Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 12.12.2015, 14:55   #1
limit123
 
Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 - Standard

Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4



Hallo,
gestern Abend habe ich einen Emailanhang "doc_fGDepjgooT.zip" heruntergeladen und die darin enthaltene Datei "doc.js" entpackt und angeklickt.
Da der Absender ein Familienmitglied war hab ich das so nebenbei einfach leichtsinnig gemacht, schön blöd...
Avira hat sich sofort gemeldet, Malwarebytes Anti-Malware findet nichts, was soll ich nun tun?
Hier die Logs:

Code:
ATTFilter
12.12.2015 00:33 [Planer] Auftrag gestartet
      Auftrag "Automatisches Update Free"
      wurde erfolgreich gestartet.

12.12.2015 00:30 [System-Scanner] Malware gefunden
      Die Datei 'C:\Users\****\AppData\Local\Temp\125104.exe'
      enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen4 (Cloud)' 
      [trojan].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5e80fda0.qua' 
      verschoben!

12.12.2015 00:30 [System-Scanner] Suche
      Suchlauf beendet [Der Suchlauf wurde vollständig durchgeführt.].
      Anzahl Dateien:	888
      Anzahl Verzeichnisse:	0
      Anzahl Malware:	1
      Anzahl Warnungen:	0

12.12.2015 00:30 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\****\AppData\Local\Temp\125104.exe'
      wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen4 (Cloud)' 
      [TR/Crypt.XPACK.Gen4] gefunden.
      Ausgeführte Aktion: Zugriff verweigern
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-12-2015
durchgeführt von **** (Administrator) auf PC**** (12-12-2015 14:13:26)
Gestartet von C:\Users\****\Desktop
Geladene Profile: **** &  (Verfügbare Profile: ****)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
( ) C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-03-30] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-10-23] (IDT, Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\...\MountPoints2: {812851b0-e5e5-11e1-bcc7-80c16eed82d8} - G:\LaunchU3.exe -a
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\...\MountPoints2: {f1582011-9ceb-11e5-a1e3-80c16eed82d8} - G:\startme.exe
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {812851b0-e5e5-11e1-bcc7-80c16eed82d8} - G:\LaunchU3.exe -a
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {f1582011-9ceb-11e5-a1e3-80c16eed82d8} - G:\startme.exe
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2012-02-07] (Autodesk, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{D321F810-E538-462A-886F-625BD4CA29E7}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {37B249E7-83C0-40D6-A5CC-180519CC846A} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {37B249E7-83C0-40D6-A5CC-180519CC846A} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-02] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-02] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-02] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-02] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Toolbar: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ad9t3kb0.default-1386566844496
FF Homepage: about:home
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-02] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-04-17] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-02] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1995632801-4156762099-2201499591-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-09-18] ()
FF Plugin HKU\S-1-5-21-1995632801-4156762099-2201499591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-09-18] ()
FF Extension: Greasemonkey - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ad9t3kb0.default-1386566844496\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-11-22]
FF Extension: NoScript - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ad9t3kb0.default-1386566844496\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-23]
FF Extension: Downloads Window - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ad9t3kb0.default-1386566844496\Extensions\{a7213cf2-fa1e-4373-88ff-255d0abd3020}.xpi [2015-09-16]
FF Extension: Adblock Plus - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ad9t3kb0.default-1386566844496\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-26]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1212048 2015-08-26] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-14] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Users\****\AppData\Local\Temp\7zS3986\hpslpsvc64.dll [1039360 2012-08-23] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 mitsijm2013; C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [339776 2012-01-31] ( )
S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5613328 2015-07-29] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R2 NPF; C:\windows\system32\drivers\npf.sys [35344 2015-12-02] (CACE Technologies, Inc.)
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-12 14:13 - 2015-12-12 14:14 - 00017704 _____ C:\Users\****\Desktop\FRST.txt
2015-12-12 14:13 - 2015-12-12 14:13 - 00000000 ____D C:\FRST
2015-12-12 14:11 - 2015-12-12 14:11 - 00002390 _____ C:\Users\****\Desktop\avira.txt
2015-12-12 14:07 - 2015-12-12 14:07 - 02369536 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe
2015-12-12 01:05 - 2015-12-12 12:42 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-12 01:05 - 2015-12-12 01:05 - 00001068 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-12 01:05 - 2015-12-12 01:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-12 01:05 - 2015-12-12 01:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-12 01:05 - 2015-12-12 01:05 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-12-12 01:05 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2015-12-12 01:05 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-12-12 01:05 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2015-12-11 23:13 - 2015-12-12 03:32 - 00000000 ____D C:\Users\****\Desktop\Kollegah-Zuhaeltertape - Volume_4
2015-12-06 15:21 - 2015-12-06 15:21 - 00004230 _____ C:\windows\System32\Tasks\AMD Updater
2015-12-06 15:15 - 2015-12-06 15:15 - 00000000 ____D C:\Users\****\AppData\Roaming\library_dir
2015-12-06 15:15 - 2015-12-06 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-12-06 15:14 - 2015-12-06 15:24 - 00000000 ____D C:\Users\****\AppData\Roaming\Raptr
2015-12-06 15:14 - 2015-12-06 15:15 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-12-06 15:14 - 2015-12-06 15:14 - 00000000 ____D C:\Users\****\AppData\Local\AMD
2015-12-06 15:14 - 2015-12-06 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2015-12-06 15:13 - 2015-12-06 15:13 - 00000000 ____D C:\Program Files (x86)\AMD
2015-12-06 15:06 - 2015-12-06 15:14 - 00000000 ____D C:\Program Files\AMD
2015-12-06 15:04 - 2015-12-06 15:04 - 04947168 _____ (Advanced Micro Devices, Inc.) C:\Users\****\Desktop\autodetectutility.exe
2015-12-05 16:17 - 2015-12-05 16:17 - 19917892 _____ C:\Users\****\bedienungsanleitung_telefonanlage_digitalisierungsbox_premium.pdf
2015-12-03 01:30 - 2015-12-03 01:30 - 00000000 ____D C:\Users\****\Documents\Square Enix
2015-12-03 01:30 - 2015-12-03 01:30 - 00000000 ____D C:\Users\****\AppData\Local\CrashRpt
2015-12-02 01:35 - 2015-12-02 01:37 - 576022554 _____ C:\Users\****\Desktop\The.Waking.Ded.S06E08.Ger.Dub.WHRiP.XviD-FIJ.avi
2015-12-02 01:01 - 2015-12-02 01:01 - 00000000 ____D C:\Users\****\AppData\Local\LogView Studio
2015-12-02 01:00 - 2015-12-02 01:00 - 00000000 ____D C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LogView Studio
2015-12-02 01:00 - 2015-12-02 01:00 - 00000000 ____D C:\Program Files (x86)\LogView Studio
2015-12-02 00:13 - 2015-12-02 00:14 - 00000000 ____D C:\Users\****\AppData\Local\NETGEARGenie
2015-12-02 00:13 - 2015-12-02 00:13 - 00369168 _____ (CACE Technologies, Inc.) C:\windows\system32\wpcap.dll
2015-12-02 00:13 - 2015-12-02 00:13 - 00281104 _____ (CACE Technologies, Inc.) C:\windows\SysWOW64\wpcap.dll
2015-12-02 00:13 - 2015-12-02 00:13 - 00106000 _____ (CACE Technologies, Inc.) C:\windows\system32\packet.dll
2015-12-02 00:13 - 2015-12-02 00:13 - 00096784 _____ (CACE Technologies, Inc.) C:\windows\SysWOW64\packet.dll
2015-12-02 00:13 - 2015-12-02 00:13 - 00035344 _____ (CACE Technologies, Inc.) C:\windows\system32\Drivers\npf.sys
2015-11-28 18:57 - 2015-11-13 22:16 - 1506175152 _____ C:\Users\****\Desktop\Knock.Out.UNCUT.avi
2015-11-27 17:42 - 2015-11-27 17:42 - 00123056 _____ C:\Users\****\Desktop\spirit-fw-1.3.2.4df
2015-11-18 14:18 - 2015-11-18 14:23 - 00000000 ____D C:\ProgramData\Easybits Magic Desktop for HP
2015-11-18 09:20 - 2015-11-18 09:20 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amdhcp64.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amdhcp32.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00120656 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiu9p64.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00118608 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdave64.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00110344 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdave32.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atimpc64.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdpcom64.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atimpc32.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdpcom32.dll
2015-11-18 09:19 - 2015-11-18 09:19 - 10815664 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiumd64.dll
2015-11-18 09:19 - 2015-11-18 09:19 - 09017808 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiumd6a.dll
2015-11-18 09:17 - 2015-11-18 09:17 - 00296648 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amdacpksd.sys
2015-11-18 09:13 - 2015-11-18 09:13 - 23960064 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\atikmdag.sys
2015-11-18 09:08 - 2015-11-18 09:08 - 49984000 _____ (Advanced Micro Devices Inc.) C:\windows\system32\amdocl64.dll
2015-11-18 09:08 - 2015-11-18 09:08 - 00235008 _____ C:\windows\system32\clinfo.exe
2015-11-18 09:02 - 2015-11-18 09:02 - 41510912 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\amdocl.dll
2015-11-18 08:58 - 2015-11-18 08:58 - 00065024 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2015-11-18 08:57 - 2015-11-18 08:57 - 00059392 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2015-11-18 08:50 - 2015-11-18 08:50 - 27596288 _____ (Advanced Micro Devices Inc.) C:\windows\system32\amdocl12cl64.dll
2015-11-18 08:49 - 2015-11-18 08:49 - 22348288 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\amdocl12cl.dll
2015-11-18 06:50 - 2015-11-18 06:50 - 00677888 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amdlvr64.dll
2015-11-18 06:48 - 2015-11-18 06:48 - 00562688 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amdlvr32.dll
2015-11-18 06:46 - 2015-11-18 06:46 - 06643200 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdmantle64.dll
2015-11-18 06:46 - 2015-11-18 06:46 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\mantle64.dll
2015-11-18 06:46 - 2015-11-18 06:46 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\mantle32.dll
2015-11-18 06:14 - 2015-11-18 06:14 - 05223936 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdmantle32.dll
2015-11-18 05:48 - 2015-11-18 05:48 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\mantleaxl64.dll
2015-11-18 05:48 - 2015-11-18 05:48 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\mantleaxl32.dll
2015-11-18 05:08 - 2015-11-18 05:08 - 00683960 _____ C:\windows\SysWOW64\atiapfxx.blb
2015-11-18 05:08 - 2015-11-18 05:08 - 00683960 _____ C:\windows\system32\atiapfxx.blb
2015-11-18 05:05 - 2015-11-18 05:05 - 31376896 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atio6axx.dll
2015-11-18 04:43 - 2015-11-18 04:43 - 15711744 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticaldd64.dll
2015-11-18 04:43 - 2015-11-18 04:43 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiapfxx.exe
2015-11-18 04:43 - 2015-11-18 04:43 - 00062464 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticalrt64.dll
2015-11-18 04:43 - 2015-11-18 04:43 - 00055808 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticalcl64.dll
2015-11-18 04:43 - 2015-11-18 04:43 - 00052224 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticalrt.dll
2015-11-18 04:43 - 2015-11-18 04:43 - 00049152 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticalcl.dll
2015-11-18 04:40 - 2015-11-18 04:40 - 25840128 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atioglxx.dll
2015-11-18 04:40 - 2015-11-18 04:40 - 14302208 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticaldd.dll
2015-11-18 04:40 - 2015-11-18 04:40 - 00865280 _____ (AMD) C:\windows\system32\coinst_15.30.dll
2015-11-18 04:32 - 2015-11-18 04:32 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdmmcl6.dll
2015-11-18 04:32 - 2015-11-18 04:32 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdmmcl.dll
2015-11-18 04:27 - 2015-11-18 04:27 - 03437632 _____ C:\windows\system32\atiumd6a.cap
2015-11-18 04:26 - 2015-11-18 04:26 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atidemgy.dll
2015-11-18 04:26 - 2015-11-18 04:26 - 00223744 _____ C:\windows\system32\dgtrayicon.exe
2015-11-18 04:25 - 2015-11-18 04:25 - 00552448 _____ (AMD) C:\windows\system32\atieclxx.exe
2015-11-18 04:25 - 2015-11-18 04:25 - 00204800 _____ C:\windows\system32\amdgfxinfo64.dll
2015-11-18 04:25 - 2015-11-18 04:25 - 00189952 _____ C:\windows\SysWOW64\amdgfxinfo32.dll
2015-11-18 04:25 - 2015-11-18 04:25 - 00162304 _____ C:\windows\system32\atieah64.exe
2015-11-18 04:25 - 2015-11-18 04:25 - 00145408 _____ C:\windows\SysWOW64\atieah32.exe
2015-11-18 04:25 - 2015-11-18 04:25 - 00031744 _____ (AMD) C:\windows\system32\atimuixx.dll
2015-11-18 04:24 - 2015-11-18 04:24 - 00246272 _____ (AMD) C:\windows\system32\atiesrxx.exe
2015-11-18 04:22 - 2015-11-18 04:22 - 00190976 _____ (AMD) C:\windows\system32\atitmm64.dll
2015-11-18 04:10 - 2015-11-18 04:10 - 03471376 _____ C:\windows\SysWOW64\atiumdva.cap
2015-11-18 03:58 - 2015-11-18 03:58 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atisamu64.dll
2015-11-18 03:58 - 2015-11-18 03:58 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atisamu32.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 01272832 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiadlxx.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00941568 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atiadlxy.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00941568 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atiadlxx.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00157696 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atig6txx.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00075776 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atig6pxx.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiglpxx.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiglpxx.dll
2015-11-18 03:53 - 2015-11-18 03:53 - 00671232 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\atikmpag.sys
2015-11-18 03:53 - 2015-11-18 03:53 - 00142336 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atigktxx.dll
2015-11-18 03:45 - 2015-11-18 03:45 - 00195072 _____ C:\windows\system32\hsa-thunk64.dll
2015-11-18 03:45 - 2015-11-18 03:45 - 00174592 _____ C:\windows\SysWOW64\hsa-thunk.dll
2015-11-18 03:43 - 2015-11-18 03:43 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\ati2erec.dll
2015-11-14 13:43 - 2015-11-14 13:43 - 00000000 ____D C:\Users\****\.AnyLogicUniversity
2015-11-14 13:43 - 2015-11-14 13:43 - 00000000 ____D C:\Program Files\Senselock
2015-11-13 15:33 - 2015-11-24 06:09 - 00000000 ____D C:\Users\****\Desktop\twd

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-12 14:13 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-12 13:57 - 2012-08-04 13:57 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-12-12 12:43 - 2009-07-14 05:45 - 00024400 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-12 12:43 - 2009-07-14 05:45 - 00024400 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-12 12:32 - 2012-06-15 00:44 - 18063628 _____ C:\windows\system32\perfh007.dat
2015-12-12 12:32 - 2012-06-15 00:44 - 05623960 _____ C:\windows\system32\perfc007.dat
2015-12-12 12:32 - 2009-07-14 06:13 - 00006504 _____ C:\windows\system32\PerfStringBackup.INI
2015-12-12 12:28 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-12-12 03:32 - 2012-07-23 23:13 - 00000000 ____D C:\Users\****\AppData\Roaming\Mp3tag
2015-12-12 02:11 - 2012-12-28 11:26 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-12 01:19 - 2013-02-25 23:13 - 00000000 ____D C:\Users\****\Office 2010 Activator v1.4.1.0
2015-12-12 01:19 - 2012-07-19 14:44 - 00000000 ____D C:\Users\****
2015-12-12 00:26 - 2012-07-22 18:54 - 00000000 ____D C:\Users\****\AppData\Roaming\vlc
2015-12-11 18:10 - 2012-07-19 14:49 - 00003926 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{E6CFB42A-8A13-45D3-BB3C-832EB88BB857}
2015-12-09 19:50 - 2012-07-22 18:30 - 00000000 ____D C:\Users\****\Desktop\musik
2015-12-09 16:57 - 2012-08-04 13:57 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 16:57 - 2012-06-15 01:12 - 00796864 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 16:57 - 2012-06-15 01:12 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-06 15:13 - 2009-07-14 04:20 - 00000000 ____D C:\windows\inf
2015-12-06 15:09 - 2013-12-05 04:35 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-06 15:06 - 2012-12-25 20:57 - 00000000 ____D C:\AMD
2015-12-06 15:05 - 2012-11-13 15:37 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-12-04 00:02 - 2013-08-11 15:10 - 00000000 ____D C:\Users\****\Desktop\modellbau
2015-12-02 01:00 - 2013-04-05 19:42 - 00000000 ____D C:\ProgramData\InstallMate
2015-12-02 00:53 - 2015-02-18 16:51 - 00000000 ____D C:\HELI-X6
2015-12-02 00:17 - 2015-10-04 20:51 - 00000000 ____D C:\Program Files (x86)\Spirit Settings
2015-12-02 00:17 - 2015-01-24 02:04 - 00001112 _____ C:\Users\Public\Desktop\Spirit Settings.lnk
2015-12-02 00:17 - 2014-09-08 12:30 - 00001124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spirit Settings.lnk
2015-12-02 00:11 - 2013-10-10 21:07 - 00000000 ____D C:\ProgramData\Oracle
2015-12-02 00:10 - 2015-01-03 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-12-02 00:10 - 2014-01-20 06:04 - 00000000 ____D C:\Program Files\Java
2015-12-02 00:10 - 2014-01-20 05:55 - 00000000 ____D C:\Program Files (x86)\Java
2015-12-02 00:10 - 2013-10-10 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-02 00:09 - 2015-09-15 03:41 - 00000000 ____D C:\Users\****\.oracle_jre_usage
2015-12-02 00:09 - 2014-01-20 06:04 - 00110176 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2015-12-01 12:09 - 2013-08-07 08:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-01 12:08 - 2013-08-07 08:40 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2015-12-01 12:08 - 2013-08-07 08:40 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2015-12-01 12:08 - 2013-08-07 08:40 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2015-11-28 18:37 - 2012-07-24 13:31 - 00000000 ____D C:\Users\****\AppData\Local\CrashDumps
2015-11-27 21:23 - 2015-04-19 18:24 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-23 07:03 - 2012-06-15 01:06 - 00000000 ____D C:\ProgramData\Temp
2015-11-23 06:57 - 2014-02-11 14:05 - 00000000 ____D C:\Users\****\Documents\RealFlight 7
2015-11-18 18:14 - 2015-10-17 18:13 - 00000000 ____D C:\Users\****\Desktop\Scandal
2015-11-18 09:20 - 2012-12-25 20:45 - 01229984 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\aticfx32.dll
2015-11-18 09:20 - 2012-12-25 20:45 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiuxpag.dll
2015-11-18 09:20 - 2012-12-25 20:44 - 10907328 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atidxx32.dll
2015-11-18 09:20 - 2012-09-28 02:11 - 00152568 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiuxp64.dll
2015-11-18 09:20 - 2012-02-14 15:17 - 01496736 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\aticfx64.dll
2015-11-18 09:20 - 2012-02-14 14:52 - 13189336 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atidxx64.dll
2015-11-18 09:20 - 2012-02-14 14:12 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiu9pag.dll
2015-11-18 09:19 - 2012-09-28 03:23 - 09070320 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiumdag.dll
2015-11-18 09:19 - 2012-09-28 02:22 - 08089248 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiumdva.dll
2015-11-13 03:26 - 2015-10-29 23:31 - 00000000 ____D C:\Users\****\Desktop\2 Broke Girls - Staffel 4

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-07-15 20:56 - 2010-01-15 09:36 - 0075040 _____ () C:\Program Files (x86)\Common Files\SpeechUninstall.exe
2012-08-29 18:23 - 2013-10-28 06:23 - 0000676 _____ () C:\Users\****\AppData\Roaming\DriveCalculator Preferences
2012-07-19 15:37 - 2012-07-19 15:37 - 0000173 _____ () C:\Users\****\AppData\Local\msmathematics.qat.****
2013-07-12 18:57 - 2013-07-12 18:57 - 0000848 _____ () C:\Users\****\AppData\Local\recently-used.xbel
2014-12-26 10:49 - 2014-12-26 10:49 - 0007605 _____ () C:\Users\****\AppData\Local\Resmon.ResmonCfg

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\****\adwcleaner_4.206.exe
C:\Users\****\HijackThis.exe
C:\Users\****\MP3QualityModifier.exe
C:\Users\****\TeamViewer_Setup_de.exe


Einige Dateien in TEMP:
====================
C:\Users\****\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-10 16:04

==================== Ende von FRST.txt ============================
         

Alt 12.12.2015, 14:56   #2
limit123
 
Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 - Standard

Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:12-12-2015
durchgeführt von **** (2015-12-12 14:14:52)
Gestartet von C:\Users\****\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-07-19 13:44:18)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1995632801-4156762099-2201499591-500 - Administrator - Disabled)
Gast (S-1-5-21-1995632801-4156762099-2201499591-501 - Limited - Disabled)
**** (S-1-5-21-1995632801-4156762099-2201499591-1000 - Administrator - Enabled) => C:\Users\****

