\gothic online 0.1b dev 5 server for win32\g2o_server.exe
FirewallRules: [{EC2A25FF-87E3-4372-A5BD-5111B1A8E69C}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/29/2015 06:16:08 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (11/29/2015 03:05:32 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (11/29/2015 03:05:32 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (11/29/2015 03:05:32 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (11/29/2015 03:05:30 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (11/29/2015 03:05:17 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (11/29/2015 03:05:13 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (11/28/2015 03:39:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm AdwCleaner_5.022.exe, Version 5.0.2.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 9d4

Startzeit: 01d129ea3b1ea3d0

Endzeit: 4294967295

Anwendungspfad: C:\Users\Ich\Desktop\AdwCleaner_5.022.exe

Berichts-ID: e0bb7517-95dd-11e5-87e5-4c72b9cc84ec

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/28/2015 02:18:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm AdwCleaner_5.022.exe, Version 5.0.2.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1eb0

Startzeit: 01d129dee58bb8e8

Endzeit: 4294967295

Anwendungspfad: C:\Users\Ich\Desktop\AdwCleaner_5.022.exe

Berichts-ID: 7dea99be-95d2-11e5-87e3-4c72b9cc84ec

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/27/2015 11:41:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 31.0.0.5310, Zeitstempel: 0x53c75e91
Name des fehlerhaften Moduls: mozalloc.dll, Version: 31.0.0.5310, Zeitstempel: 0x53c72e91
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x184c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5


Systemfehler:
=============
Error: (11/29/2015 05:23:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/29/2015 03:14:01 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "Acer" wurde eine Beschädigung erkannt.

In einer Indexstruktur des Dateisystems wurde eine Beschädigung gefunden. Die Dateireferenznummer ist 0x6000000035913. Der Name der Datei ist "\Windows\System32\config". Das Attribut des beschädigten Indexes ist ":$I30:$INDEX_ROOT". Der Block des beschädigten Indexes befindet sich in VCN 0xffffffffffffffff, LCN 0xffffffffffffffff.  Die Beschädigung beginnt beim Offset 480 im Indexblock.

Error: (11/29/2015 03:08:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/29/2015 03:08:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/29/2015 03:08:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/29/2015 03:08:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/29/2015 03:06:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (11/29/2015 03:06:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Ich\AppData\Local\Temp\ehdrv.sys

Error: (11/29/2015 03:06:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (11/29/2015 03:06:28 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Ich\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2014-05-13 16:08:49.254
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 8010.27 MB
Verfügbarer physikalischer RAM: 4028.01 MB
Summe virtueller Speicher: 9290.27 MB
Verfügbarer virtueller Speicher: 4831.82 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:680.39 GB) (Free:549.69 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: D06C910E)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
MfG
John

Alt 29.11.2015, 21:41   #15
M-K-D-B
/// TB-Ausbilder
 
watch4 virus - Standard

watch4 virus




Zitat:
CHIP-Installer.exe
Bitte keinen Chip-Installer mehr verwenden! Bitte lesen: CHIP-Installer – was ist das?







Reste entfernen
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
C:\Users\Ich\Downloads\*CHIP-Installer.exe
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
Reboot:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Die Fixlog von FRST gleich posten, da diese sonst mit DelFix (siehe weiter unten) automatisch entfernt wird!





Hinweis: Registry Cleaner

Ich sehe, dass du sogenannte Registry Cleaner installiert hast.
In deinem Fall CCleaner.

Wir raten von der Verwendung jeglicher Art von Registry Cleaner ab.

Der Grund ist ganz einfach:
Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich.
Man sollte nicht unnötigerweise an der Registry rumbasteln. Schon ein kleiner Fehler kann gravierende Folgen haben und auch Programme machen manchmal Fehler.
Zerstörst du die Registry, zerstörst du Windows.

Zudem ist der Nutzen zur Performancesteigerung umstritten und meist kaum im wahrnehmbaren Bereich.

Ich würde dir empfehlen, Registry Cleaner nicht weiterhin zu verwenden und über
Start --> Systemsteuerung --> Software (bei Windows XP)
Start --> Systemsteuerung --> Programme und Funktionen (bei Vista / Win 7)
zu deinstallieren.

Selbst Microsoft unterstützt sog. Registry-Cleaner nicht.





Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.




Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.





Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.


Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

   
 
 



Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.
NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.



Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .



Abschließend noch ein paar grundsätzliche Bemerkungen:
  • Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
  • Lade keine Software von Chip, Softonic oder SourceForge. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
  • Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.



Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Antwort

Themen zu watch4 virus
dahinter, einfach, entdeck, entdeckt, frage, fragen, heute, pup.optional.downloader, pup.optional.opencandy, pup.optional.zulu, schei, schonmal, seite, seltsames, seltsames verhalten, verhalten, virus, watch, watch4, watch4 virus



Ähnliche Themen: watch4 virus


  1. Windows 10: Watch4 Seite öffnet sich von alleine
    Log-Analyse und Auswertung - 28.11.2015 (24)
  2. Windows 10 / Google Chrome: watch4.de öffnet sich von selbst
    Plagegeister aller Art und deren Bekämpfung - 13.11.2015 (1)
  3. Windows 10 - watch4.de wird automatisch in Firefox geöffnet
    Log-Analyse und Auswertung - 06.11.2015 (12)
  4. Watch4 öffnet sich von alleine
    Plagegeister aller Art und deren Bekämpfung - 04.11.2015 (7)
  5. Windows 10: Watch4 öffnet sich einfach so. Gmer Error.
    Log-Analyse und Auswertung - 23.10.2015 (16)
  6. Watch4.tv - Werbung - Adware vermutet
    Plagegeister aller Art und deren Bekämpfung - 19.10.2015 (10)
  7. Watch4 öffnet sich einfach so
    Plagegeister aller Art und deren Bekämpfung - 11.10.2015 (13)
  8. Watch4.de öffnet sich einfach. Hilfe!
    Plagegeister aller Art und deren Bekämpfung - 10.10.2015 (5)
  9. Die Seite Watch4 öffnet sich einfach so
    Plagegeister aller Art und deren Bekämpfung - 30.09.2015 (7)
  10. Windows 10: Chrome-Browser öffnet eigenständig Seite von Watch4.de
    Log-Analyse und Auswertung - 28.09.2015 (5)
  11. Die Seite Watch4 öffnet sich einfach so
    Plagegeister aller Art und deren Bekämpfung - 21.09.2015 (12)
  12. Mein Computer öffnet in der Nacht Seiten von Watch4 (von alleine und in massen)
    Plagegeister aller Art und deren Bekämpfung - 21.06.2014 (7)
  13. Virus versenden; virus angriff; virus schützen; rache;
    Log-Analyse und Auswertung - 06.12.2010 (10)
  14. AVG Anti Virus free meldet Virus PSW.Generic7.BWMP, Virus läßt sich nicht beseitigen
    Plagegeister aller Art und deren Bekämpfung - 30.10.2010 (21)

Zum Thema watch4 virus - Hallo, ich habe heute ein seltsames Verhalten meines PC's entdeckt, bei dem es einfach die Seite watch4 geöffnet hatte. Ich habs schonmal gegoogelt und es scheint echt ein Virus dahinter - watch4 virus...
Archiv
Du betrachtest: watch4 virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.