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
ASUS VGA Driver (x32 Version: 3.0.0.1 - Ihr Firmenname) Hidden
Autodesk Inventor Professional 2013 (Version: 17.0.13800.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2013 Deutsch (German) (HKLM\...\Autodesk Inventor Professional 2013) (Version: 17.0.13800.0000 - Autodesk)
Autodesk Inventor Professional 2013 Language Pack - Deutsch (German) (Version: 17.0.13800.0000 - Autodesk) Hidden
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2013 (HKLM-x32\...\{27C6C0A2-2EC9-4FEA-BE2B-659EAAC2C68C}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Avira (HKLM-x32\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
BRAIN (HKLM-x32\...\{53B883F4-11BB-4289-A790-4DF90FAA61A6}) (Version: 1.0.011 - MSHeli)
Catalyst Control Center Next Localization BR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.24 - Piriform)
Chinese Traditional Fonts Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-2448-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2023 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DataExplorer (HKLM-x32\...\DataExplorer) (Version: 3.2.3 - )
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DWG TrueView 2013 (HKLM\...\DWG TrueView 2013) (Version: 19.0.55.0 - Autodesk)
DWG TrueView 2013 (Version: 19.0.55.0 - Autodesk) Hidden
Eco Materials Adviser for Autodesk Inventor 2013 (HKLM\...\{792A9A32-718A-40D1-9867-A903F76AE2F8}) (Version: 3.9.12.0 - Granta Design Limited)
Far Cry (Patch 1.4) (x32 Version: 1.00.0000 - Ubisoft) Hidden
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
HELI-X 6 Demo (HKLM-x32\...\89A8AC8E-9F17-4D16-B924-A5868A0290FC_is1) (Version:  - Michael Schreiner)
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{4F38594F-2C4A-4C42-B2C4-505E225F6F80}) (Version: 11.14.0004 - HP)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP TouchSmart Background - Beats (HKLM-x32\...\{6A6F8D36-04BA-41E9-9004-1789BD545874}) (Version: 1.0.1.0 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 5.10.0000.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Just Cause 3 (HKLM-x32\...\Steam App 225540) (Version:  - Avalanche Studios)
Liftoff (HKLM-x32\...\Steam App 410340) (Version:  - LuGus Studios)
LogView Studio 1.0.3662.0903 (HKLM-x32\...\{DA180FFA-233E-4142-8E9C-A7562D261D9C}) (Version: 1.0.3662.0903 - logview.info)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
micro_swloader (HKLM-x32\...\{CF676CCE-F4B1-4F31-9AF8-A2F9B2B5E47F}) (Version: 1.0.0 - Graupner)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Mp3tag v2.66 (HKLM-x32\...\Mp3tag) (Version: v2.66 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero WaveEditor (HKLM-x32\...\{A6903C5A-D90B-4877-A629-35436CAA62A3}) (Version: 12.0.00500 - Nero AG)
O&O SafeErase Professional (HKLM\...\{243176DB-549F-418F-AE20-731DCF0EA42D}) (Version: 7.0.165 - O&O Software GmbH)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
pean Engineering ViRA GUI (HKLM-x32\...\peanViRA) (Version:  - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Raptr (HKLM-x32\...\Raptr) (Version:  - )
RealFlight 7 R/C Simulator (HKLM-x32\...\RealFlight7Pro) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5119 - CyberLink Corp.) Hidden
Schnell-Deinstallations-Tool für Autodesk Inventor 2013 (HKLM\...\{D25FF5C1-1764-469A-9794-69309387C193}) (Version: 17.0.13800.0000 - Autodesk)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{987A5C7B-C24E-4305-AB26-91B7466DC8D6}) (Version: 6.5.3 - Silicon Laboratories, Inc.)
Spirit Setings version 1.3.0 (HKLM-x32\...\Spirit Setings_is1) (Version: 1.3.0 - Spirit System)
Spirit Settings version 1.3.2 (HKLM-x32\...\Spirit Settings_is1) (Version: 1.3.2 - Spirit System)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.19 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{63B7AC7E-0178-4F4F-A79B-08D97ADD02D7}) (Version: 4.5.11.0 - Husdawg, LLC)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45471 - TeamViewer)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{355FBD67-5A4F-44DA-86A1-56EEC4C20EC0}) (Version: 1.12.18.0 - Texas Instruments Inc.)
TI USB3 Host Driver (x32 Version: 1.12.18.0 - Texas Instruments Inc.) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows-Treiberpaket - Silicon Laboratories (silabenm) Ports  (10/18/2013 6.6.1.0) (HKLM\...\F92C2D6CB4EA0EE558BDF5F8BDD69083DFC62179) (Version: 10/18/2013 6.6.1.0 - Silicon Laboratories)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2013\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2013\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => Keine Datei

==================== Wiederherstellungspunkte =========================

29-11-2015 00:00:01 Geplanter Prüfpunkt
06-12-2015 01:14:36 Geplanter Prüfpunkt
06-12-2015 15:06:30 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
06-12-2015 15:09:32 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {3C4C0669-CC05-4A15-8066-E59429FB371D} - System32\Tasks\{A537DF2E-536B-4052-B76F-5102B668C325} => pcalua.exe -a C:\Users\****\Desktop\HLC_1_setup.exe -d C:\Users\****\Desktop
Task: {3C7536F3-D88A-455A-A0E8-CD7ABA9C7830} - System32\Tasks\{677F7317-8AC4-4088-8516-A49FBD6B10AE} => pcalua.exe -a C:\Users\****\Desktop\sp57493.exe -d C:\Users\****\Desktop
Task: {44E3A3D3-02EF-4E76-B9F5-59CE569D6429} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe
Task: {4757814F-4AEF-4C99-9F3C-A9FD68D78A03} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd)
Task: {58887A2E-34C4-4785-99AC-8446350D1EC5} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe
Task: {6A5E421C-3EC2-4E7A-A22D-7E0200A7B8E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe
Task: {880DC1A5-9D5F-479D-AA19-AD406F55CF7B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {A4C7F641-1704-414A-A878-03079828899C} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2015-11-18] (Advanced Micro Devices, Inc.)
Task: {AB8DFF6D-0E81-4CD5-BA48-9E0EAB97E964} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {B893EBF6-A7AD-47BC-A2B5-03E33AB34734} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {D25217AC-ECF7-4169-B760-451487D96EE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {F4030DDB-6882-4786-A053-1FC01C509F0C} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
Task: {F9A1A948-875D-4278-A37C-5FAACB012FE9} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\****\Desktop\rcon.lnk -> C:\Users\****\722\reconnect.bat () <==== ACHTUNG

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-03-16 23:07 - 2011-03-16 23:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2014-08-05 10:15 - 2014-07-14 15:49 - 00049744 _____ () C:\Users\****\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-07-14 15:49 - 2014-07-14 15:49 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2011-03-16 23:11 - 2011-03-16 23:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:69E87FA2
AlternateDataStreams: C:\ProgramData\Temp:A1EDB939
AlternateDataStreams: C:\ProgramData\Temp:A9967A61
AlternateDataStreams: C:\ProgramData\Temp:F4C624DE

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AML Device Install.lnk => C:\windows\pss\AML Device Install.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CLMLServer_For_P2G8 => "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
MSCONFIG\startupreg: CLVirtualDrive => "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
MSCONFIG\startupreg: HPSYSDRV => C:\Program Files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: Magic Desktop for HP notification => "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
MSCONFIG\startupreg: PC Speed Maximizer => C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe
MSCONFIG\startupreg: Power2GoExpress8 => NA
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{0CA4C219-D2FF-4925-A100-002A050A8347}] => (Allow) C:\windows\system32\ezSharedSvcHost.exe
FirewallRules: [TCP Query User{1F15562D-4477-4495-BF83-10CA4A51AE91}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{A0E3B18B-C147-4F87-8476-EF9FDAFC2A9D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{10B9C4EE-5A02-40FF-AC60-FE010C187CC8}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{7ACEB367-9734-43B9-8D27-EECBFD3BE282}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{A093E01C-8590-46FB-AC73-B1FA9D46FEE0}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{1C71FA02-488B-4BBB-9C07-3CB10102F119}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [TCP Query User{C6AB6512-6992-43A3-9786-218075074358}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{F7AAE679-C5FD-408A-955C-E379472A191A}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{FB28BF63-0D98-4632-ACB6-E1261CBC7155}C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe] => (Allow) C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe
FirewallRules: [UDP Query User{74E6EBAF-8C06-4CFC-A2D8-38348FDEB5BA}C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe] => (Allow) C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe
FirewallRules: [TCP Query User{C38F944F-3CC4-4EAD-9032-A795D293F9ED}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{67EDAE0E-1A4D-4DC6-B615-5865594E12C6}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{D533ACE1-703A-4F4E-8D79-DFC748CC5BF5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0D363802-E3D8-47FB-BED6-4E5DD5136E09}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4FF8F7D5-D4A6-48B0-846A-8EADC78F7F4C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2B0ED474-46F6-43EC-BC7A-108A40C706CB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D37A6766-9BEE-44F5-9E78-F85A79E0B3CB}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{ADE2E185-AA3C-42FE-80B2-0726539EEF6D}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{BD2E5E50-A169-445A-AE85-0786FFB899BF}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{F4C9D4F1-B852-451A-9C4E-9F5EF0CDD567}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{C3EB01E8-2610-4FCB-9757-C1CF67D46B97}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{8ACF6C73-622B-41AD-94F0-8F3752EDFE87}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{7C3CBB65-C7A8-40CD-B86E-D090C5404E6A}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{9146A497-5E21-4B26-94B8-293049A3C39E}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{B2520B06-0FB1-48C1-9F53-3E0B623372A8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BCFE86BD-DB5E-4651-88B9-BE7D70F2D229}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CC2A9BA8-7C5F-497B-95FC-AFF8059A67FE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{659F1755-810C-4E04-B206-1BB5950E45D5}] => (Allow) LPort=2869
FirewallRules: [{38C3A283-C44C-4DB9-8626-52320370A30D}] => (Allow) LPort=1900
FirewallRules: [{C862143F-9205-4FBD-AE3A-851C214D3A31}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{574E5B55-57BA-4CBA-907A-3FB8ABDB3362}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{1447A363-6092-4187-AA6B-FA9FE6C743D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{17CA7FB0-CAB0-4ADB-A015-29C1B335BD16}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [{5586DDD4-6179-4F16-BBC9-8BF7EB3FEB95}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [{BB564BCB-6B46-47A5-A064-DCFB8D0265C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{E11033AF-AA39-43F8-8341-F0BF1D44C18E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{35D3EE86-2C67-4708-BD69-1C5E3A576D97}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{7101A799-AFA9-45A3-A94C-F97E93203AF8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{209E662D-1234-4A04-A133-83B8D0B915A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{62B884DC-097D-4674-B28F-530FCCD9BD6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{40CF2E32-BB56-4D09-9E85-67775B2CC5A2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{635B6BF8-48D1-4607-9141-494D12FF43D4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9D4BE28F-F714-4082-A955-C31C3B6A3D70}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{DEDABECB-13DD-4663-B186-CB992384C136}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{7D717DC3-3015-45CE-B53F-03A890DA6FE2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{A7642D2E-9A3C-4C8E-8C34-B839831C6EA2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [TCP Query User{585D20FF-FFFB-4A4F-95CE-79BE40130872}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{9B277FB6-FAC9-4A34-8142-CFF23005200F}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{484B8FC8-6D5C-4B91-80B5-695DC099CFB2}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FA187F3F-8067-466D-AE20-D89C1C0F0A3C}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{324E9F23-921A-467D-9D8C-7B3C1401734A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D5F12BEC-E121-47BC-A24F-100CC7652192}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4F98A6DA-0E4C-45AE-95D5-A5521676C57D}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{B71443F8-6917-47D9-AA2B-4F9DF604C604}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{5CC183D8-E479-4E2F-A3B5-6054E535214D}C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe] => (Allow) C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe
FirewallRules: [UDP Query User{2A586386-019A-4812-9E1E-3BA53D3DDF3A}C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe] => (Allow) C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe
FirewallRules: [{869B0E7E-E2E1-49EA-A47C-E921427B3E95}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5D658E47-57C5-4C7E-B9FE-6C05E5033FC9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{26FB34FD-F080-4650-A5D4-8DF7F8DA93B7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3DD2042A-C02F-432E-9239-0CAB8D9F3CF4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{485E766C-9DAE-42B4-8540-8C21702ED382}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{1751019A-0251-4890-A506-A449A634ACAE}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{A06914C2-2A3C-4C5A-B9CF-93D043C06B24}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{26F3272A-FEDE-4824-B4CE-82725EBC85ED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{88039C32-0C27-45E1-BA65-533293612BB3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7713BDBE-8451-4692-A95A-3A93BA995E39}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B1D7B712-D62D-48B0-9862-2CA82471F75F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C2F5D914-C3F2-4775-8C9E-91F8978C53A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{E9686FED-6C22-4FED-9D77-C8E038448C61}C:\program files\anylogic 7 personal learning edition\anylogic.exe] => (Block) C:\program files\anylogic 7 personal learning edition\anylogic.exe
FirewallRules: [UDP Query User{1999BA5E-4B41-422B-9140-1C19F0980561}C:\program files\anylogic 7 personal learning edition\anylogic.exe] => (Block) C:\program files\anylogic 7 personal learning edition\anylogic.exe
FirewallRules: [TCP Query User{5F8353B4-062E-4578-9226-3D0B1E00792E}C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe] => (Allow) C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe
FirewallRules: [UDP Query User{5B0F36D9-1458-4F2F-AD37-57417A307214}C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe] => (Allow) C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe
FirewallRules: [TCP Query User{4CFD5C25-C032-4987-A965-D5D2822074D7}C:\program files (x86)\anylogic 6 university\anylogic.exe] => (Allow) C:\program files (x86)\anylogic 6 university\anylogic.exe
FirewallRules: [UDP Query User{41EF9D8E-B5E4-49F9-8653-08D2F2CCD939}C:\program files (x86)\anylogic 6 university\anylogic.exe] => (Allow) C:\program files (x86)\anylogic 6 university\anylogic.exe
FirewallRules: [{C45A0356-E7DE-4656-B419-550E7C942D4F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Liftoff\Liftoff.exe
FirewallRules: [{93CF18BD-410E-45DF-BE45-A993CF536A7A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Liftoff\Liftoff.exe
FirewallRules: [TCP Query User{6FBEAB9C-59DA-4D74-B67D-9B7945AB8B30}C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe] => (Allow) C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe
FirewallRules: [UDP Query User{3E1FEF2A-A18F-47E8-ACDE-D1E4D6D1DEB2}C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe] => (Allow) C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe
FirewallRules: [{F52DF749-EB34-4F87-A374-3595A6F552D7}] => (Allow) C:\Program Files (x86)\LogView Studio\Database\mysql5.6\Windows32\bin\mysqld.exe
FirewallRules: [{49E3AB20-6C8C-43DD-8FF1-F9C9A12E47BC}] => (Allow) C:\Program Files (x86)\LogView Studio\Database\mysql5.6\Windows64\bin\mysqld.exe
FirewallRules: [{CBCBA133-3DCB-40E1-8A8A-E26630DE5320}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{2A4A51CA-ED4B-4CC5-9842-2881FF9557B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{7E3E80F1-26D2-44FC-800D-0920C2FEC7CC}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{B053A559-73F0-4B63-B042-763E0DCD9696}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{AE046801-F22D-4556-A0A8-82E9F699465D}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{D94F3F36-E469-4080-8E53-BD558D460601}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/12/2015 12:32:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (12/12/2015 12:32:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (12/12/2015 12:32:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (12/12/2015 12:28:56 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/12/2015 12:28:45 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/12/2015 12:28:18 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/12/2015 01:25:50 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (12/12/2015 01:25:50 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (12/12/2015 01:25:50 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (12/12/2015 01:21:57 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()


Systemfehler:
=============
Error: (12/12/2015 12:28:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (12/12/2015 12:28:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/12/2015 12:28:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/12/2015 01:21:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (12/12/2015 01:21:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/12/2015 01:21:36 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/12/2015 12:25:37 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (12/12/2015 12:25:36 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (12/12/2015 12:24:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (12/12/2015 12:24:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-3450 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 8148.01 MB
Verfügbarer physikalischer RAM: 5872.8 MB
Summe virtueller Speicher: 16294.23 MB
Verfügbarer virtueller Speicher: 13367.61 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:914.41 GB) (Free:555 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Daten) (Fixed) (Total:16.88 GB) (Free:16.76 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 568CEE24)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
__________________


Alt 12.12.2015, 15:55   #3
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 - Standard

Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.


Los geht's:

Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
__________________

Alt 12.12.2015, 17:14   #4
limit123
 
Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 - Standard

Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4



Danke für deine Hilfe, es wurde nichts gefunden, hier der Log:

Code:
ATTFilter
17:06:39.0689 0x0ce8  TDSS rootkit removing tool 3.1.0.8 Dec  5 2015 01:19:03
17:06:39.0689 0x0ce8  UEFI system
17:06:46.0644 0x0ce8  ============================================================
17:06:46.0644 0x0ce8  Current date / time: 2015/12/12 17:06:46.0644
17:06:46.0644 0x0ce8  SystemInfo:
17:06:46.0644 0x0ce8  
17:06:46.0644 0x0ce8  OS Version: 6.1.7601 ServicePack: 1.0
17:06:46.0644 0x0ce8  Product type: Workstation
17:06:46.0644 0x0ce8  ComputerName: PC****
17:06:46.0645 0x0ce8  UserName: ****
17:06:46.0645 0x0ce8  Windows directory: C:\windows
17:06:46.0645 0x0ce8  System windows directory: C:\windows
17:06:46.0645 0x0ce8  Running under WOW64
17:06:46.0645 0x0ce8  Processor architecture: Intel x64
17:06:46.0645 0x0ce8  Number of processors: 4
17:06:46.0645 0x0ce8  Page size: 0x1000
17:06:46.0645 0x0ce8  Boot type: Normal boot
17:06:46.0645 0x0ce8  ============================================================
17:06:50.0080 0x0ce8  KLMD registered as C:\windows\system32\drivers\63657864.sys
17:06:50.0294 0x0ce8  System UUID: {5A499F7E-3937-6968-FB98-064B2052693E}
17:06:50.0611 0x0ce8  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:06:50.0616 0x0ce8  ============================================================
17:06:50.0616 0x0ce8  \Device\Harddisk0\DR0:
17:06:50.0616 0x0ce8  GPT partitions:
17:06:50.0617 0x0ce8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {17207ADB-0051-4F78-915E-9E50EA4DF5D6}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
17:06:50.0617 0x0ce8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {3589F42B-81A2-4036-B3AA-2EF790E5E1A9}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
17:06:50.0617 0x0ce8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {589C8E24-97FC-4FFC-B207-7CDB23DF4603}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x724D0800
17:06:50.0617 0x0ce8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {539FFBCF-57BC-478B-9638-9B7494E88E2C}, Name: Basic data partition, StartLBA 0x72543000, BlocksNum 0x21C3800
17:06:50.0617 0x0ce8  MBR partitions:
17:06:50.0617 0x0ce8  ============================================================
17:06:50.0628 0x0ce8  C: <-> \Device\Harddisk0\DR0\Partition3
17:06:50.0673 0x0ce8  D: <-> \Device\Harddisk0\DR0\Partition4
17:06:50.0673 0x0ce8  ============================================================
17:06:50.0673 0x0ce8  Initialize success
17:06:50.0673 0x0ce8  ============================================================
17:07:19.0607 0x04dc  ============================================================
17:07:19.0607 0x04dc  Scan started
17:07:19.0607 0x04dc  Mode: Manual; SigCheck; TDLFS; 
17:07:19.0607 0x04dc  ============================================================
17:07:19.0607 0x04dc  KSN ping started
17:07:33.0278 0x04dc  KSN ping finished: true
17:07:34.0623 0x04dc  ================ Scan system memory ========================
17:07:34.0623 0x04dc  System memory - ok
17:07:34.0623 0x04dc  ================ Scan services =============================
17:07:34.0731 0x04dc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
17:07:34.0793 0x04dc  1394ohci - ok
17:07:34.0824 0x04dc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
17:07:34.0837 0x04dc  ACPI - ok
17:07:34.0851 0x04dc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
17:07:34.0903 0x04dc  AcpiPmi - ok
17:07:34.0985 0x04dc  [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:07:34.0993 0x04dc  AdobeARMservice - ok
17:07:35.0084 0x04dc  [ F54564025D2284AE498E51D7C139F971, AAA48F38B81DB894854E8C84DB2E1F5C8447AA982D27C0BB78FF2786D9F80F83 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:07:35.0093 0x04dc  AdobeFlashPlayerUpdateSvc - ok
17:07:35.0127 0x04dc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
17:07:35.0144 0x04dc  adp94xx - ok
17:07:35.0176 0x04dc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\drivers\adpahci.sys
17:07:35.0190 0x04dc  adpahci - ok
17:07:35.0225 0x04dc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\drivers\adpu320.sys
17:07:35.0235 0x04dc  adpu320 - ok
17:07:35.0249 0x04dc  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
17:07:35.0270 0x04dc  AeLookupSvc - ok
17:07:35.0324 0x04dc  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\windows\system32\drivers\afd.sys
17:07:35.0375 0x04dc  AFD - ok
17:07:35.0404 0x04dc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
17:07:35.0412 0x04dc  agp440 - ok
17:07:35.0439 0x04dc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
17:07:35.0479 0x04dc  ALG - ok
17:07:35.0509 0x04dc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
17:07:35.0517 0x04dc  aliide - ok
17:07:35.0570 0x04dc  [ 1988ACBAB87EF67E63EC2D00A0CF5B26, 7B2C20E9E25289FE54D393F04C540C43C75AEEB11B4FFA31866FF7B23F8AFF66 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
17:07:35.0616 0x04dc  AMD External Events Utility - ok
17:07:35.0635 0x04dc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
17:07:35.0642 0x04dc  amdide - ok
17:07:35.0677 0x04dc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
17:07:35.0708 0x04dc  AmdK8 - ok
17:07:35.0754 0x04dc  amdkmdag - ok
17:07:35.0814 0x04dc  [ 1E2E0FD45B2F9ADD2E5A5125D44F9BCE, B4D65566D15A26865A1506B5BE0E5E0CFBCCB655A2AD358314628FA37169EB6B ] amdkmdap        C:\windows\system32\DRIVERS\atikmpag.sys
17:07:35.0868 0x04dc  amdkmdap - ok
17:07:35.0895 0x04dc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys
17:07:35.0907 0x04dc  AmdPPM - ok
17:07:35.0928 0x04dc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
17:07:35.0940 0x04dc  amdsata - ok
17:07:35.0968 0x04dc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
17:07:35.0982 0x04dc  amdsbs - ok
17:07:35.0997 0x04dc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
17:07:36.0004 0x04dc  amdxata - ok
17:07:36.0079 0x04dc  [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
17:07:36.0103 0x04dc  AntiVirMailService - ok
17:07:36.0157 0x04dc  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:07:36.0170 0x04dc  AntiVirSchedulerService - ok
17:07:36.0207 0x04dc  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:07:36.0220 0x04dc  AntiVirService - ok
17:07:36.0294 0x04dc  [ B667AB46FA82FC246F9069D81BB1065C, CC3ADE01E745B6A4F425E41C5C380BF0D06121B3823BDF0A8DF2973DA59F86EA ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
17:07:36.0337 0x04dc  AntiVirWebService - ok
17:07:36.0383 0x04dc  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\windows\system32\drivers\appid.sys
17:07:36.0420 0x04dc  AppID - ok
17:07:36.0438 0x04dc  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\windows\System32\appidsvc.dll
17:07:36.0447 0x04dc  AppIDSvc - ok
17:07:36.0478 0x04dc  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\windows\System32\appinfo.dll
17:07:36.0517 0x04dc  Appinfo - ok
17:07:36.0534 0x04dc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\drivers\arc.sys
17:07:36.0550 0x04dc  arc - ok
17:07:36.0569 0x04dc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\drivers\arcsas.sys
17:07:36.0578 0x04dc  arcsas - ok
17:07:36.0664 0x04dc  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:07:36.0681 0x04dc  aspnet_state - ok
17:07:36.0695 0x04dc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
17:07:36.0772 0x04dc  AsyncMac - ok
17:07:36.0796 0x04dc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
17:07:36.0803 0x04dc  atapi - ok
17:07:36.0864 0x04dc  [ 80AA9265E820A8667EDEF731E31335B6, 549DC0BCF988F25CF3F89A784DC9B97C6D4DF697302F5CF467EFA2B816991A52 ] AtiHDAudioService C:\windows\system32\drivers\AtihdW76.sys
17:07:36.0903 0x04dc  AtiHDAudioService - ok
17:07:36.0956 0x04dc  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:07:36.0976 0x04dc  AudioEndpointBuilder - ok
17:07:36.0990 0x04dc  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\windows\System32\Audiosrv.dll
17:07:37.0007 0x04dc  AudioSrv - ok
17:07:37.0061 0x04dc  [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt        C:\windows\system32\DRIVERS\avgntflt.sys
17:07:37.0070 0x04dc  avgntflt - ok
17:07:37.0115 0x04dc  [ 1AD2C8F543F261F0AB90AD80767AB21D, 364DA0D0B8A91688CE39FEDF68EB93260819849097444F6A10A3F95CC32F9EA5 ] avipbb          C:\windows\system32\DRIVERS\avipbb.sys
17:07:37.0123 0x04dc  avipbb - ok
17:07:37.0177 0x04dc  [ B127AC7651D0C088E4A239EED92F8AF8, 2958F81C06C46E147E8022F3B7E9C26F1D47C729ADD336D68DCCFEB363CB09FF ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
17:07:37.0184 0x04dc  Avira.OE.ServiceHost - ok
17:07:37.0202 0x04dc  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\windows\system32\DRIVERS\avkmgr.sys
17:07:37.0208 0x04dc  avkmgr - ok
17:07:37.0235 0x04dc  [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt        C:\windows\system32\DRIVERS\avnetflt.sys
17:07:37.0242 0x04dc  avnetflt - ok
17:07:37.0261 0x04dc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
17:07:37.0316 0x04dc  AxInstSV - ok
17:07:37.0351 0x04dc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
17:07:37.0375 0x04dc  b06bdrv - ok
17:07:37.0394 0x04dc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
17:07:37.0420 0x04dc  b57nd60a - ok
17:07:37.0459 0x04dc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
17:07:37.0496 0x04dc  BDESVC - ok
17:07:37.0506 0x04dc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
17:07:37.0538 0x04dc  Beep - ok
17:07:37.0580 0x04dc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
17:07:37.0601 0x04dc  BFE - ok
17:07:37.0635 0x04dc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
17:07:37.0735 0x04dc  BITS - ok
17:07:37.0758 0x04dc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\drivers\blbdrive.sys
17:07:37.0781 0x04dc  blbdrive - ok
17:07:37.0818 0x04dc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
17:07:37.0845 0x04dc  bowser - ok
17:07:37.0865 0x04dc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
17:07:37.0891 0x04dc  BrFiltLo - ok
17:07:37.0911 0x04dc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
17:07:37.0936 0x04dc  BrFiltUp - ok
17:07:37.0973 0x04dc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
17:07:38.0005 0x04dc  Browser - ok
17:07:38.0040 0x04dc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
17:07:38.0075 0x04dc  Brserid - ok
17:07:38.0108 0x04dc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
17:07:38.0131 0x04dc  BrSerWdm - ok
17:07:38.0146 0x04dc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
17:07:38.0173 0x04dc  BrUsbMdm - ok
17:07:38.0196 0x04dc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
17:07:38.0227 0x04dc  BrUsbSer - ok
17:07:38.0258 0x04dc  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\windows\system32\DRIVERS\BthEnum.sys
17:07:38.0286 0x04dc  BthEnum - ok
17:07:38.0317 0x04dc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys
17:07:38.0328 0x04dc  BTHMODEM - ok
17:07:38.0358 0x04dc  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
17:07:38.0386 0x04dc  BthPan - ok
17:07:38.0437 0x04dc  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\windows\system32\Drivers\BTHport.sys
17:07:38.0481 0x04dc  BTHPORT - ok
17:07:38.0511 0x04dc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
17:07:38.0552 0x04dc  bthserv - ok
17:07:38.0582 0x04dc  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\windows\system32\Drivers\BTHUSB.sys
17:07:38.0612 0x04dc  BTHUSB - ok
17:07:38.0645 0x04dc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
17:07:38.0679 0x04dc  cdfs - ok
17:07:38.0712 0x04dc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
17:07:38.0745 0x04dc  cdrom - ok
17:07:38.0788 0x04dc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
17:07:38.0823 0x04dc  CertPropSvc - ok
17:07:38.0835 0x04dc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\drivers\circlass.sys
17:07:38.0858 0x04dc  circlass - ok
17:07:38.0900 0x04dc  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\windows\system32\CLFS.sys
17:07:38.0964 0x04dc  CLFS - ok
17:07:39.0032 0x04dc  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:07:39.0051 0x04dc  clr_optimization_v2.0.50727_32 - ok
17:07:39.0088 0x04dc  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:07:39.0101 0x04dc  clr_optimization_v2.0.50727_64 - ok
17:07:39.0161 0x04dc  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:07:39.0170 0x04dc  clr_optimization_v4.0.30319_32 - ok
17:07:39.0183 0x04dc  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:07:39.0191 0x04dc  clr_optimization_v4.0.30319_64 - ok
17:07:39.0228 0x04dc  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\windows\system32\DRIVERS\CLVirtualDrive.sys
17:07:39.0235 0x04dc  CLVirtualDrive - ok
17:07:39.0259 0x04dc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\drivers\CmBatt.sys
17:07:39.0266 0x0268  Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
17:07:39.0283 0x04dc  CmBatt - ok
17:07:39.0298 0x04dc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
17:07:39.0305 0x04dc  cmdide - ok
17:07:39.0361 0x04dc  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\windows\system32\Drivers\cng.sys
17:07:39.0380 0x04dc  CNG - ok
17:07:39.0394 0x04dc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\drivers\compbatt.sys
17:07:39.0401 0x04dc  Compbatt - ok
17:07:39.0426 0x04dc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
17:07:39.0453 0x04dc  CompositeBus - ok
17:07:39.0465 0x04dc  COMSysApp - ok
17:07:39.0501 0x04dc  [ 3CA734CE373E5675FBC15CA2C45228E5, A6C6E9FABDE5EA18D266DB71C0CC6B51D682116D1898CCB4E9BA730F15C44B32 ] cpudrv64        C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
17:07:39.0508 0x04dc  cpudrv64 - ok
17:07:39.0519 0x04dc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
17:07:39.0526 0x04dc  crcdisk - ok
17:07:39.0562 0x04dc  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\windows\system32\cryptsvc.dll
17:07:39.0599 0x04dc  CryptSvc - ok
17:07:39.0627 0x04dc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
17:07:39.0673 0x04dc  DcomLaunch - ok
17:07:39.0708 0x04dc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
17:07:39.0751 0x04dc  defragsvc - ok
17:07:39.0774 0x04dc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
17:07:39.0813 0x04dc  DfsC - ok
17:07:39.0859 0x04dc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
17:07:39.0883 0x04dc  Dhcp - ok
17:07:39.0985 0x04dc  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\windows\system32\diagtrack.dll
17:07:40.0027 0x04dc  DiagTrack - ok
17:07:40.0049 0x04dc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
17:07:40.0075 0x04dc  discache - ok
17:07:40.0093 0x04dc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\drivers\disk.sys
17:07:40.0102 0x04dc  Disk - ok
17:07:40.0120 0x04dc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
17:07:40.0141 0x04dc  Dnscache - ok
17:07:40.0170 0x04dc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
17:07:40.0196 0x04dc  dot3svc - ok
17:07:40.0211 0x04dc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
17:07:40.0244 0x04dc  DPS - ok
17:07:40.0283 0x04dc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
17:07:40.0312 0x04dc  drmkaud - ok
17:07:40.0359 0x04dc  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
17:07:40.0389 0x04dc  DXGKrnl - ok
17:07:40.0415 0x04dc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
17:07:40.0456 0x04dc  EapHost - ok
17:07:40.0548 0x04dc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\drivers\evbda.sys
17:07:40.0631 0x04dc  ebdrv - ok
17:07:40.0679 0x04dc  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS             C:\windows\System32\lsass.exe
17:07:40.0725 0x04dc  EFS - ok
17:07:40.0807 0x04dc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
17:07:40.0878 0x04dc  ehRecvr - ok
17:07:40.0891 0x04dc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
17:07:40.0906 0x04dc  ehSched - ok
17:07:40.0946 0x04dc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\drivers\elxstor.sys
17:07:40.0962 0x04dc  elxstor - ok
17:07:40.0978 0x04dc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
17:07:41.0001 0x04dc  ErrDev - ok
17:07:41.0039 0x04dc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
17:07:41.0080 0x04dc  EventSystem - ok
17:07:41.0098 0x04dc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
17:07:41.0123 0x04dc  exfat - ok
17:07:41.0132 0x04dc  ezSharedSvc - ok
17:07:41.0143 0x04dc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
17:07:41.0184 0x04dc  fastfat - ok
17:07:41.0229 0x04dc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
17:07:41.0257 0x04dc  Fax - ok
17:07:41.0280 0x04dc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\drivers\fdc.sys
17:07:41.0302 0x04dc  fdc - ok
17:07:41.0328 0x04dc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
17:07:41.0352 0x04dc  fdPHost - ok
17:07:41.0355 0x04dc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
17:07:41.0389 0x04dc  FDResPub - ok
17:07:41.0412 0x04dc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
17:07:41.0424 0x04dc  FileInfo - ok
17:07:41.0434 0x04dc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
17:07:41.0474 0x04dc  Filetrace - ok
17:07:41.0578 0x04dc  [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:07:41.0606 0x04dc  FLEXnet Licensing Service - ok
17:07:41.0709 0x04dc  [ 64AB6F28047744B9B19C97459C2AB31B, B1F3FEE6DF1E72003DEAC8712C3E29D82DF67A095C4AC16A379BCD995C2F3833 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
17:07:41.0750 0x04dc  FLEXnet Licensing Service 64 - ok
17:07:41.0768 0x04dc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
17:07:41.0789 0x04dc  flpydisk - ok
17:07:41.0809 0x04dc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
17:07:41.0827 0x04dc  FltMgr - ok
17:07:41.0896 0x04dc  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\windows\system32\FntCache.dll
17:07:41.0935 0x04dc  FontCache - ok
17:07:41.0979 0x04dc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:07:41.0987 0x04dc  FontCache3.0.0.0 - ok
17:07:42.0008 0x04dc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
17:07:42.0016 0x04dc  FsDepends - ok
17:07:42.0018 0x0268  Object send P2P result: true
17:07:42.0018 0x0268  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
17:07:42.0036 0x04dc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
17:07:42.0042 0x04dc  Fs_Rec - ok
17:07:42.0081 0x04dc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
17:07:42.0093 0x04dc  fvevol - ok
17:07:42.0104 0x04dc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
17:07:42.0112 0x04dc  gagp30kx - ok
17:07:42.0138 0x04dc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
17:07:42.0171 0x04dc  gpsvc - ok
17:07:42.0187 0x04dc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
17:07:42.0214 0x04dc  hcw85cir - ok
17:07:42.0247 0x04dc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:07:42.0281 0x04dc  HdAudAddService - ok
17:07:42.0307 0x04dc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys
17:07:42.0330 0x04dc  HDAudBus - ok
17:07:42.0354 0x04dc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
17:07:42.0362 0x04dc  HidBatt - ok
17:07:42.0384 0x04dc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\drivers\hidbth.sys
17:07:42.0396 0x04dc  HidBth - ok
17:07:42.0419 0x04dc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\drivers\hidir.sys
17:07:42.0446 0x04dc  HidIr - ok
17:07:42.0474 0x04dc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\system32\hidserv.dll
17:07:42.0510 0x04dc  hidserv - ok
17:07:42.0548 0x04dc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
17:07:42.0573 0x04dc  HidUsb - ok
17:07:42.0593 0x04dc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
17:07:42.0618 0x04dc  hkmsvc - ok
17:07:42.0641 0x04dc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:07:42.0683 0x04dc  HomeGroupListener - ok
17:07:42.0705 0x04dc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:07:42.0733 0x04dc  HomeGroupProvider - ok
17:07:42.0769 0x04dc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
17:07:42.0783 0x04dc  HpSAMD - ok
17:07:42.0944 0x04dc  [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC        C:\Users\****\AppData\Local\Temp\7zS3986\hpslpsvc64.dll
17:07:42.0968 0x04dc  HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
17:07:44.0759 0x0268  Object send P2P result: true
17:07:44.0759 0x0268  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
17:07:45.0658 0x04dc  Detect skipped due to KSN trusted
17:07:45.0658 0x04dc  HPSLPSVC - ok
17:07:45.0710 0x04dc  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\windows\system32\drivers\HTTP.sys
17:07:45.0774 0x04dc  HTTP - ok
17:07:45.0793 0x04dc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
17:07:45.0806 0x04dc  hwpolicy - ok
17:07:45.0839 0x04dc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
17:07:45.0863 0x04dc  i8042prt - ok
17:07:45.0896 0x04dc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
17:07:45.0920 0x04dc  iaStorV - ok
17:07:45.0964 0x04dc  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:07:45.0984 0x04dc  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
17:07:47.0498 0x0268  Object send P2P result: true
17:07:48.0669 0x04dc  Detect skipped due to KSN trusted
17:07:48.0670 0x04dc  IDriverT - ok
17:07:48.0828 0x04dc  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:07:48.0867 0x04dc  idsvc - ok
17:07:48.0890 0x04dc  IEEtwCollectorService - ok
17:07:49.0042 0x04dc  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
17:07:49.0167 0x04dc  igfx - ok
17:07:49.0204 0x04dc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\drivers\iirsp.sys
17:07:49.0212 0x04dc  iirsp - ok
17:07:49.0255 0x04dc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
17:07:49.0294 0x04dc  IKEEXT - ok
17:07:49.0321 0x04dc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
17:07:49.0328 0x04dc  intelide - ok
17:07:49.0350 0x04dc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
17:07:49.0358 0x04dc  intelppm - ok
17:07:49.0398 0x04dc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
17:07:49.0434 0x04dc  IPBusEnum - ok
17:07:49.0459 0x04dc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
17:07:49.0496 0x04dc  IpFilterDriver - ok
17:07:49.0535 0x04dc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
17:07:49.0567 0x04dc  iphlpsvc - ok
17:07:49.0593 0x04dc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
17:07:49.0602 0x04dc  IPMIDRV - ok
17:07:49.0618 0x04dc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
17:07:49.0658 0x04dc  IPNAT - ok
17:07:49.0679 0x04dc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
17:07:49.0689 0x04dc  IRENUM - ok
17:07:49.0704 0x04dc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
17:07:49.0711 0x04dc  isapnp - ok
17:07:49.0726 0x04dc  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
17:07:49.0743 0x04dc  iScsiPrt - ok
17:07:49.0761 0x04dc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
17:07:49.0772 0x04dc  kbdclass - ok
17:07:49.0792 0x04dc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
17:07:49.0821 0x04dc  kbdhid - ok
17:07:49.0836 0x04dc  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso          C:\windows\system32\lsass.exe
17:07:49.0844 0x04dc  KeyIso - ok
17:07:49.0876 0x04dc  [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
17:07:49.0884 0x04dc  KSecDD - ok
17:07:49.0890 0x04dc  [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
17:07:49.0900 0x04dc  KSecPkg - ok
17:07:49.0920 0x04dc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
17:07:49.0960 0x04dc  ksthunk - ok
17:07:49.0987 0x04dc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
17:07:50.0023 0x04dc  KtmRm - ok
17:07:50.0060 0x04dc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\system32\srvsvc.dll
17:07:50.0085 0x04dc  LanmanServer - ok
17:07:50.0111 0x04dc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:07:50.0134 0x04dc  LanmanWorkstation - ok
17:07:50.0163 0x04dc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
17:07:50.0190 0x04dc  lltdio - ok
17:07:50.0204 0x04dc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
17:07:50.0247 0x04dc  lltdsvc - ok
17:07:50.0269 0x04dc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
17:07:50.0303 0x04dc  lmhosts - ok
17:07:50.0345 0x04dc  [ BF22ACF4CF3734D61357E67F0521BC03, EDDFBDC4BE29BF26904B2DF7074F471711238469CDDBED1CA253A49B993F53DF ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:07:50.0355 0x04dc  LMS - ok
17:07:50.0386 0x04dc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
17:07:50.0394 0x04dc  LSI_FC - ok
17:07:50.0418 0x04dc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
17:07:50.0426 0x04dc  LSI_SAS - ok
17:07:50.0433 0x04dc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
17:07:50.0441 0x04dc  LSI_SAS2 - ok
17:07:50.0450 0x04dc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
17:07:50.0458 0x04dc  LSI_SCSI - ok
17:07:50.0471 0x04dc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
17:07:50.0499 0x04dc  luafv - ok
17:07:50.0532 0x04dc  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\windows\system32\drivers\mbam.sys
17:07:50.0538 0x04dc  MBAMProtector - ok
17:07:50.0605 0x04dc  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
17:07:50.0631 0x04dc  MBAMService - ok
17:07:50.0660 0x04dc  [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys
17:07:50.0668 0x04dc  MBAMWebAccessControl - ok
17:07:50.0687 0x04dc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
17:07:50.0704 0x04dc  Mcx2Svc - ok
17:07:50.0736 0x04dc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\drivers\megasas.sys
17:07:50.0744 0x04dc  megasas - ok
17:07:50.0779 0x04dc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
17:07:50.0793 0x04dc  MegaSR - ok
17:07:50.0811 0x04dc  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\windows\system32\drivers\HECIx64.sys
17:07:50.0819 0x04dc  MEIx64 - ok
17:07:50.0847 0x04dc  Microsoft SharePoint Workspace Audit Service - ok
17:07:50.0948 0x04dc  [ 551A5E070F5DF69A64463852E93009DD, D226F4D198AD8A1A0CB399BA5299332995BF75615952DF6D3610B95EB7D180BB ] mitsijm2013     C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe
17:07:50.0966 0x04dc  mitsijm2013 - ok
17:07:50.0974 0x04dc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
17:07:50.0996 0x04dc  MMCSS - ok
17:07:51.0081 0x04dc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
17:07:51.0120 0x04dc  Modem - ok
17:07:51.0143 0x04dc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
17:07:51.0167 0x04dc  monitor - ok
17:07:51.0202 0x04dc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
17:07:51.0216 0x04dc  mouclass - ok
17:07:51.0241 0x04dc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
17:07:51.0272 0x04dc  mouhid - ok
17:07:51.0301 0x04dc  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
17:07:51.0311 0x04dc  mountmgr - ok
17:07:51.0353 0x04dc  [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:07:51.0365 0x04dc  MozillaMaintenance - ok
17:07:51.0387 0x04dc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
17:07:51.0399 0x04dc  mpio - ok
17:07:51.0478 0x04dc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
17:07:51.0515 0x04dc  mpsdrv - ok
17:07:51.0544 0x04dc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
17:07:51.0579 0x04dc  MpsSvc - ok
17:07:51.0595 0x04dc  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
17:07:51.0619 0x04dc  MRxDAV - ok
17:07:51.0644 0x04dc  [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
17:07:51.0668 0x04dc  mrxsmb - ok
17:07:51.0702 0x04dc  [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
17:07:51.0715 0x04dc  mrxsmb10 - ok
17:07:51.0725 0x04dc  [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
17:07:51.0746 0x04dc  mrxsmb20 - ok
17:07:51.0773 0x04dc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
17:07:51.0786 0x04dc  msahci - ok
17:07:51.0802 0x04dc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
17:07:51.0813 0x04dc  msdsm - ok
17:07:51.0835 0x04dc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
17:07:51.0848 0x04dc  MSDTC - ok
17:07:51.0863 0x04dc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
17:07:51.0887 0x04dc  Msfs - ok
17:07:51.0903 0x04dc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
17:07:51.0927 0x04dc  mshidkmdf - ok
17:07:51.0945 0x04dc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
17:07:51.0956 0x04dc  msisadrv - ok
17:07:51.0973 0x04dc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
17:07:52.0014 0x04dc  MSiSCSI - ok
17:07:52.0016 0x04dc  msiserver - ok
17:07:52.0053 0x04dc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
17:07:52.0090 0x04dc  MSKSSRV - ok
17:07:52.0105 0x04dc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
17:07:52.0128 0x04dc  MSPCLOCK - ok
17:07:52.0140 0x04dc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
17:07:52.0163 0x04dc  MSPQM - ok
17:07:52.0180 0x04dc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
17:07:52.0198 0x04dc  MsRPC - ok
17:07:52.0230 0x04dc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
17:07:52.0237 0x04dc  mssmbios - ok
17:07:52.0245 0x04dc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
17:07:52.0278 0x04dc  MSTEE - ok
17:07:52.0281 0x04dc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
17:07:52.0289 0x04dc  MTConfig - ok
17:07:52.0310 0x04dc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
17:07:52.0321 0x04dc  Mup - ok
17:07:52.0350 0x04dc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
17:07:52.0393 0x04dc  napagent - ok
17:07:52.0429 0x04dc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
17:07:52.0462 0x04dc  NativeWifiP - ok
17:07:52.0528 0x04dc  [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
17:07:52.0545 0x04dc  NAUpdate - ok
17:07:52.0577 0x04dc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys
17:07:52.0602 0x04dc  NDIS - ok
17:07:52.0634 0x04dc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
17:07:52.0668 0x04dc  NdisCap - ok
17:07:52.0690 0x04dc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
17:07:52.0727 0x04dc  NdisTapi - ok
17:07:52.0745 0x04dc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
17:07:52.0780 0x04dc  Ndisuio - ok
17:07:52.0801 0x04dc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
17:07:52.0844 0x04dc  NdisWan - ok
17:07:52.0864 0x04dc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
17:07:52.0885 0x04dc  NDProxy - ok
17:07:52.0922 0x04dc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
17:07:52.0947 0x04dc  NetBIOS - ok
17:07:52.0960 0x04dc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
17:07:52.0985 0x04dc  NetBT - ok
17:07:53.0003 0x04dc  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon        C:\windows\system32\lsass.exe
17:07:53.0010 0x04dc  Netlogon - ok
17:07:53.0044 0x04dc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
17:07:53.0072 0x04dc  Netman - ok
17:07:53.0133 0x04dc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:07:53.0143 0x04dc  NetMsmqActivator - ok
17:07:53.0146 0x04dc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:07:53.0155 0x04dc  NetPipeActivator - ok
17:07:53.0176 0x04dc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
17:07:53.0221 0x04dc  netprofm - ok
17:07:53.0225 0x04dc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:07:53.0234 0x04dc  NetTcpActivator - ok
17:07:53.0238 0x04dc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:07:53.0247 0x04dc  NetTcpPortSharing - ok
17:07:53.0276 0x04dc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
17:07:53.0284 0x04dc  nfrd960 - ok
17:07:53.0306 0x04dc  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\windows\System32\nlasvc.dll
17:07:53.0319 0x04dc  NlaSvc - ok
17:07:53.0359 0x04dc  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] NPF             C:\windows\system32\drivers\npf.sys
17:07:53.0365 0x04dc  NPF - ok
17:07:53.0385 0x04dc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
17:07:53.0410 0x04dc  Npfs - ok
17:07:53.0422 0x04dc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll
17:07:53.0454 0x04dc  nsi - ok
17:07:53.0471 0x04dc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
17:07:53.0506 0x04dc  nsiproxy - ok
17:07:53.0563 0x04dc  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
17:07:53.0601 0x04dc  Ntfs - ok
17:07:53.0615 0x04dc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
17:07:53.0637 0x04dc  Null - ok
17:07:53.0650 0x04dc  NVHDA - ok
17:07:53.0655 0x04dc  nvlddmkm - ok
17:07:53.0673 0x04dc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
17:07:53.0683 0x04dc  nvraid - ok
17:07:53.0715 0x04dc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
17:07:53.0725 0x04dc  nvstor - ok
17:07:53.0760 0x04dc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
17:07:53.0769 0x04dc  nv_agp - ok
17:07:53.0788 0x04dc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
17:07:53.0808 0x04dc  ohci1394 - ok
17:07:53.0857 0x04dc  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:07:53.0865 0x04dc  ose - ok
17:07:54.0023 0x04dc  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:07:54.0120 0x04dc  osppsvc - ok
17:07:54.0151 0x04dc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
17:07:54.0197 0x04dc  p2pimsvc - ok
17:07:54.0221 0x04dc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
17:07:54.0255 0x04dc  p2psvc - ok
17:07:54.0284 0x04dc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\drivers\parport.sys
17:07:54.0308 0x04dc  Parport - ok
17:07:54.0335 0x04dc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
17:07:54.0347 0x04dc  partmgr - ok
17:07:54.0406 0x04dc  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\windows\System32\pcasvc.dll
17:07:54.0443 0x04dc  PcaSvc - ok
17:07:54.0461 0x04dc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
17:07:54.0475 0x04dc  pci - ok
17:07:54.0515 0x04dc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys
17:07:54.0529 0x04dc  pciide - ok
17:07:54.0548 0x04dc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
17:07:54.0564 0x04dc  pcmcia - ok
17:07:54.0584 0x04dc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
17:07:54.0600 0x04dc  pcw - ok
17:07:54.0645 0x04dc  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
17:07:54.0673 0x04dc  PEAUTH - ok
17:07:54.0739 0x04dc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
17:07:54.0752 0x04dc  PerfHost - ok
17:07:54.0808 0x04dc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll
17:07:54.0855 0x04dc  pla - ok
17:07:54.0902 0x04dc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
17:07:54.0926 0x04dc  PlugPlay - ok
17:07:54.0934 0x04dc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
17:07:54.0954 0x04dc  PNRPAutoReg - ok
17:07:54.0975 0x04dc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
17:07:54.0988 0x04dc  PNRPsvc - ok
17:07:55.0012 0x04dc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
17:07:55.0042 0x04dc  PolicyAgent - ok
17:07:55.0068 0x04dc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
17:07:55.0108 0x04dc  Power - ok
17:07:55.0134 0x04dc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
17:07:55.0172 0x04dc  PptpMiniport - ok
17:07:55.0195 0x04dc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\drivers\processr.sys
17:07:55.0205 0x04dc  Processor - ok
17:07:55.0234 0x04dc  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\windows\system32\profsvc.dll
17:07:55.0245 0x04dc  ProfSvc - ok
17:07:55.0252 0x04dc  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\windows\system32\lsass.exe
17:07:55.0260 0x04dc  ProtectedStorage - ok
17:07:55.0287 0x04dc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
17:07:55.0320 0x04dc  Psched - ok
17:07:55.0376 0x04dc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\drivers\ql2300.sys
17:07:55.0411 0x04dc  ql2300 - ok
17:07:55.0422 0x04dc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\drivers\ql40xx.sys
17:07:55.0431 0x04dc  ql40xx - ok
17:07:55.0459 0x04dc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
17:07:55.0475 0x04dc  QWAVE - ok
17:07:55.0490 0x04dc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
17:07:55.0504 0x04dc  QWAVEdrv - ok
17:07:55.0535 0x04dc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
17:07:55.0559 0x04dc  RasAcd - ok
17:07:55.0577 0x04dc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
17:07:55.0613 0x04dc  RasAgileVpn - ok
17:07:55.0654 0x04dc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
17:07:55.0689 0x04dc  RasAuto - ok
17:07:55.0707 0x04dc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
17:07:55.0749 0x04dc  Rasl2tp - ok
17:07:55.0776 0x04dc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
17:07:55.0804 0x04dc  RasMan - ok
17:07:55.0824 0x04dc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
17:07:55.0850 0x04dc  RasPppoe - ok
17:07:55.0856 0x04dc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
17:07:55.0882 0x04dc  RasSstp - ok
17:07:55.0891 0x04dc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
17:07:55.0923 0x04dc  rdbss - ok
17:07:55.0944 0x04dc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\drivers\rdpbus.sys
17:07:55.0954 0x04dc  rdpbus - ok
17:07:55.0983 0x04dc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
17:07:56.0014 0x04dc  RDPCDD - ok
17:07:56.0017 0x04dc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
17:07:56.0038 0x04dc  RDPENCDD - ok
17:07:56.0053 0x04dc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
17:07:56.0085 0x04dc  RDPREFMP - ok
17:07:56.0161 0x04dc  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
17:07:56.0187 0x04dc  RdpVideoMiniport - ok
17:07:56.0225 0x04dc  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
17:07:56.0256 0x04dc  RDPWD - ok
17:07:56.0296 0x04dc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
17:07:56.0316 0x04dc  rdyboost - ok
17:07:56.0337 0x04dc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
17:07:56.0365 0x04dc  RemoteAccess - ok
17:07:56.0399 0x04dc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
17:07:56.0424 0x04dc  RemoteRegistry - ok
17:07:56.0465 0x04dc  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
17:07:56.0491 0x04dc  RFCOMM - ok
17:07:56.0513 0x04dc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
17:07:56.0560 0x04dc  RpcEptMapper - ok
17:07:56.0580 0x04dc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
17:07:56.0589 0x04dc  RpcLocator - ok
17:07:56.0611 0x04dc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll
17:07:56.0646 0x04dc  RpcSs - ok
17:07:56.0668 0x04dc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
17:07:56.0698 0x04dc  rspndr - ok
17:07:56.0737 0x04dc  [ 39A719875F572241C585A629EE62EB14, EE42DB11710374A2A97ED5B58A9DA0AECC8AB0DF4DEEAC5970F33046255CE2F9 ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys
17:07:56.0756 0x04dc  RTL8167 - ok
17:07:56.0769 0x04dc  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs           C:\windows\system32\lsass.exe
17:07:56.0778 0x04dc  SamSs - ok
17:07:56.0793 0x04dc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
17:07:56.0804 0x04dc  sbp2port - ok
17:07:56.0831 0x04dc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
17:07:56.0871 0x04dc  SCardSvr - ok
17:07:56.0891 0x04dc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
17:07:56.0917 0x04dc  scfilter - ok
17:07:56.0948 0x04dc  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\windows\system32\schedsvc.dll
17:07:56.0988 0x04dc  Schedule - ok
17:07:57.0011 0x04dc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
17:07:57.0032 0x04dc  SCPolicySvc - ok
17:07:57.0042 0x04dc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
17:07:57.0065 0x04dc  SDRSVC - ok
17:07:57.0147 0x04dc  [ 95AA9E165C7DE1B64A11E8B18E91E499, 505BB51F358EAE5835071A89069530DFDA99E9C5220EA6A648842C15E74E4907 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
17:07:57.0186 0x04dc  SDScannerService - ok
17:07:57.0237 0x04dc  [ D31398D4BB4907B517B6E784C2100C4A, 36BDB2BFAC2C0ADF8C6DF6D1511ECF43C8F6ED7D4D76244DC5232AD97BA5E9C9 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
17:07:57.0262 0x04dc  SDUpdateService - ok
17:07:57.0292 0x04dc  [ 6AE8E702D1027A9627DDE2B77BB9992B, 5EA68E2A487D252A68DB0861E7FAFA69956D266CBAA5A1D77751F7E6BD4169B7 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
17:07:57.0301 0x04dc  SDWSCService - ok
17:07:57.0325 0x04dc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
17:07:57.0363 0x04dc  secdrv - ok
17:07:57.0384 0x04dc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll
17:07:57.0405 0x04dc  seclogon - ok
17:07:57.0420 0x04dc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\System32\sens.dll
17:07:57.0443 0x04dc  SENS - ok
17:07:57.0455 0x04dc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
17:07:57.0489 0x04dc  SensrSvc - ok
17:07:57.0512 0x04dc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
17:07:57.0520 0x04dc  Serenum - ok
17:07:57.0555 0x04dc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\drivers\serial.sys
17:07:57.0564 0x04dc  Serial - ok
17:07:57.0589 0x04dc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\drivers\sermouse.sys
17:07:57.0611 0x04dc  sermouse - ok
17:07:57.0638 0x04dc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
17:07:57.0660 0x04dc  SessionEnv - ok
17:07:57.0674 0x04dc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
17:07:57.0695 0x04dc  sffdisk - ok
17:07:57.0712 0x04dc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
17:07:57.0731 0x04dc  sffp_mmc - ok
17:07:57.0743 0x04dc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
17:07:57.0754 0x04dc  sffp_sd - ok
17:07:57.0760 0x04dc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys
17:07:57.0779 0x04dc  sfloppy - ok
17:07:57.0809 0x04dc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
17:07:57.0847 0x04dc  SharedAccess - ok
17:07:57.0869 0x04dc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:07:57.0896 0x04dc  ShellHWDetection - ok
17:07:57.0923 0x04dc  [ 7799106FEE728B907A86D9C9751E02D5, EE85E8D3CF3819DB28221BFC103DE8DF0E14E1878CECF54E8CD8C161B0E0AF3C ] silabenm        C:\windows\system32\DRIVERS\silabenm.sys
17:07:57.0959 0x04dc  silabenm - ok
17:07:57.0989 0x04dc  [ 447209C314E6E0D26E01962075802B18, AB1AC5854EB0EDF66025609CF9CB5639014C264327F4DEE1223BF7F6E1BD2D15 ] silabser        C:\windows\system32\DRIVERS\silabser.sys
17:07:58.0008 0x04dc  silabser - ok
17:07:58.0031 0x04dc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
17:07:58.0039 0x04dc  SiSRaid2 - ok
17:07:58.0054 0x04dc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
17:07:58.0061 0x04dc  SiSRaid4 - ok
17:07:58.0083 0x04dc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
17:07:58.0110 0x04dc  Smb - ok
17:07:58.0138 0x04dc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
17:07:58.0163 0x04dc  SNMPTRAP - ok
17:07:58.0181 0x04dc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
17:07:58.0192 0x04dc  spldr - ok
17:07:58.0221 0x04dc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe
17:07:58.0252 0x04dc  Spooler - ok
17:07:58.0379 0x04dc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
17:07:58.0462 0x04dc  sppsvc - ok
17:07:58.0480 0x04dc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
17:07:58.0516 0x04dc  sppuinotify - ok
17:07:58.0555 0x04dc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys
17:07:58.0583 0x04dc  srv - ok
17:07:58.0599 0x04dc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
17:07:58.0631 0x04dc  srv2 - ok
17:07:58.0651 0x04dc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
17:07:58.0667 0x04dc  srvnet - ok
17:07:58.0688 0x04dc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
17:07:58.0726 0x04dc  SSDPSRV - ok
17:07:58.0741 0x04dc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
17:07:58.0774 0x04dc  SstpSvc - ok
17:07:58.0843 0x04dc  [ F5F2592EAF991348D655C482BCFD2B12, F08A573762047793559D1288EA763284044D9B99C0A2992A59F71526D18C1A7A ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
17:07:58.0885 0x04dc  STacSV - ok
17:07:58.0913 0x04dc  Steam Client Service - ok
17:07:58.0927 0x04dc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\drivers\stexstor.sys
17:07:58.0934 0x04dc  stexstor - ok
17:07:58.0963 0x04dc  [ DCF0D5DB91B09FC456225352CDFD7DE7, 1A6C8E00540F3317369DA1672BE1D5A2EC26A6866D7118ACFFA2987ED315B410 ] STHDA           C:\windows\system32\DRIVERS\stwrt64.sys
17:07:58.0980 0x04dc  STHDA - ok
17:07:59.0014 0x04dc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
17:07:59.0037 0x04dc  stisvc - ok
17:07:59.0056 0x04dc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\drivers\swenum.sys
17:07:59.0063 0x04dc  swenum - ok
17:07:59.0082 0x04dc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
17:07:59.0113 0x04dc  swprv - ok
17:07:59.0151 0x04dc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\windows\system32\sysmain.dll
17:07:59.0193 0x04dc  SysMain - ok
17:07:59.0208 0x04dc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
17:07:59.0220 0x04dc  TabletInputService - ok
17:07:59.0230 0x04dc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll
17:07:59.0272 0x04dc  TapiSrv - ok
17:07:59.0294 0x04dc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll
17:07:59.0333 0x04dc  TBS - ok
17:07:59.0411 0x04dc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
17:07:59.0465 0x04dc  Tcpip - ok
17:07:59.0502 0x04dc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
17:07:59.0537 0x04dc  TCPIP6 - ok
17:07:59.0554 0x04dc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
17:07:59.0562 0x04dc  tcpipreg - ok
17:07:59.0588 0x04dc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
17:07:59.0612 0x04dc  TDPIPE - ok
17:07:59.0633 0x04dc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
17:07:59.0641 0x04dc  TDTCP - ok
17:07:59.0681 0x04dc  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\windows\system32\DRIVERS\tdx.sys
17:07:59.0703 0x04dc  tdx - ok
17:07:59.0878 0x04dc  [ 8305FB462C325A67628E0556DF244B8B, 4ABD5D14E64BE07DD9332E39C3B902A40BD1E763A075F68F0048A7FAEB3019D5 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
17:07:59.0968 0x04dc  TeamViewer - ok
17:07:59.0998 0x04dc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\drivers\termdd.sys
17:08:00.0009 0x04dc  TermDD - ok
17:08:00.0054 0x04dc  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\windows\System32\termsrv.dll
17:08:00.0074 0x04dc  TermService - ok
17:08:00.0096 0x04dc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
17:08:00.0120 0x04dc  Themes - ok
17:08:00.0144 0x04dc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll
17:08:00.0166 0x04dc  THREADORDER - ok
17:08:00.0196 0x04dc  [ BDFC55C2389D23C7E36A627BD580EE98, E25CF1C01CF90B348333A0CBAF26F8F5751AE725E6059C35C492E00479105B70 ] tihub3          C:\windows\system32\drivers\tihub3.sys
17:08:00.0205 0x04dc  tihub3 - ok
17:08:00.0230 0x04dc  [ EBEDBC08C2E5EB4EC8E3DA4BF3D827B1, FC465EAF5C2E44F279B54B13C88ACCE565B1C9C6DDEB8D87FD0CD6CD3AA1AABC ] tixhci          C:\windows\system32\drivers\tixhci.sys
17:08:00.0242 0x04dc  tixhci - ok
17:08:00.0254 0x04dc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
17:08:00.0293 0x04dc  TrkWks - ok
17:08:00.0342 0x04dc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
17:08:00.0370 0x04dc  TrustedInstaller - ok
17:08:00.0406 0x04dc  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
17:08:00.0417 0x04dc  tssecsrv - ok
17:08:00.0457 0x04dc  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
17:08:00.0483 0x04dc  TsUsbFlt - ok
17:08:00.0501 0x04dc  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys
17:08:00.0517 0x04dc  TsUsbGD - ok
17:08:00.0548 0x04dc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
17:08:00.0597 0x04dc  tunnel - ok
17:08:00.0624 0x04dc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\drivers\uagp35.sys
17:08:00.0633 0x04dc  uagp35 - ok
17:08:00.0648 0x04dc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
17:08:00.0680 0x04dc  udfs - ok
17:08:00.0702 0x04dc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe
17:08:00.0726 0x04dc  UI0Detect - ok
17:08:00.0766 0x04dc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
17:08:00.0774 0x04dc  uliagpkx - ok
17:08:00.0795 0x04dc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\DRIVERS\umbus.sys
17:08:00.0818 0x04dc  umbus - ok
17:08:00.0835 0x04dc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\drivers\umpass.sys
17:08:00.0863 0x04dc  UmPass - ok
17:08:00.0888 0x04dc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
17:08:00.0932 0x04dc  upnphost - ok
17:08:00.0961 0x04dc  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
17:08:00.0974 0x04dc  usbccgp - ok
17:08:01.0014 0x04dc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys
17:08:01.0023 0x04dc  usbcir - ok
17:08:01.0040 0x04dc  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\windows\system32\drivers\usbehci.sys
17:08:01.0063 0x04dc  usbehci - ok
17:08:01.0095 0x04dc  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
17:08:01.0125 0x04dc  usbhub - ok
17:08:01.0152 0x04dc  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\windows\system32\drivers\usbohci.sys
17:08:01.0163 0x04dc  usbohci - ok
17:08:01.0184 0x04dc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
17:08:01.0198 0x04dc  usbprint - ok
17:08:01.0229 0x04dc  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\windows\system32\DRIVERS\usbser.sys
17:08:01.0247 0x04dc  usbser - ok
17:08:01.0270 0x04dc  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
17:08:01.0283 0x04dc  USBSTOR - ok
17:08:01.0304 0x04dc  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
17:08:01.0325 0x04dc  usbuhci - ok
17:08:01.0342 0x04dc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll
17:08:01.0365 0x04dc  UxSms - ok
17:08:01.0378 0x04dc  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc        C:\windows\system32\lsass.exe
17:08:01.0386 0x04dc  VaultSvc - ok
17:08:01.0410 0x04dc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
17:08:01.0421 0x04dc  vdrvroot - ok
17:08:01.0442 0x04dc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe
17:08:01.0486 0x04dc  vds - ok
17:08:01.0504 0x04dc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
17:08:01.0517 0x04dc  vga - ok
17:08:01.0529 0x04dc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys
17:08:01.0568 0x04dc  VgaSave - ok
17:08:01.0595 0x04dc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
17:08:01.0606 0x04dc  vhdmp - ok
17:08:01.0636 0x04dc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
17:08:01.0643 0x04dc  viaide - ok
17:08:01.0651 0x04dc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
17:08:01.0663 0x04dc  volmgr - ok
17:08:01.0679 0x04dc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
17:08:01.0693 0x04dc  volmgrx - ok
17:08:01.0703 0x04dc  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\windows\system32\drivers\volsnap.sys
17:08:01.0715 0x04dc  volsnap - ok
17:08:01.0737 0x04dc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
17:08:01.0746 0x04dc  vsmraid - ok
17:08:01.0796 0x04dc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe
17:08:01.0847 0x04dc  VSS - ok
17:08:01.0855 0x04dc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
17:08:01.0869 0x04dc  vwifibus - ok
17:08:01.0889 0x04dc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll
17:08:01.0918 0x04dc  W32Time - ok
17:08:01.0933 0x04dc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\drivers\wacompen.sys
17:08:01.0941 0x04dc  WacomPen - ok
17:08:01.0968 0x04dc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
17:08:02.0010 0x04dc  WANARP - ok
17:08:02.0013 0x04dc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
17:08:02.0035 0x04dc  Wanarpv6 - ok
17:08:02.0086 0x04dc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
17:08:02.0144 0x04dc  wbengine - ok
17:08:02.0169 0x04dc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
17:08:02.0184 0x04dc  WbioSrvc - ok
17:08:02.0202 0x04dc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll
17:08:02.0235 0x04dc  wcncsvc - ok
17:08:02.0249 0x04dc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
17:08:02.0269 0x04dc  WcsPlugInService - ok
17:08:02.0292 0x04dc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\drivers\wd.sys
17:08:02.0300 0x04dc  Wd - ok
17:08:02.0360 0x04dc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
17:08:02.0401 0x04dc  Wdf01000 - ok
17:08:02.0421 0x04dc  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\windows\system32\wdi.dll
17:08:02.0441 0x04dc  WdiServiceHost - ok
17:08:02.0444 0x04dc  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\windows\system32\wdi.dll
17:08:02.0453 0x04dc  WdiSystemHost - ok
17:08:02.0479 0x04dc  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\windows\System32\webclnt.dll
17:08:02.0492 0x04dc  WebClient - ok
17:08:02.0520 0x04dc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
17:08:02.0545 0x04dc  Wecsvc - ok
17:08:02.0563 0x04dc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll
17:08:02.0586 0x04dc  wercplsupport - ok
17:08:02.0598 0x04dc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
17:08:02.0620 0x04dc  WerSvc - ok
17:08:02.0641 0x04dc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
17:08:02.0664 0x04dc  WfpLwf - ok
17:08:02.0674 0x04dc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
17:08:02.0685 0x04dc  WIMMount - ok
17:08:02.0700 0x04dc  WinDefend - ok
17:08:02.0703 0x04dc  WinHttpAutoProxySvc - ok
17:08:02.0747 0x04dc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
17:08:02.0788 0x04dc  Winmgmt - ok
17:08:02.0861 0x04dc  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\windows\system32\WsmSvc.dll
17:08:02.0908 0x04dc  WinRM - ok
17:08:02.0970 0x04dc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
17:08:02.0989 0x04dc  WinUsb - ok
17:08:03.0019 0x04dc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll
17:08:03.0048 0x04dc  Wlansvc - ok
17:08:03.0175 0x04dc  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:08:03.0221 0x04dc  wlidsvc - ok
17:08:03.0241 0x04dc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
17:08:03.0263 0x04dc  WmiAcpi - ok
17:08:03.0288 0x04dc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
17:08:03.0299 0x04dc  wmiApSrv - ok
17:08:03.0319 0x04dc  WMPNetworkSvc - ok
17:08:03.0339 0x04dc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
17:08:03.0374 0x04dc  WPCSvc - ok
17:08:03.0381 0x04dc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
17:08:03.0391 0x04dc  WPDBusEnum - ok
17:08:03.0412 0x04dc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
17:08:03.0434 0x04dc  ws2ifsl - ok
17:08:03.0443 0x04dc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\System32\wscsvc.dll
17:08:03.0467 0x04dc  wscsvc - ok
17:08:03.0469 0x04dc  WSearch - ok
17:08:03.0538 0x04dc  [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv        C:\windows\system32\wuaueng.dll
17:08:03.0611 0x04dc  wuauserv - ok
17:08:03.0642 0x04dc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
17:08:03.0693 0x04dc  WudfPf - ok
17:08:03.0734 0x04dc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
17:08:03.0761 0x04dc  WUDFRd - ok
17:08:03.0786 0x04dc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
17:08:03.0813 0x04dc  wudfsvc - ok
17:08:03.0849 0x04dc  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\windows\System32\wwansvc.dll
17:08:03.0870 0x04dc  WwanSvc - ok
17:08:03.0875 0x04dc  ================ Scan global ===============================
17:08:03.0893 0x04dc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
17:08:03.0979 0x04dc  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\windows\system32\winsrv.dll
17:08:03.0993 0x04dc  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\windows\system32\winsrv.dll
17:08:04.0016 0x04dc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
17:08:04.0067 0x04dc  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\windows\system32\services.exe
17:08:04.0074 0x04dc  [ Global ] - ok
17:08:04.0075 0x04dc  ================ Scan MBR ==================================
17:08:04.0083 0x04dc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
17:08:04.0158 0x04dc  \Device\Harddisk0\DR0 - ok
17:08:04.0159 0x04dc  ================ Scan VBR ==================================
17:08:04.0161 0x04dc  [ 8522DD43AF9278E860B9875A115585B2 ] \Device\Harddisk0\DR0\Partition1
17:08:04.0241 0x04dc  \Device\Harddisk0\DR0\Partition1 - ok
17:08:04.0278 0x04dc  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition2
17:08:04.0278 0x04dc  \Device\Harddisk0\DR0\Partition2 - ok
17:08:04.0284 0x04dc  [ 690B03832330AE69CC3CBF6143384CC7 ] \Device\Harddisk0\DR0\Partition3
17:08:04.0350 0x04dc  \Device\Harddisk0\DR0\Partition3 - ok
17:08:04.0369 0x04dc  [ 48AA405F0338D59FC22ED65C52C66800 ] \Device\Harddisk0\DR0\Partition4
17:08:04.0370 0x04dc  \Device\Harddisk0\DR0\Partition4 - ok
17:08:04.0371 0x04dc  ================ Scan generic autorun ======================
17:08:04.0414 0x04dc  [ 0D997D69A624B2A04EED0B64F2092642, 67B34F6EDF0BA7C2C2BD11D6F8423FAB7AE6D7672220AACE31B632081EA25E35 ] C:\Program Files\IDT\WDM\beats64.exe
17:08:04.0464 0x04dc  BeatsOSDApp - ok
17:08:04.0465 0x04dc  SysTrayApp - ok
17:08:04.0619 0x04dc  [ 6C1D16D4275DBC2B4D05377BF9408319, 38443F6EDB2E4C0210BC8A157C0699E63450ED4F1CE5C2A8D45ACC7A6BB67314 ] C:\Program Files\AMD\CNext\CNext\cnext.exe
17:08:04.0710 0x04dc  StartCN - ok
17:08:04.0755 0x04dc  [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
17:08:04.0772 0x04dc  avgnt - ok
17:08:04.0812 0x04dc  [ 257733A9EE4FFFC2842CE4F294367A9D, AE55D3FBB85D8754515BA1DFBDF86894000F722FA6CD5C4231174600727F2031 ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
17:08:04.0819 0x04dc  Avira Systray - ok
17:08:04.0871 0x04dc  [ 793D7221E5EC69EA615349A13B702B8C, 1545C9634A6599FE4B35419B1B40932797FE2E7DF0B5F27D6698810CC075CF86 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
17:08:04.0891 0x04dc  SunJavaUpdateSched - ok
17:08:04.0954 0x04dc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:08:05.0023 0x04dc  Sidebar - ok
17:08:05.0036 0x04dc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:08:05.0048 0x04dc  mctadmin - ok
17:08:05.0069 0x04dc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:08:05.0094 0x04dc  Sidebar - ok
17:08:05.0098 0x04dc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:08:05.0110 0x04dc  mctadmin - ok
17:08:05.0110 0x04dc  Waiting for KSN requests completion. In queue: 284
17:08:06.0110 0x04dc  Waiting for KSN requests completion. In queue: 284
17:08:07.0110 0x04dc  Waiting for KSN requests completion. In queue: 284
17:08:07.0876 0x06a0  Object required for P2P: [ 8305FB462C325A67628E0556DF244B8B ] TeamViewer
17:08:08.0110 0x04dc  Waiting for KSN requests completion. In queue: 84
17:08:09.0110 0x04dc  Waiting for KSN requests completion. In queue: 84
17:08:10.0110 0x04dc  Waiting for KSN requests completion. In queue: 84
17:08:10.0630 0x06a0  Object send P2P result: true
17:08:10.0638 0x06a0  Object required for P2P: [ AA3E844A2595B1AA5825C70CA50D963E ] wuauserv
17:08:11.0110 0x04dc  Waiting for KSN requests completion. In queue: 14
17:08:12.0110 0x04dc  Waiting for KSN requests completion. In queue: 14
17:08:13.0110 0x04dc  Waiting for KSN requests completion. In queue: 14
17:08:13.0393 0x06a0  Object send P2P result: true
17:08:13.0395 0x06a0  Object required for P2P: [ 793D7221E5EC69EA615349A13B702B8C ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
17:08:14.0110 0x04dc  Waiting for KSN requests completion. In queue: 5
17:08:15.0110 0x04dc  Waiting for KSN requests completion. In queue: 5
17:08:16.0110 0x04dc  Waiting for KSN requests completion. In queue: 5
17:08:16.0137 0x06a0  Object send P2P result: true
17:08:17.0121 0x04dc  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
17:08:17.0124 0x04dc  Win FW state via NFP2: disabled ( trusted )
17:08:19.0798 0x04dc  ============================================================
17:08:19.0798 0x04dc  Scan finished
17:08:19.0798 0x04dc  ============================================================
17:08:19.0803 0x0a30  Detected object count: 0
17:08:19.0803 0x0a30  Actual detected object count: 0
         

Alt 12.12.2015, 17:18   #5
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 - Standard

Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4



Ist die Mail noch vorhanden bzw. kannst Du diese weiterleiten?

Schritt 1
Echtzeitschutz des Virenscanners abschalten.



Schritt 2
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 12.12.2015, 18:25   #6
limit123
 
Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 - Standard

Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4



Die Mail ist schon gelöscht.
Hatte vier Fehlermeldungen bei ComboFix, Bilder im Anhang.


Code:
ATTFilter
ComboFix 15-12-12.01 - **** 12.12.2015  18:00:50.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8148.5420 [GMT 1:00]
ausgeführt von:: c:\users\****\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\****\3083d5e4577040599401e338798487e5.jpg
c:\users\****\AppData\Local\Temp\7zS3986\HPSLPSVC64.DLL
c:\users\****\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\windows\Downloaded Program Files\IDropPTB.dll
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
-------\Service_HPSLPSVC
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-11-12 bis 2015-12-12  ))))))))))))))))))))))))))))))
.
.
2015-12-12 17:05 . 2015-12-12 17:05	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-12-12 13:13 . 2015-12-12 13:15	--------	d-----w-	C:\FRST
2015-12-12 00:05 . 2015-12-12 13:38	192216	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-12-12 00:05 . 2015-12-12 00:05	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2015-12-12 00:05 . 2015-12-12 00:05	--------	d-----w-	c:\programdata\Malwarebytes
2015-12-12 00:05 . 2015-10-05 08:50	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-12-12 00:05 . 2015-10-05 08:50	109272	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-12-12 00:05 . 2015-10-05 08:50	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-12-06 14:15 . 2015-12-06 14:15	--------	d-----w-	c:\users\****\AppData\Roaming\library_dir
2015-12-06 14:14 . 2015-12-06 14:24	--------	d-----w-	c:\users\****\AppData\Roaming\Raptr
2015-12-06 14:14 . 2015-12-06 14:15	--------	d-----w-	c:\program files (x86)\Raptr
2015-12-06 14:14 . 2015-12-06 14:14	--------	d-----w-	c:\users\****\AppData\Local\AMD
2015-12-06 14:13 . 2015-12-06 14:13	--------	d-----w-	c:\program files (x86)\AMD
2015-12-06 14:06 . 2015-12-06 14:14	--------	d-----w-	c:\program files\AMD
2015-12-03 00:30 . 2015-12-03 00:30	--------	d-----w-	c:\users\****\AppData\Local\CrashRpt
2015-12-02 00:01 . 2015-12-02 00:01	--------	d-----w-	c:\users\****\AppData\Local\LogView Studio
2015-12-02 00:00 . 2015-12-02 00:00	--------	d-----w-	c:\program files (x86)\LogView Studio
2015-12-01 23:13 . 2015-12-01 23:14	--------	d-----w-	c:\users\****\AppData\Local\NETGEARGenie
2015-12-01 23:13 . 2015-12-01 23:13	369168	----a-w-	c:\windows\system32\wpcap.dll
2015-12-01 23:13 . 2015-12-01 23:13	35344	----a-w-	c:\windows\system32\drivers\npf.sys
2015-12-01 23:13 . 2015-12-01 23:13	106000	----a-w-	c:\windows\system32\packet.dll
2015-12-01 23:10 . 2015-12-01 23:10	--------	d-----w-	c:\program files (x86)\Common Files\Java
2015-11-18 13:18 . 2015-11-18 13:23	--------	d-----w-	c:\programdata\Easybits Magic Desktop for HP
2015-11-18 08:20 . 2015-11-18 08:20	118608	----a-w-	c:\windows\system32\amdave64.dll
2015-11-18 08:20 . 2015-11-18 08:20	110344	----a-w-	c:\windows\SysWow64\amdave32.dll
2015-11-18 08:20 . 2015-11-18 08:20	141792	----a-w-	c:\windows\system32\amdhcp64.dll
2015-11-18 08:20 . 2015-11-18 08:20	128384	----a-w-	c:\windows\SysWow64\amdhcp32.dll
2015-11-18 08:20 . 2015-11-18 08:20	78432	----a-w-	c:\windows\system32\atimpc64.dll
2015-11-18 08:20 . 2015-11-18 08:20	78432	----a-w-	c:\windows\system32\amdpcom64.dll
2015-11-18 08:20 . 2015-11-18 08:20	71704	----a-w-	c:\windows\SysWow64\atimpc32.dll
2015-11-18 08:20 . 2015-11-18 08:20	71704	----a-w-	c:\windows\SysWow64\amdpcom32.dll
2015-11-18 08:20 . 2015-11-18 08:20	120656	----a-w-	c:\windows\system32\atiu9p64.dll
2015-11-18 08:19 . 2015-11-18 08:19	9017808	----a-w-	c:\windows\system32\atiumd6a.dll
2015-11-18 08:19 . 2015-11-18 08:19	10815664	----a-w-	c:\windows\system32\atiumd64.dll
2015-11-18 08:17 . 2015-11-18 08:17	296648	----a-w-	c:\windows\system32\drivers\amdacpksd.sys
2015-11-18 08:13 . 2015-11-18 08:13	23960064	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2015-11-18 08:08 . 2015-11-18 08:08	235008	----a-w-	c:\windows\system32\clinfo.exe
2015-11-18 08:08 . 2015-11-18 08:08	49984000	----a-w-	c:\windows\system32\amdocl64.dll
2015-11-18 08:02 . 2015-11-18 08:02	41510912	----a-w-	c:\windows\SysWow64\amdocl.dll
2015-11-18 07:58 . 2015-11-18 07:58	65024	----a-w-	c:\windows\system32\OpenCL.dll
2015-11-18 07:57 . 2015-11-18 07:57	59392	----a-w-	c:\windows\SysWow64\OpenCL.dll
2015-11-18 07:50 . 2015-11-18 07:50	27596288	----a-w-	c:\windows\system32\amdocl12cl64.dll
2015-11-18 07:49 . 2015-11-18 07:49	22348288	----a-w-	c:\windows\SysWow64\amdocl12cl.dll
2015-11-18 05:50 . 2015-11-18 05:50	677888	----a-w-	c:\windows\system32\amdlvr64.dll
2015-11-18 05:48 . 2015-11-18 05:48	562688	----a-w-	c:\windows\SysWow64\amdlvr32.dll
2015-11-18 05:46 . 2015-11-18 05:46	127488	----a-w-	c:\windows\system32\mantle64.dll
2015-11-18 05:46 . 2015-11-18 05:46	113664	----a-w-	c:\windows\SysWow64\mantle32.dll
2015-11-18 05:46 . 2015-11-18 05:46	6643200	----a-w-	c:\windows\system32\amdmantle64.dll
2015-11-18 05:14 . 2015-11-18 05:14	5223936	----a-w-	c:\windows\SysWow64\amdmantle32.dll
2015-11-18 04:48 . 2015-11-18 04:48	96256	----a-w-	c:\windows\system32\mantleaxl64.dll
2015-11-18 04:48 . 2015-11-18 04:48	89088	----a-w-	c:\windows\SysWow64\mantleaxl32.dll
2015-11-18 04:05 . 2015-11-18 04:05	31376896	----a-w-	c:\windows\system32\atio6axx.dll
2015-11-18 03:43 . 2015-11-18 03:43	367104	----a-w-	c:\windows\system32\atiapfxx.exe
2015-11-18 03:43 . 2015-11-18 03:43	62464	----a-w-	c:\windows\system32\aticalrt64.dll
2015-11-18 03:43 . 2015-11-18 03:43	52224	----a-w-	c:\windows\SysWow64\aticalrt.dll
2015-11-18 03:43 . 2015-11-18 03:43	55808	----a-w-	c:\windows\system32\aticalcl64.dll
2015-11-18 03:43 . 2015-11-18 03:43	49152	----a-w-	c:\windows\SysWow64\aticalcl.dll
2015-11-18 03:43 . 2015-11-18 03:43	15711744	----a-w-	c:\windows\system32\aticaldd64.dll
2015-11-18 03:40 . 2015-11-18 03:40	25840128	----a-w-	c:\windows\SysWow64\atioglxx.dll
2015-11-18 03:40 . 2015-11-18 03:40	865280	----a-w-	c:\windows\system32\coinst_15.30.dll
2015-11-18 03:40 . 2015-11-18 03:40	14302208	----a-w-	c:\windows\SysWow64\aticaldd.dll
2015-11-18 03:32 . 2015-11-18 03:32	50688	----a-w-	c:\windows\system32\amdmmcl6.dll
2015-11-18 03:32 . 2015-11-18 03:32	39424	----a-w-	c:\windows\SysWow64\amdmmcl.dll
2015-11-18 03:26 . 2015-11-18 03:26	442368	----a-w-	c:\windows\system32\atidemgy.dll
2015-11-18 03:26 . 2015-11-18 03:26	223744	----a-w-	c:\windows\system32\dgtrayicon.exe
2015-11-18 03:25 . 2015-11-18 03:25	162304	----a-w-	c:\windows\system32\atieah64.exe
2015-11-18 03:25 . 2015-11-18 03:25	145408	----a-w-	c:\windows\SysWow64\atieah32.exe
2015-11-18 03:25 . 2015-11-18 03:25	204800	----a-w-	c:\windows\system32\amdgfxinfo64.dll
2015-11-18 03:25 . 2015-11-18 03:25	189952	----a-w-	c:\windows\SysWow64\amdgfxinfo32.dll
2015-11-18 03:25 . 2015-11-18 03:25	31744	----a-w-	c:\windows\system32\atimuixx.dll
2015-11-18 03:25 . 2015-11-18 03:25	552448	----a-w-	c:\windows\system32\atieclxx.exe
2015-11-18 03:24 . 2015-11-18 03:24	246272	----a-w-	c:\windows\system32\atiesrxx.exe
2015-11-18 03:22 . 2015-11-18 03:22	190976	----a-w-	c:\windows\system32\atitmm64.dll
2015-11-18 02:58 . 2015-11-18 02:58	89088	----a-w-	c:\windows\system32\atisamu64.dll
2015-11-18 02:58 . 2015-11-18 02:58	80896	----a-w-	c:\windows\SysWow64\atisamu32.dll
2015-11-18 02:54 . 2015-11-18 02:54	1272832	----a-w-	c:\windows\system32\atiadlxx.dll
2015-11-18 02:54 . 2015-11-18 02:54	941568	----a-w-	c:\windows\SysWow64\atiadlxy.dll
2015-11-18 02:54 . 2015-11-18 02:54	941568	----a-w-	c:\windows\SysWow64\atiadlxx.dll
2015-11-18 02:54 . 2015-11-18 02:54	75776	----a-w-	c:\windows\system32\atig6pxx.dll
2015-11-18 02:54 . 2015-11-18 02:54	70144	----a-w-	c:\windows\SysWow64\atiglpxx.dll
2015-11-18 02:54 . 2015-11-18 02:54	70144	----a-w-	c:\windows\system32\atiglpxx.dll
2015-11-18 02:54 . 2015-11-18 02:54	157696	----a-w-	c:\windows\system32\atig6txx.dll
2015-11-18 02:53 . 2015-11-18 02:53	142336	----a-w-	c:\windows\SysWow64\atigktxx.dll
2015-11-18 02:53 . 2015-11-18 02:53	671232	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2015-11-18 02:45 . 2015-11-18 02:45	195072	----a-w-	c:\windows\system32\hsa-thunk64.dll
2015-11-18 02:45 . 2015-11-18 02:45	174592	----a-w-	c:\windows\SysWow64\hsa-thunk.dll
2015-11-18 02:43 . 2015-11-18 02:43	43520	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2015-11-14 12:43 . 2015-11-14 12:43	--------	d-----w-	c:\program files\Senselock
2015-11-14 12:43 . 2015-11-14 12:43	--------	d-----w-	c:\users\****\.AnyLogicUniversity
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-12-09 15:57 . 2012-06-15 00:12	796864	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-12-09 15:57 . 2012-06-15 00:12	142528	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-01 23:09 . 2014-01-20 05:04	110176	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2015-12-01 11:08 . 2013-08-07 07:40	75472	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2015-12-01 11:08 . 2013-08-07 07:40	162072	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2015-12-01 11:08 . 2013-08-07 07:40	140448	----a-w-	c:\windows\system32\drivers\avipbb.sys
2015-11-18 08:20 . 2012-12-25 19:45	133016	----a-w-	c:\windows\SysWow64\atiuxpag.dll
2015-11-18 08:20 . 2012-09-28 01:11	152568	----a-w-	c:\windows\system32\atiuxp64.dll
2015-11-18 08:20 . 2012-02-14 13:12	102616	----a-w-	c:\windows\SysWow64\atiu9pag.dll
2015-11-18 08:20 . 2012-02-14 14:17	1496736	----a-w-	c:\windows\system32\aticfx64.dll
2015-11-18 08:20 . 2012-12-25 19:45	1229984	----a-w-	c:\windows\SysWow64\aticfx32.dll
2015-11-18 08:20 . 2012-02-14 13:52	13189336	----a-w-	c:\windows\system32\atidxx64.dll
2015-11-18 08:20 . 2012-12-25 19:44	10907328	----a-w-	c:\windows\SysWow64\atidxx32.dll
2015-11-18 08:19 . 2012-09-28 01:22	8089248	----a-w-	c:\windows\SysWow64\atiumdva.dll
2015-11-18 08:19 . 2012-09-28 02:23	9070320	----a-w-	c:\windows\SysWow64\atiumdag.dll
2015-09-18 00:38 . 2015-09-18 00:38	96256	----a-w-	c:\windows\system32\drivers\AtihdW76.sys
2015-09-18 00:37 . 2015-09-18 00:37	103424	----a-w-	c:\windows\system32\DelayAPO.dll
2015-09-15 02:42 . 2015-09-15 02:42	0	----a-w-	c:\windows\SysWow64\REN904.tmp
2010-01-15 08:36 . 2013-07-15 19:56	75040	----a-w-	c:\program files (x86)\Common Files\SpeechUninstall.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-12-01 803200]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-07-14 190032]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-11-09 596528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
R2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R3 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
R3 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys;c:\windows\SYSNATIVE\DRIVERS\silabenm.sys [x]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys;c:\windows\SYSNATIVE\DRIVERS\silabser.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 mitsijm2013;Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager;c:\program files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys;c:\windows\SYSNATIVE\drivers\tihub3.sys [x]
S3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys;c:\windows\SYSNATIVE\drivers\tixhci.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2015-12-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-15 15:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2012-03-30 37888]
"StartCN"="c:\program files\AMD\CNext\CNext\cnext.exe" [2015-11-18 4859592]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ad9t3kb0.default-1386566844496\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SysTrayApp - c:\program files (x86)\IDT\WDM\sttray64.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.20"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OOSE05.00.00.01PRO"="B2A1C7A07AB1295CD932C0F95361349DEB8CCBA3BEA04C52E4B7FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808C038D530D6EB3452C038D530D6EB34528EDD5E5BE2F6E667A13C96BBE6B4B42C92B3DD54E2AA6586D788FBF2C8C0AA9448DF228F79780B970EE151CE1D9420AF8DA601FAC12D4A36C4FA6241121CF66F50ED2D4F92B6F6FEEDB17EAE7A52E6BC9B4CC781129DA4CABE99CA01224BD1076299AB54808974447E120D34184B12D6D300C06091DD6DF2D65303660353C859A888CB2EB33DC0CFA2FE2DE96EB12F7472AF3EBF64A3A353BFAD9F551F90E956ED72052201F01C82DE84D391DC095002D35F577D93F84C8353BF766A483048E225268CA42397CAAB5FC5BA9F25298A5DFC286429873CEA8F0B35257431B47CD96184DE65367B94926F785E3D6DC078D91331050C121E0D77875007F3F3F6A1065D033DBF3CB548F00268804541CF36BEE23E9A1CE5A43FAF8DE3C1218B21D82973AAABC99A37B574AD72A64A0FABE64659204B0919AA149F85D93CE55AB04479A718F14A9B4431402B89980F277CAE200B3E81B4A95CA3A3F8AC216123F80C9E1D7D1B3CEAF29369D9B3E38DC13E39EE2E146B32F43C888C1AEC60658EA15CB59B217A509AB039F93A8B5AF07944B2CA9DB1FB4D3FA0DF1D3CBEACF8A9A463D092D8A16921BD0370F2BF919A4BB04DBE58B967022FB1CD8DD55C7C56E3D056F29195689ED52C56BE4E90611F9BFCBE4781632A83516F770B058F8B6B92C96C184E576C3D78E39ACA3856E7C62EF6BF5A5F79003593A989B4883AD8DCEC84E0AA20B20DC229A2BDEDC47A868D303E0F5DDCDBECB3CA87B01E44CFA87E90CDF20D8551EF636C75AE77A9FBE0A5ADC7ED2B89FDB549AD0221CFBE5980DC7D4267931FF07A072D43E3A9BFECE0F01BDD22941867E57958661146A6F2AC3519578507B0E2DA49B84154B885F1348BCD1B74DADE334AF8C8D83AF0CACB3B7AA9511926240B017840FB7ECF9C48CB3E00F135B6DA0FF531634CDC349F2980D35C4D71A086E4201958D2E00D4BBB5C0C502532D0A741BFC0EF0CB9683B63931BC238E11B087B31E27BFA0281FAAFDF28C150C3C90A1EBFF798B51958DA66CEDECFD5C2AF7DF17141867A6A353B1992FC39DD43B5E91356DCED3BC4C4DDB252625D3B70EAE07C5ED3BA2EA5203B847624038F8D98D01DA3A963E00CE149DB7F9B2756C84DCE64BD6DBDC5C532528E5071CBF905EF6C528FCACE4341D7C30B7F344CE2B04D8608981619455DCAFAE9296628858FAA92D7C3616DCDBAC11A7C3C8C53758ED26F57B809BA030742D15D4DBD0C7095A9386B2D44DDC25331BA8065B4A3F3CF3A1158AFB672AC5E629AC24FE2D2C98446F859FE7C23B869293BFAEDF6891A"
"OOSE06.00.00.01PRO"="40480E65DC60429622B70C446B8459C8838826A54852934E08A96DB1CB44E21B6E10717A2529D1B0D954E2E70907D597EDDD1FBB3C0BFCE3B9997B19E38D64C8FAC667A62B25FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407FEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D67945F98AB2225D6097175BC89A5BC0F8497A4820B37A19AA9624D378521FC5174D96E1985DFF8D808D99C71886961BF582050BA8C0915309AF578D6E848C5AC8BDDE0D2FBE985DC03D576C1A7762D6F592FC020A15487849DE7C44D09F2553294262C0E57849C8D9335B8A51DCAC5C8209A907D0CF09466E738575655F15E74827C9497D599225B89286F1B1209663E771F309E0358E9E6E24B2330B2B8A244FC8EB63CA73411FB68C47A222577DC856259E6D4B0AACCDB2D67F29CF65FFBB8DCE90053F106F4E569838EBE677E0C17134C4BF8B5AA136117B8E463F0A1562E3106B2B14E6570D4F542B279602CE931745ECBE025BE2953A64D6ACEDFE031443D3867B34949B8CAAFC2426009338053205AA76D83728C56959A482DF61EA2DBF6BF883963CF158B68A96E83CF6A6DC2696D747ECE74D24D51761B525E03D09E88BB53A613B9669DA702B9F61749640AD3AA1A797416A1E5FA1C4D13325C7975D0B0DB62406A9ACE29B6FBD334EFAAF5188857C858D0350C68ACA2CB03186C11620609D8C7ECB8AE5D1AE1B7711E9B16A162BA59503E5CF1A32AAF59D4CB0EE4050A15797B6DD991E6636A410D3CA3C091742A1F289D7A1069FB601F9EAE56A6B0EB0EB71F3C2B8E1DA96916B8D24790BDE2DE0C9FD1079C2C6EEF85CC1B52511640590C6ECEEC838CEB07DE9A8E1B60AC33E49CE7E08C1990AFF275401421A5167FAAF013BD769074893EC84D444AD19BD09DCDAAF6AA46EF544CDCCD3BF7A648078EE530462F18474A6083DD67924BFA89BCA17F62152B58D337303A591E1AF695E2EF5AC895432ED68FC4CE1347F3708E4B9B789593118B08C065C4D9718C21CFDB9699CB39FD82BBC4449505CCBB547827C817290085FEB14CF69B4D604CF8BF7FE36DF5C179D6EA4B3F9D9E9E5031C080B352D54BDB5B748DE2E3E6F06CE3CFA7694415E6A9EB3AC276C3E5CBA9C945DB70967B76AA7FD58FAD347E3A45FDD004B9059A7744BA629E2EDA85740091491292C11E9ACAFBC3305B1A9169F016F8176C079AD2496E80A72E274B51D031724FB4266262DA960BA0F9953E3ECDACDE379E984FEDF5E617F944E5A7ABDB844B16750D158D3D49E1E69599488C81F97E11EDF913D4CE368A82C1C1B1E0289EC3B9752FA4ED1841DD5CC08E993E70673AA17F61E9231E262588F9DE24E3FDC0ABE359BCA26CD45FF9B014D0BB4D481555BB7976F609EC31942246"
"OOSE07.00.00.01PRO"="191B7B2C4B2649F1FAE05C9DBE630C0D95A9B7E2850684A5E39585925607809C6BAEC7B752A556CB0A0E29FA9F29069B4C4C2710857F74D7593ED401A2A3AFE27009AA3E2F53C62CEE005D82CE9D2B82ED58568B7136B0A9EAA7299C489E8BCF04B2A7514820EBC0409281C4B9161EF96B20EB82DF814C8201B866CFA6F53718A6CA09BBE4CE99ACB53ADC86B43A04B4D48CD1554E10DBBEA66EBAB6827DD9647E01D7F5B377A984AFF9FCC0F30786D1E396B69B1B647A2D8C59932603DB20D153FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407A6A0AC4980AC7933FEBC9E127BECC74CA6171C11EC38DE3DEBA6FCCC7E7E19B6A40DE7DAEF34CFB7A32C4D9E31B5B7F73DFE5F908FFCCD42D324731D093605CA16A0C0573D8A75AB9329F5BD9B6CD5EE1C871D05F38BCA2B6D0253044EC00029385FC8210F1919256D7298D2716D68905D38EAB9528481752E886B3AC64E13DB95D38CB583A58F45EEEF9CC818ACB13795F82CA0F32E42D49CC03B5BC195B78D4AC5497B8FF6A251694D9EEB462467DF6979F88FF352CFA0D4F7F9E45FD2E10E05C6F1BAF7D710B241FBEDED09CDB42D95A79E41433DE05284C112BB17C2F1528BA8AD9ED89907F472AE8CE3BF2DB6E4653A9E5428419F09EFF31EA731A842F0B58256389F0F2E49075EB3C79CC480F0BCAAABCABA34AC896F28F152CBCC9DA570307A7D100E1E062247CD76A91F17DF1136308B66EF1BB76B3D934D5878C451BAD05DC440F46322F8E87A3141C6F3626EDB4760ED516FA1E554B98A9E796B782947744A1CA2FE3C53878E1E934D854EF06441F7E43BA77471D454613623B94164BA6AB0607AE69411AB1046A3C82F9F4DD52364B3133102B4E7050E0ECC4B782A951F7A2263838F21A13C974B4FC57146FE269D99C1EFC3EA7C1FAF6751318E47882490C6CAB1B50A79006234801308397036FB24343A5364C42E49580E6E17A2853FBF0A1E4335E407805D607A56C6937EF2BE3ADD5B6F04366EC24B66FA48B4446BB7F8537BDEDE629620A0E13FBAD6C433091434137BC00B5367FBC0C3010840580DF8DF16A638E7CA2A1E61778F1A9E7DE0BEAF12FD25C17F667D08283FBDB7E6383E413D26C7B85EDAD5A4151888AC8EAE9ACE82A1D19C4FD2362A7C278AAEAF16D4F6141AF637C579955B29C9DD555844DB92FCB579214F255F1B0901366B7A669B83AE63C10D262E833C34BE6EC0FDD10C81912DE31AC0B8075108389CF9C7CDC46F958739A4DC87157D2DB49FDDD76E0825439FEB94984B8D46AC5DAFA8CAD5D745472E0530F87417DD7D8DEC5BF213808A884600E40102AAF997A3F10B68E82F9634A45B223E4DA89D034FE23090207A43CD01A59F58E2E6EDE3E27CF83B59F8F4C1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-12-12  18:16:13 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-12-12 17:16
.
Vor Suchlauf: 15 Verzeichnis(se), 593.903.407.104 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 593.174.347.776 Bytes frei
.
- - End Of File - - CDFFBA524FA1061448BB0AF61190A8A6
5FB38429D5D77768867C76DCBDB35194
         
Miniaturansicht angehängter Grafiken
-dsc_0126.jpg   -dsc_0127.jpg   -dsc_0128.jpg   -dsc_0129.jpg  

Alt 12.12.2015, 18:30   #7
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 - Standard

Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4



Routinescans:

Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 2

  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass Deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3



Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 12.12.2015, 19:22   #8
limit123
 
Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 - Standard

Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4



Code:
ATTFilter
# AdwCleaner v5.024 - Bericht erstellt am 12/12/2015 um 18:43:41
# Aktualisiert am 07/12/2015 von Xplode
# Datenbank : 2015-12-12.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : **** - PC****
# Gestartet von : C:\Users\****\Desktop\AdwCleaner_5.024.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}]

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [991 Bytes] ##########
         

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 12.12.2015
Suchlaufzeit: 18:48
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.12.04
Rootkit-Datenbank: v2015.12.07.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: ****

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 375511
Abgelaufene Zeit: 24 Min., 52 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         

Code:
ATTFilter
LastRegBack: 2015-12-10 16:04

==================== Ende von FRST.txt ============================
         

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:12-12-2015
durchgeführt von **** (2015-12-12 19:16:18)
Gestartet von C:\Users\****\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-07-19 13:44:18)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1995632801-4156762099-2201499591-500 - Administrator - Disabled)
Gast (S-1-5-21-1995632801-4156762099-2201499591-501 - Limited - Disabled)
**** (S-1-5-21-1995632801-4156762099-2201499591-1000 - Administrator - Enabled) => C:\Users\****

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
ASUS VGA Driver (x32 Version: 3.0.0.1 - Ihr Firmenname) Hidden
Autodesk Inventor Professional 2013 (Version: 17.0.13800.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2013 Deutsch (German) (HKLM\...\Autodesk Inventor Professional 2013) (Version: 17.0.13800.0000 - Autodesk)
Autodesk Inventor Professional 2013 Language Pack - Deutsch (German) (Version: 17.0.13800.0000 - Autodesk) Hidden
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2013 (HKLM-x32\...\{27C6C0A2-2EC9-4FEA-BE2B-659EAAC2C68C}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Avira (HKLM-x32\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
BRAIN (HKLM-x32\...\{53B883F4-11BB-4289-A790-4DF90FAA61A6}) (Version: 1.0.011 - MSHeli)
Catalyst Control Center Next Localization BR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.24 - Piriform)
Chinese Traditional Fonts Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-2448-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2023 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DataExplorer (HKLM-x32\...\DataExplorer) (Version: 3.2.3 - )
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DWG TrueView 2013 (HKLM\...\DWG TrueView 2013) (Version: 19.0.55.0 - Autodesk)
DWG TrueView 2013 (Version: 19.0.55.0 - Autodesk) Hidden
Eco Materials Adviser for Autodesk Inventor 2013 (HKLM\...\{792A9A32-718A-40D1-9867-A903F76AE2F8}) (Version: 3.9.12.0 - Granta Design Limited)
Far Cry (Patch 1.4) (x32 Version: 1.00.0000 - Ubisoft) Hidden
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
HELI-X 6 Demo (HKLM-x32\...\89A8AC8E-9F17-4D16-B924-A5868A0290FC_is1) (Version:  - Michael Schreiner)
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{4F38594F-2C4A-4C42-B2C4-505E225F6F80}) (Version: 11.14.0004 - HP)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP TouchSmart Background - Beats (HKLM-x32\...\{6A6F8D36-04BA-41E9-9004-1789BD545874}) (Version: 1.0.1.0 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 5.10.0000.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Just Cause 3 (HKLM-x32\...\Steam App 225540) (Version:  - Avalanche Studios)
Liftoff (HKLM-x32\...\Steam App 410340) (Version:  - LuGus Studios)
LogView Studio 1.0.3662.0903 (HKLM-x32\...\{DA180FFA-233E-4142-8E9C-A7562D261D9C}) (Version: 1.0.3662.0903 - logview.info)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
micro_swloader (HKLM-x32\...\{CF676CCE-F4B1-4F31-9AF8-A2F9B2B5E47F}) (Version: 1.0.0 - Graupner)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Mp3tag v2.66 (HKLM-x32\...\Mp3tag) (Version: v2.66 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero WaveEditor (HKLM-x32\...\{A6903C5A-D90B-4877-A629-35436CAA62A3}) (Version: 12.0.00500 - Nero AG)
O&O SafeErase Professional (HKLM\...\{243176DB-549F-418F-AE20-731DCF0EA42D}) (Version: 7.0.165 - O&O Software GmbH)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
pean Engineering ViRA GUI (HKLM-x32\...\peanViRA) (Version:  - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Raptr (HKLM-x32\...\Raptr) (Version:  - )
RealFlight 7 R/C Simulator (HKLM-x32\...\RealFlight7Pro) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5119 - CyberLink Corp.) Hidden
Schnell-Deinstallations-Tool für Autodesk Inventor 2013 (HKLM\...\{D25FF5C1-1764-469A-9794-69309387C193}) (Version: 17.0.13800.0000 - Autodesk)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{987A5C7B-C24E-4305-AB26-91B7466DC8D6}) (Version: 6.5.3 - Silicon Laboratories, Inc.)
Spirit Setings version 1.3.0 (HKLM-x32\...\Spirit Setings_is1) (Version: 1.3.0 - Spirit System)
Spirit Settings version 1.3.2 (HKLM-x32\...\Spirit Settings_is1) (Version: 1.3.2 - Spirit System)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.19 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{63B7AC7E-0178-4F4F-A79B-08D97ADD02D7}) (Version: 4.5.11.0 - Husdawg, LLC)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45471 - TeamViewer)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{355FBD67-5A4F-44DA-86A1-56EEC4C20EC0}) (Version: 1.12.18.0 - Texas Instruments Inc.)
TI USB3 Host Driver (x32 Version: 1.12.18.0 - Texas Instruments Inc.) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows-Treiberpaket - Silicon Laboratories (silabenm) Ports  (10/18/2013 6.6.1.0) (HKLM\...\F92C2D6CB4EA0EE558BDF5F8BDD69083DFC62179) (Version: 10/18/2013 6.6.1.0 - Silicon Laboratories)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2013\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2013\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => Keine Datei

==================== Wiederherstellungspunkte =========================

29-11-2015 00:00:01 Geplanter Prüfpunkt
06-12-2015 01:14:36 Geplanter Prüfpunkt
06-12-2015 15:06:30 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
06-12-2015 15:09:32 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
12-12-2015 17:59:01 ComboFix created restore point

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-12-12 18:10 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {3C4C0669-CC05-4A15-8066-E59429FB371D} - System32\Tasks\{A537DF2E-536B-4052-B76F-5102B668C325} => pcalua.exe -a C:\Users\****\Desktop\HLC_1_setup.exe -d C:\Users\****\Desktop
Task: {3C7536F3-D88A-455A-A0E8-CD7ABA9C7830} - System32\Tasks\{677F7317-8AC4-4088-8516-A49FBD6B10AE} => pcalua.exe -a C:\Users\****\Desktop\sp57493.exe -d C:\Users\****\Desktop
Task: {44E3A3D3-02EF-4E76-B9F5-59CE569D6429} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe
Task: {4757814F-4AEF-4C99-9F3C-A9FD68D78A03} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd)
Task: {58887A2E-34C4-4785-99AC-8446350D1EC5} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe
Task: {6A5E421C-3EC2-4E7A-A22D-7E0200A7B8E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe
Task: {880DC1A5-9D5F-479D-AA19-AD406F55CF7B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {A4C7F641-1704-414A-A878-03079828899C} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2015-11-18] (Advanced Micro Devices, Inc.)
Task: {AB8DFF6D-0E81-4CD5-BA48-9E0EAB97E964} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {B893EBF6-A7AD-47BC-A2B5-03E33AB34734} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {D25217AC-ECF7-4169-B760-451487D96EE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {F4030DDB-6882-4786-A053-1FC01C509F0C} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
Task: {F9A1A948-875D-4278-A37C-5FAACB012FE9} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\****\Desktop\rcon.lnk -> C:\Users\****\722\reconnect.bat () <==== ACHTUNG

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-03-16 23:07 - 2011-03-16 23:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-12-12 18:45 - 2014-07-14 15:49 - 00049744 _____ () C:\Users\****\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2011-03-16 23:11 - 2011-03-16 23:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:69E87FA2
AlternateDataStreams: C:\ProgramData\Temp:A1EDB939
AlternateDataStreams: C:\ProgramData\Temp:A9967A61
AlternateDataStreams: C:\ProgramData\Temp:F4C624DE

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AML Device Install.lnk => C:\windows\pss\AML Device Install.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CLMLServer_For_P2G8 => "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
MSCONFIG\startupreg: CLVirtualDrive => "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
MSCONFIG\startupreg: HPSYSDRV => C:\Program Files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: Magic Desktop for HP notification => "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
MSCONFIG\startupreg: PC Speed Maximizer => C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe
MSCONFIG\startupreg: Power2GoExpress8 => NA
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{0CA4C219-D2FF-4925-A100-002A050A8347}] => (Allow) C:\windows\system32\ezSharedSvcHost.exe
FirewallRules: [TCP Query User{1F15562D-4477-4495-BF83-10CA4A51AE91}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{A0E3B18B-C147-4F87-8476-EF9FDAFC2A9D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{10B9C4EE-5A02-40FF-AC60-FE010C187CC8}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{7ACEB367-9734-43B9-8D27-EECBFD3BE282}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{A093E01C-8590-46FB-AC73-B1FA9D46FEE0}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{1C71FA02-488B-4BBB-9C07-3CB10102F119}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [TCP Query User{C6AB6512-6992-43A3-9786-218075074358}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{F7AAE679-C5FD-408A-955C-E379472A191A}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{FB28BF63-0D98-4632-ACB6-E1261CBC7155}C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe] => (Allow) C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe
FirewallRules: [UDP Query User{74E6EBAF-8C06-4CFC-A2D8-38348FDEB5BA}C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe] => (Allow) C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe
FirewallRules: [TCP Query User{C38F944F-3CC4-4EAD-9032-A795D293F9ED}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{67EDAE0E-1A4D-4DC6-B615-5865594E12C6}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{D533ACE1-703A-4F4E-8D79-DFC748CC5BF5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0D363802-E3D8-47FB-BED6-4E5DD5136E09}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4FF8F7D5-D4A6-48B0-846A-8EADC78F7F4C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2B0ED474-46F6-43EC-BC7A-108A40C706CB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D37A6766-9BEE-44F5-9E78-F85A79E0B3CB}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{ADE2E185-AA3C-42FE-80B2-0726539EEF6D}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{BD2E5E50-A169-445A-AE85-0786FFB899BF}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{F4C9D4F1-B852-451A-9C4E-9F5EF0CDD567}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{C3EB01E8-2610-4FCB-9757-C1CF67D46B97}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{8ACF6C73-622B-41AD-94F0-8F3752EDFE87}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{7C3CBB65-C7A8-40CD-B86E-D090C5404E6A}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{9146A497-5E21-4B26-94B8-293049A3C39E}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{B2520B06-0FB1-48C1-9F53-3E0B623372A8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BCFE86BD-DB5E-4651-88B9-BE7D70F2D229}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CC2A9BA8-7C5F-497B-95FC-AFF8059A67FE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{659F1755-810C-4E04-B206-1BB5950E45D5}] => (Allow) LPort=2869
FirewallRules: [{38C3A283-C44C-4DB9-8626-52320370A30D}] => (Allow) LPort=1900
FirewallRules: [{C862143F-9205-4FBD-AE3A-851C214D3A31}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{574E5B55-57BA-4CBA-907A-3FB8ABDB3362}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{1447A363-6092-4187-AA6B-FA9FE6C743D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{17CA7FB0-CAB0-4ADB-A015-29C1B335BD16}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [{5586DDD4-6179-4F16-BBC9-8BF7EB3FEB95}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [{BB564BCB-6B46-47A5-A064-DCFB8D0265C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{E11033AF-AA39-43F8-8341-F0BF1D44C18E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{35D3EE86-2C67-4708-BD69-1C5E3A576D97}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{7101A799-AFA9-45A3-A94C-F97E93203AF8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{209E662D-1234-4A04-A133-83B8D0B915A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{62B884DC-097D-4674-B28F-530FCCD9BD6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{40CF2E32-BB56-4D09-9E85-67775B2CC5A2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{635B6BF8-48D1-4607-9141-494D12FF43D4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9D4BE28F-F714-4082-A955-C31C3B6A3D70}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{DEDABECB-13DD-4663-B186-CB992384C136}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{7D717DC3-3015-45CE-B53F-03A890DA6FE2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{A7642D2E-9A3C-4C8E-8C34-B839831C6EA2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [TCP Query User{585D20FF-FFFB-4A4F-95CE-79BE40130872}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{9B277FB6-FAC9-4A34-8142-CFF23005200F}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{484B8FC8-6D5C-4B91-80B5-695DC099CFB2}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FA187F3F-8067-466D-AE20-D89C1C0F0A3C}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{324E9F23-921A-467D-9D8C-7B3C1401734A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D5F12BEC-E121-47BC-A24F-100CC7652192}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4F98A6DA-0E4C-45AE-95D5-A5521676C57D}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{B71443F8-6917-47D9-AA2B-4F9DF604C604}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{5CC183D8-E479-4E2F-A3B5-6054E535214D}C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe] => (Allow) C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe
FirewallRules: [UDP Query User{2A586386-019A-4812-9E1E-3BA53D3DDF3A}C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe] => (Allow) C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe
FirewallRules: [{869B0E7E-E2E1-49EA-A47C-E921427B3E95}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5D658E47-57C5-4C7E-B9FE-6C05E5033FC9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{26FB34FD-F080-4650-A5D4-8DF7F8DA93B7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3DD2042A-C02F-432E-9239-0CAB8D9F3CF4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{485E766C-9DAE-42B4-8540-8C21702ED382}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{1751019A-0251-4890-A506-A449A634ACAE}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{A06914C2-2A3C-4C5A-B9CF-93D043C06B24}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{26F3272A-FEDE-4824-B4CE-82725EBC85ED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{88039C32-0C27-45E1-BA65-533293612BB3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7713BDBE-8451-4692-A95A-3A93BA995E39}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B1D7B712-D62D-48B0-9862-2CA82471F75F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C2F5D914-C3F2-4775-8C9E-91F8978C53A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{E9686FED-6C22-4FED-9D77-C8E038448C61}C:\program files\anylogic 7 personal learning edition\anylogic.exe] => (Block) C:\program files\anylogic 7 personal learning edition\anylogic.exe
FirewallRules: [UDP Query User{1999BA5E-4B41-422B-9140-1C19F0980561}C:\program files\anylogic 7 personal learning edition\anylogic.exe] => (Block) C:\program files\anylogic 7 personal learning edition\anylogic.exe
FirewallRules: [TCP Query User{5F8353B4-062E-4578-9226-3D0B1E00792E}C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe] => (Allow) C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe
FirewallRules: [UDP Query User{5B0F36D9-1458-4F2F-AD37-57417A307214}C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe] => (Allow) C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe
FirewallRules: [TCP Query User{4CFD5C25-C032-4987-A965-D5D2822074D7}C:\program files (x86)\anylogic 6 university\anylogic.exe] => (Allow) C:\program files (x86)\anylogic 6 university\anylogic.exe
FirewallRules: [UDP Query User{41EF9D8E-B5E4-49F9-8653-08D2F2CCD939}C:\program files (x86)\anylogic 6 university\anylogic.exe] => (Allow) C:\program files (x86)\anylogic 6 university\anylogic.exe
FirewallRules: [{C45A0356-E7DE-4656-B419-550E7C942D4F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Liftoff\Liftoff.exe
FirewallRules: [{93CF18BD-410E-45DF-BE45-A993CF536A7A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Liftoff\Liftoff.exe
FirewallRules: [TCP Query User{6FBEAB9C-59DA-4D74-B67D-9B7945AB8B30}C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe] => (Allow) C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe
FirewallRules: [UDP Query User{3E1FEF2A-A18F-47E8-ACDE-D1E4D6D1DEB2}C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe] => (Allow) C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe
FirewallRules: [{F52DF749-EB34-4F87-A374-3595A6F552D7}] => (Allow) C:\Program Files (x86)\LogView Studio\Database\mysql5.6\Windows32\bin\mysqld.exe
FirewallRules: [{49E3AB20-6C8C-43DD-8FF1-F9C9A12E47BC}] => (Allow) C:\Program Files (x86)\LogView Studio\Database\mysql5.6\Windows64\bin\mysqld.exe
FirewallRules: [{CBCBA133-3DCB-40E1-8A8A-E26630DE5320}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{2A4A51CA-ED4B-4CC5-9842-2881FF9557B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{7E3E80F1-26D2-44FC-800D-0920C2FEC7CC}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{B053A559-73F0-4B63-B042-763E0DCD9696}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{AE046801-F22D-4556-A0A8-82E9F699465D}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{D94F3F36-E469-4080-8E53-BD558D460601}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/12/2015 06:51:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (12/12/2015 06:51:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (12/12/2015 06:51:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (12/12/2015 06:47:01 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/12/2015 06:46:51 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/12/2015 06:46:39 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/12/2015 06:13:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (12/12/2015 06:13:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (12/12/2015 06:13:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (12/12/2015 06:11:19 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()


Systemfehler:
=============
Error: (12/12/2015 06:47:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (12/12/2015 06:46:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/12/2015 06:46:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/12/2015 06:44:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Druckwarteschlange" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (12/12/2015 06:44:40 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "Spooler" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (12/12/2015 06:44:11 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (12/12/2015 06:43:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/12/2015 06:43:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/12/2015 06:43:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/12/2015 06:43:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2015-12-12 18:05:26.824
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-12-12 18:05:26.779
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-3450 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 8148.01 MB
Verfügbarer physikalischer RAM: 6235.82 MB
Summe virtueller Speicher: 16294.23 MB
Verfügbarer virtueller Speicher: 13835.99 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:914.41 GB) (Free:552.11 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Daten) (Fixed) (Total:16.88 GB) (Free:16.76 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 568CEE24)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 12.12.2015, 19:24   #9
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 - Standard

Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4



OK, jetzt bitte Suchscan mit ESET:

Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 12.12.2015, 21:22   #10
limit123
 
Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 - Standard

Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4



Hier der Log, Avira hat auch gemeckert...

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=63908c7e8d0f9c4386ac8011505e8347
# end=init
# utc_time=2015-12-12 06:46:50
# local_time=2015-12-12 07:46:50 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 27167
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=63908c7e8d0f9c4386ac8011505e8347
# end=updated
# utc_time=2015-12-12 06:48:33
# local_time=2015-12-12 07:48:33 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=63908c7e8d0f9c4386ac8011505e8347
# engine=27167
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-12 08:19:31
# local_time=2015-12-12 09:19:31 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 573995 201581421 0 0
# scanned=232530
# found=9
# cleaned=0
# scan_time=5458
sh=C3DEFA5E775E1CE7EEA8FAE67FA3E504A513DF4F ft=1 fh=eb3ef09612dbcc7f vn="Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\BrowerWatchCH.dll.vir"
sh=7F80338F92F336DF2F747EE304EA99F98733D7EF ft=1 fh=a20bcc0e72d988a6 vn="Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\BrowerWatchFF.dll.vir"
sh=5D628376391A827A818B0A079B64EE457AE9B82A ft=1 fh=c71c0011e2e7a7a5 vn="Variante von Win32/ELEX.DH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\BrowserAction.dll.vir"
sh=34560DDE92CC541AE16932D02887F5CE880DC4C8 ft=1 fh=e95166d450b773b3 vn="Variante von Win32/ELEX.CY evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\CmdShell.exe.vir"
sh=1C88A7C4FD5E9BBE5F558AB731149EC1E59A67AC ft=0 fh=0000000000000000 vn="Win32/Toolbar.TNT2.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\ffsearch_toolbar!1.0.0.1031.xpi.vir"
sh=A71D8EBDBF6DB1BF2092D520DBD79481F74F141C ft=1 fh=e8458438005d3d26 vn="Variante von Win32/ELEX.DK evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\HPNotify.exe.vir"
sh=948691DF20AD5F76AEBE6CE8DBA1F967C8B6BD0F ft=1 fh=fe4bd6b5ea25d889 vn="Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\IeWatchDog.dll.vir"
sh=30A0B06E5FCAD6ED80904CCE0D7E1381168083DB ft=1 fh=294b55fbb91ab494 vn="Variante von Win32/ELEX.EE evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\ProtectService.exe.vir"
sh=71D99FDEF48B6FDB438667909B2890E1EE58F983 ft=1 fh=ee8c3f688aac34ed vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\SWSETUP\APP\Applications\Corel\WinZipTrial\16.0\src\winzip160.exe"
         
Miniaturansicht angehängter Grafiken
-avira.jpg   -avira2.jpg  

Alt 13.12.2015, 09:34   #11
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 - Standard

Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4



Zu Avira sag ich besser nichts...

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 13.12.2015, 11:38   #12
limit123
 
Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 - Standard

Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4



Hallo,
wie meinst du? sollte ich einen anderen Virenschutz nehmen?
Direkt Probleme mit dem PC gab/gibt es nicht, ist er jetzt sicher? Oder war er garnicht wirklich infiziert? Der Online Scanner hat ja 9 Sachen gefunden oder sind die harmlos?

Danke

Alt 13.12.2015, 16:32   #13
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 - Standard

Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4



Die Funde sind irrelevant weil Quarantäne oder PUP.

Bitte noch ein frisches FRST-Log bevor wir dann fertig sind:

Schritt 1



Bitte starte FRST erneut, und drücke auf Untersuchen.
Bitte poste mir den Inhalt des Logs.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 13.12.2015, 16:41   #14
limit123
 
Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 - Standard

Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4



Ok, hier die Logs

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-12-2015
durchgeführt von **** (Administrator) auf PC**** (13-12-2015 16:34:40)
Gestartet von C:\Users\****\Desktop
Geladene Profile: **** (Verfügbare Profile: ****)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
( ) C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-03-30] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-10-23] (IDT, Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2012-02-07] (Autodesk, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{D321F810-E538-462A-886F-625BD4CA29E7}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {37B249E7-83C0-40D6-A5CC-180519CC846A} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {37B249E7-83C0-40D6-A5CC-180519CC846A} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-02] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-02] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-02] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-02] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ad9t3kb0.default-1386566844496
FF Homepage: about:home
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-02] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-04-17] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-02] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1995632801-4156762099-2201499591-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-09-18] ()
FF Extension: Greasemonkey - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ad9t3kb0.default-1386566844496\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-11-22]
FF Extension: NoScript - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ad9t3kb0.default-1386566844496\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-23]
FF Extension: Downloads Window - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ad9t3kb0.default-1386566844496\Extensions\{a7213cf2-fa1e-4373-88ff-255d0abd3020}.xpi [2015-09-16]
FF Extension: Adblock Plus - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ad9t3kb0.default-1386566844496\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-26]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1212048 2015-08-26] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-14] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 mitsijm2013; C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [339776 2012-01-31] ( )
S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5613328 2015-07-29] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-13 16:34 - 2015-12-13 16:34 - 00016710 _____ C:\Users\****\Desktop\FRST.txt
2015-12-12 18:38 - 2015-12-12 18:38 - 01738240 _____ C:\Users\****\Desktop\AdwCleaner_5.024.exe
2015-12-12 18:21 - 2015-12-12 19:53 - 00000000 ____D C:\Users\****\Desktop\combofix
2015-12-12 18:16 - 2015-12-12 18:16 - 00030558 _____ C:\ComboFix.txt
2015-12-12 17:58 - 2015-12-12 18:16 - 00000000 ____D C:\Qoobox
2015-12-12 17:58 - 2015-12-12 18:14 - 00000000 ____D C:\windows\erdnt
2015-12-12 17:58 - 2011-06-26 07:45 - 00256000 _____ C:\windows\PEV.exe
2015-12-12 17:58 - 2010-11-07 18:20 - 00208896 _____ C:\windows\MBR.exe
2015-12-12 17:58 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-12-12 17:58 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-12-12 17:58 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-12-12 17:58 - 2000-08-31 01:00 - 00098816 _____ C:\windows\sed.exe
2015-12-12 17:58 - 2000-08-31 01:00 - 00080412 _____ C:\windows\grep.exe
2015-12-12 17:58 - 2000-08-31 01:00 - 00068096 _____ C:\windows\zip.exe
2015-12-12 17:56 - 2015-07-09 18:58 - 01632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2015-12-12 17:56 - 2015-07-09 18:58 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2015-12-12 17:56 - 2015-07-09 18:42 - 01372160 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2015-12-12 17:56 - 2015-07-09 18:42 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2015-12-12 17:55 - 2015-12-12 17:56 - 05640685 ____R (Swearware) C:\Users\****\Desktop\ComboFix.exe
2015-12-12 17:55 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\windows\system32\comsvcs.dll
2015-12-12 17:55 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\windows\system32\catsrvut.dll
2015-12-12 17:55 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\windows\SysWOW64\comsvcs.dll
2015-12-12 17:55 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\windows\SysWOW64\catsrvut.dll
2015-12-12 17:06 - 2015-12-12 17:14 - 00204710 _____ C:\TDSSKiller.3.1.0.8_12.12.2015_17.06.39_log.txt
2015-12-12 17:05 - 2015-12-12 17:05 - 04676456 _____ (Kaspersky Lab ZAO) C:\Users\****\Desktop\tdsskiller.exe
2015-12-12 14:13 - 2015-12-13 16:34 - 00000000 ____D C:\FRST
2015-12-12 14:07 - 2015-12-12 14:07 - 02369536 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe
2015-12-12 01:05 - 2015-12-12 18:48 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-12 01:05 - 2015-12-12 01:05 - 00001068 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-12 01:05 - 2015-12-12 01:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-12 01:05 - 2015-12-12 01:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-12 01:05 - 2015-12-12 01:05 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-12-12 01:05 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2015-12-12 01:05 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-12-12 01:05 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2015-12-11 23:13 - 2015-12-12 03:32 - 00000000 ____D C:\Users\****\Desktop\Kollegah-Zuhaeltertape - Volume_4
2015-12-06 16:17 - 2015-12-12 19:12 - 00000000 ____D C:\Users\****\Desktop\Eminem - Detroit King
2015-12-06 15:21 - 2015-12-06 15:21 - 00004230 _____ C:\windows\System32\Tasks\AMD Updater
2015-12-06 15:15 - 2015-12-06 15:15 - 00000000 ____D C:\Users\****\AppData\Roaming\library_dir
2015-12-06 15:15 - 2015-12-06 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-12-06 15:14 - 2015-12-06 15:24 - 00000000 ____D C:\Users\****\AppData\Roaming\Raptr
2015-12-06 15:14 - 2015-12-06 15:15 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-12-06 15:14 - 2015-12-06 15:14 - 00000000 ____D C:\Users\****\AppData\Local\AMD
2015-12-06 15:14 - 2015-12-06 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2015-12-06 15:13 - 2015-12-06 15:13 - 00000000 ____D C:\Program Files (x86)\AMD
2015-12-06 15:06 - 2015-12-06 15:14 - 00000000 ____D C:\Program Files\AMD
2015-12-06 15:04 - 2015-12-06 15:04 - 04947168 _____ (Advanced Micro Devices, Inc.) C:\Users\****\Desktop\autodetectutility.exe
2015-12-05 16:17 - 2015-12-05 16:17 - 19917892 _____ C:\Users\****\bedienungsanleitung_telefonanlage_digitalisierungsbox_premium.pdf
2015-12-03 01:30 - 2015-12-03 01:30 - 00000000 ____D C:\Users\****\Documents\Square Enix
2015-12-03 01:30 - 2015-12-03 01:30 - 00000000 ____D C:\Users\****\AppData\Local\CrashRpt
2015-12-02 01:35 - 2015-12-02 01:37 - 576022554 _____ C:\Users\****\Desktop\The.Waking.Ded.S06E08.Ger.Dub.WHRiP.XviD-FIJ.avi
2015-12-02 01:01 - 2015-12-02 01:01 - 00000000 ____D C:\Users\****\AppData\Local\LogView Studio
2015-12-02 01:00 - 2015-12-02 01:00 - 00000000 ____D C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LogView Studio
2015-12-02 01:00 - 2015-12-02 01:00 - 00000000 ____D C:\Program Files (x86)\LogView Studio
2015-12-02 00:13 - 2015-12-02 00:14 - 00000000 ____D C:\Users\****\AppData\Local\NETGEARGenie
2015-12-02 00:13 - 2015-12-02 00:13 - 00369168 _____ (CACE Technologies, Inc.) C:\windows\system32\wpcap.dll
2015-12-02 00:13 - 2015-12-02 00:13 - 00106000 _____ (CACE Technologies, Inc.) C:\windows\system32\packet.dll
2015-12-02 00:13 - 2015-12-02 00:13 - 00035344 _____ (CACE Technologies, Inc.) C:\windows\system32\Drivers\npf.sys
2015-11-28 18:57 - 2015-11-13 22:16 - 1506175152 _____ C:\Users\****\Desktop\Knock.Out.UNCUT.avi
2015-11-27 17:42 - 2015-11-27 17:42 - 00123056 _____ C:\Users\****\Desktop\spirit-fw-1.3.2.4df
2015-11-18 14:18 - 2015-11-18 14:23 - 00000000 ____D C:\ProgramData\Easybits Magic Desktop for HP
2015-11-18 09:20 - 2015-11-18 09:20 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amdhcp64.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amdhcp32.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00120656 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiu9p64.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00118608 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdave64.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00110344 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdave32.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atimpc64.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdpcom64.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atimpc32.dll
2015-11-18 09:20 - 2015-11-18 09:20 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdpcom32.dll
2015-11-18 09:19 - 2015-11-18 09:19 - 10815664 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiumd64.dll
2015-11-18 09:19 - 2015-11-18 09:19 - 09017808 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiumd6a.dll
2015-11-18 09:17 - 2015-11-18 09:17 - 00296648 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amdacpksd.sys
2015-11-18 09:13 - 2015-11-18 09:13 - 23960064 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\atikmdag.sys
2015-11-18 09:08 - 2015-11-18 09:08 - 49984000 _____ (Advanced Micro Devices Inc.) C:\windows\system32\amdocl64.dll
2015-11-18 09:08 - 2015-11-18 09:08 - 00235008 _____ C:\windows\system32\clinfo.exe
2015-11-18 09:02 - 2015-11-18 09:02 - 41510912 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\amdocl.dll
2015-11-18 08:58 - 2015-11-18 08:58 - 00065024 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2015-11-18 08:57 - 2015-11-18 08:57 - 00059392 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2015-11-18 08:50 - 2015-11-18 08:50 - 27596288 _____ (Advanced Micro Devices Inc.) C:\windows\system32\amdocl12cl64.dll
2015-11-18 08:49 - 2015-11-18 08:49 - 22348288 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\amdocl12cl.dll
2015-11-18 06:50 - 2015-11-18 06:50 - 00677888 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amdlvr64.dll
2015-11-18 06:48 - 2015-11-18 06:48 - 00562688 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amdlvr32.dll
2015-11-18 06:46 - 2015-11-18 06:46 - 06643200 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdmantle64.dll
2015-11-18 06:46 - 2015-11-18 06:46 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\mantle64.dll
2015-11-18 06:46 - 2015-11-18 06:46 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\mantle32.dll
2015-11-18 06:14 - 2015-11-18 06:14 - 05223936 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdmantle32.dll
2015-11-18 05:48 - 2015-11-18 05:48 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\mantleaxl64.dll
2015-11-18 05:48 - 2015-11-18 05:48 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\mantleaxl32.dll
2015-11-18 05:08 - 2015-11-18 05:08 - 00683960 _____ C:\windows\SysWOW64\atiapfxx.blb
2015-11-18 05:08 - 2015-11-18 05:08 - 00683960 _____ C:\windows\system32\atiapfxx.blb
2015-11-18 05:05 - 2015-11-18 05:05 - 31376896 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atio6axx.dll
2015-11-18 04:43 - 2015-11-18 04:43 - 15711744 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticaldd64.dll
2015-11-18 04:43 - 2015-11-18 04:43 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiapfxx.exe
2015-11-18 04:43 - 2015-11-18 04:43 - 00062464 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticalrt64.dll
2015-11-18 04:43 - 2015-11-18 04:43 - 00055808 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticalcl64.dll
2015-11-18 04:43 - 2015-11-18 04:43 - 00052224 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticalrt.dll
2015-11-18 04:43 - 2015-11-18 04:43 - 00049152 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticalcl.dll
2015-11-18 04:40 - 2015-11-18 04:40 - 25840128 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atioglxx.dll
2015-11-18 04:40 - 2015-11-18 04:40 - 14302208 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticaldd.dll
2015-11-18 04:40 - 2015-11-18 04:40 - 00865280 _____ (AMD) C:\windows\system32\coinst_15.30.dll
2015-11-18 04:32 - 2015-11-18 04:32 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdmmcl6.dll
2015-11-18 04:32 - 2015-11-18 04:32 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdmmcl.dll
2015-11-18 04:27 - 2015-11-18 04:27 - 03437632 _____ C:\windows\system32\atiumd6a.cap
2015-11-18 04:26 - 2015-11-18 04:26 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atidemgy.dll
2015-11-18 04:26 - 2015-11-18 04:26 - 00223744 _____ C:\windows\system32\dgtrayicon.exe
2015-11-18 04:25 - 2015-11-18 04:25 - 00552448 _____ (AMD) C:\windows\system32\atieclxx.exe
2015-11-18 04:25 - 2015-11-18 04:25 - 00204800 _____ C:\windows\system32\amdgfxinfo64.dll
2015-11-18 04:25 - 2015-11-18 04:25 - 00189952 _____ C:\windows\SysWOW64\amdgfxinfo32.dll
2015-11-18 04:25 - 2015-11-18 04:25 - 00162304 _____ C:\windows\system32\atieah64.exe
2015-11-18 04:25 - 2015-11-18 04:25 - 00145408 _____ C:\windows\SysWOW64\atieah32.exe
2015-11-18 04:25 - 2015-11-18 04:25 - 00031744 _____ (AMD) C:\windows\system32\atimuixx.dll
2015-11-18 04:24 - 2015-11-18 04:24 - 00246272 _____ (AMD) C:\windows\system32\atiesrxx.exe
2015-11-18 04:22 - 2015-11-18 04:22 - 00190976 _____ (AMD) C:\windows\system32\atitmm64.dll
2015-11-18 04:10 - 2015-11-18 04:10 - 03471376 _____ C:\windows\SysWOW64\atiumdva.cap
2015-11-18 03:58 - 2015-11-18 03:58 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atisamu64.dll
2015-11-18 03:58 - 2015-11-18 03:58 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atisamu32.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 01272832 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiadlxx.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00941568 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atiadlxy.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00941568 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atiadlxx.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00157696 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atig6txx.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00075776 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atig6pxx.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiglpxx.dll
2015-11-18 03:54 - 2015-11-18 03:54 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiglpxx.dll
2015-11-18 03:53 - 2015-11-18 03:53 - 00671232 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\atikmpag.sys
2015-11-18 03:53 - 2015-11-18 03:53 - 00142336 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atigktxx.dll
2015-11-18 03:45 - 2015-11-18 03:45 - 00195072 _____ C:\windows\system32\hsa-thunk64.dll
2015-11-18 03:45 - 2015-11-18 03:45 - 00174592 _____ C:\windows\SysWOW64\hsa-thunk.dll
2015-11-18 03:43 - 2015-11-18 03:43 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\ati2erec.dll
2015-11-14 13:43 - 2015-11-14 13:43 - 00000000 ____D C:\Users\****\.AnyLogicUniversity
2015-11-13 15:33 - 2015-11-24 06:09 - 00000000 ____D C:\Users\****\Desktop\twd

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-13 15:57 - 2012-08-04 13:57 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-12-13 13:11 - 2012-12-28 11:26 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-13 12:39 - 2012-06-15 00:44 - 18166598 _____ C:\windows\system32\perfh007.dat
2015-12-13 12:39 - 2012-06-15 00:44 - 05656762 _____ C:\windows\system32\perfc007.dat
2015-12-13 12:39 - 2009-07-14 06:13 - 00006504 _____ C:\windows\system32\PerfStringBackup.INI
2015-12-13 12:39 - 2009-07-14 05:45 - 00024400 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-13 12:39 - 2009-07-14 05:45 - 00024400 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-13 12:33 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-12-13 12:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-13 12:11 - 2015-06-05 14:37 - 00000000 ____D C:\AdwCleaner
2015-12-12 19:13 - 2012-07-19 14:49 - 00003926 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{E6CFB42A-8A13-45D3-BB3C-832EB88BB857}
2015-12-12 19:12 - 2012-07-23 23:13 - 00000000 ____D C:\Users\****\AppData\Roaming\Mp3tag
2015-12-12 18:10 - 2009-07-14 03:34 - 00000215 _____ C:\windows\system.ini
2015-12-12 18:09 - 2009-07-14 03:34 - 00524288 _____ C:\windows\system32\config\DEFAULT.bak
2015-12-12 18:09 - 2009-07-14 03:34 - 00262144 _____ C:\windows\system32\config\SECURITY.bak
2015-12-12 18:09 - 2009-07-14 03:34 - 00262144 _____ C:\windows\system32\config\SAM.bak
2015-12-12 18:08 - 2009-07-14 03:34 - 44564480 _____ C:\windows\system32\config\components.bak
2015-12-12 18:05 - 2012-07-19 14:44 - 00000000 ____D C:\Users\****
2015-12-12 18:05 - 2009-07-14 06:32 - 00000000 ____D C:\windows\Downloaded Program Files
2015-12-12 17:57 - 2012-08-07 11:31 - 00000000 ____D C:\Users\****\AppData\Local\ElevatedDiagnostics
2015-12-12 01:19 - 2013-02-25 23:13 - 00000000 ____D C:\Users\****\Office 2010 Activator v1.4.1.0
2015-12-12 00:26 - 2012-07-22 18:54 - 00000000 ____D C:\Users\****\AppData\Roaming\vlc
2015-12-09 19:50 - 2012-07-22 18:30 - 00000000 ____D C:\Users\****\Desktop\musik
2015-12-09 16:57 - 2012-08-04 13:57 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 16:57 - 2012-06-15 01:12 - 00796864 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 16:57 - 2012-06-15 01:12 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-06 15:13 - 2009-07-14 04:20 - 00000000 ____D C:\windows\inf
2015-12-06 15:09 - 2013-12-05 04:35 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-06 15:06 - 2012-12-25 20:57 - 00000000 ____D C:\AMD
2015-12-06 15:05 - 2012-11-13 15:37 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-12-04 00:02 - 2013-08-11 15:10 - 00000000 ____D C:\Users\****\Desktop\modellbau
2015-12-02 01:00 - 2013-04-05 19:42 - 00000000 ____D C:\ProgramData\InstallMate
2015-12-02 00:53 - 2015-02-18 16:51 - 00000000 ____D C:\HELI-X6
2015-12-02 00:17 - 2015-10-04 20:51 - 00000000 ____D C:\Program Files (x86)\Spirit Settings
2015-12-02 00:17 - 2015-01-24 02:04 - 00001112 _____ C:\Users\Public\Desktop\Spirit Settings.lnk
2015-12-02 00:17 - 2014-09-08 12:30 - 00001124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spirit Settings.lnk
2015-12-02 00:11 - 2013-10-10 21:07 - 00000000 ____D C:\ProgramData\Oracle
2015-12-02 00:10 - 2015-01-03 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-12-02 00:10 - 2014-01-20 06:04 - 00000000 ____D C:\Program Files\Java
2015-12-02 00:10 - 2014-01-20 05:55 - 00000000 ____D C:\Program Files (x86)\Java
2015-12-02 00:10 - 2013-10-10 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-02 00:09 - 2015-09-15 03:41 - 00000000 ____D C:\Users\****\.oracle_jre_usage
2015-12-02 00:09 - 2014-01-20 06:04 - 00110176 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2015-12-01 12:09 - 2013-08-07 08:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-01 12:08 - 2013-08-07 08:40 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2015-12-01 12:08 - 2013-08-07 08:40 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2015-12-01 12:08 - 2013-08-07 08:40 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2015-11-28 18:37 - 2012-07-24 13:31 - 00000000 ____D C:\Users\****\AppData\Local\CrashDumps
2015-11-27 21:23 - 2015-04-19 18:24 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-23 07:03 - 2012-06-15 01:06 - 00000000 ____D C:\ProgramData\Temp
2015-11-23 06:57 - 2014-02-11 14:05 - 00000000 ____D C:\Users\****\Documents\RealFlight 7
2015-11-18 18:14 - 2015-10-17 18:13 - 00000000 ____D C:\Users\****\Desktop\Scandal
2015-11-18 09:20 - 2012-12-25 20:45 - 01229984 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\aticfx32.dll
2015-11-18 09:20 - 2012-12-25 20:45 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiuxpag.dll
2015-11-18 09:20 - 2012-12-25 20:44 - 10907328 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atidxx32.dll
2015-11-18 09:20 - 2012-09-28 02:11 - 00152568 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiuxp64.dll
2015-11-18 09:20 - 2012-02-14 15:17 - 01496736 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\aticfx64.dll
2015-11-18 09:20 - 2012-02-14 14:52 - 13189336 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atidxx64.dll
2015-11-18 09:20 - 2012-02-14 14:12 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiu9pag.dll
2015-11-18 09:19 - 2012-09-28 03:23 - 09070320 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiumdag.dll
2015-11-18 09:19 - 2012-09-28 02:22 - 08089248 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiumdva.dll
2015-11-13 03:26 - 2015-10-29 23:31 - 00000000 ____D C:\Users\****\Desktop\2 Broke Girls - Staffel 4

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-07-15 20:56 - 2010-01-15 09:36 - 0075040 _____ () C:\Program Files (x86)\Common Files\SpeechUninstall.exe
2012-08-29 18:23 - 2013-10-28 06:23 - 0000676 _____ () C:\Users\****\AppData\Roaming\DriveCalculator Preferences
2012-07-19 15:37 - 2012-07-19 15:37 - 0000173 _____ () C:\Users\****\AppData\Local\msmathematics.qat.****
2013-07-12 18:57 - 2013-07-12 18:57 - 0000848 _____ () C:\Users\****\AppData\Local\recently-used.xbel
2014-12-26 10:49 - 2014-12-26 10:49 - 0007605 _____ () C:\Users\****\AppData\Local\Resmon.ResmonCfg

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\****\adwcleaner_4.206.exe
C:\Users\****\HijackThis.exe
C:\Users\****\MP3QualityModifier.exe
C:\Users\****\TeamViewer_Setup_de.exe


Einige Dateien in TEMP:
====================
C:\Users\****\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-10 16:04

==================== Ende von FRST.txt ============================
         

Alt 13.12.2015, 16:42   #15
limit123
 
Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 - Standard

Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:12-12-2015
durchgeführt von **** (2015-12-13 16:35:59)
Gestartet von C:\Users\****\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-07-19 13:44:18)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1995632801-4156762099-2201499591-500 - Administrator - Disabled)
Gast (S-1-5-21-1995632801-4156762099-2201499591-501 - Limited - Disabled)
**** (S-1-5-21-1995632801-4156762099-2201499591-1000 - Administrator - Enabled) => C:\Users\****

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
ASUS VGA Driver (x32 Version: 3.0.0.1 - Ihr Firmenname) Hidden
Autodesk Inventor Professional 2013 (Version: 17.0.13800.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2013 Deutsch (German) (HKLM\...\Autodesk Inventor Professional 2013) (Version: 17.0.13800.0000 - Autodesk)
Autodesk Inventor Professional 2013 Language Pack - Deutsch (German) (Version: 17.0.13800.0000 - Autodesk) Hidden
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2013 (HKLM-x32\...\{27C6C0A2-2EC9-4FEA-BE2B-659EAAC2C68C}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Avira (HKLM-x32\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
BRAIN (HKLM-x32\...\{53B883F4-11BB-4289-A790-4DF90FAA61A6}) (Version: 1.0.011 - MSHeli)
Catalyst Control Center Next Localization BR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.24 - Piriform)
Chinese Traditional Fonts Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-2448-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2023 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DataExplorer (HKLM-x32\...\DataExplorer) (Version: 3.2.3 - )
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DWG TrueView 2013 (HKLM\...\DWG TrueView 2013) (Version: 19.0.55.0 - Autodesk)
DWG TrueView 2013 (Version: 19.0.55.0 - Autodesk) Hidden
Eco Materials Adviser for Autodesk Inventor 2013 (HKLM\...\{792A9A32-718A-40D1-9867-A903F76AE2F8}) (Version: 3.9.12.0 - Granta Design Limited)
Far Cry (Patch 1.4) (x32 Version: 1.00.0000 - Ubisoft) Hidden
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
HELI-X 6 Demo (HKLM-x32\...\89A8AC8E-9F17-4D16-B924-A5868A0290FC_is1) (Version:  - Michael Schreiner)
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{4F38594F-2C4A-4C42-B2C4-505E225F6F80}) (Version: 11.14.0004 - HP)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP TouchSmart Background - Beats (HKLM-x32\...\{6A6F8D36-04BA-41E9-9004-1789BD545874}) (Version: 1.0.1.0 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 5.10.0000.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Just Cause 3 (HKLM-x32\...\Steam App 225540) (Version:  - Avalanche Studios)
Liftoff (HKLM-x32\...\Steam App 410340) (Version:  - LuGus Studios)
LogView Studio 1.0.3662.0903 (HKLM-x32\...\{DA180FFA-233E-4142-8E9C-A7562D261D9C}) (Version: 1.0.3662.0903 - logview.info)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
micro_swloader (HKLM-x32\...\{CF676CCE-F4B1-4F31-9AF8-A2F9B2B5E47F}) (Version: 1.0.0 - Graupner)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Mp3tag v2.66 (HKLM-x32\...\Mp3tag) (Version: v2.66 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero WaveEditor (HKLM-x32\...\{A6903C5A-D90B-4877-A629-35436CAA62A3}) (Version: 12.0.00500 - Nero AG)
O&O SafeErase Professional (HKLM\...\{243176DB-549F-418F-AE20-731DCF0EA42D}) (Version: 7.0.165 - O&O Software GmbH)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
pean Engineering ViRA GUI (HKLM-x32\...\peanViRA) (Version:  - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Raptr (HKLM-x32\...\Raptr) (Version:  - )
RealFlight 7 R/C Simulator (HKLM-x32\...\RealFlight7Pro) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5119 - CyberLink Corp.) Hidden
Schnell-Deinstallations-Tool für Autodesk Inventor 2013 (HKLM\...\{D25FF5C1-1764-469A-9794-69309387C193}) (Version: 17.0.13800.0000 - Autodesk)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{987A5C7B-C24E-4305-AB26-91B7466DC8D6}) (Version: 6.5.3 - Silicon Laboratories, Inc.)
Spirit Setings version 1.3.0 (HKLM-x32\...\Spirit Setings_is1) (Version: 1.3.0 - Spirit System)
Spirit Settings version 1.3.2 (HKLM-x32\...\Spirit Settings_is1) (Version: 1.3.2 - Spirit System)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.19 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{63B7AC7E-0178-4F4F-A79B-08D97ADD02D7}) (Version: 4.5.11.0 - Husdawg, LLC)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45471 - TeamViewer)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{355FBD67-5A4F-44DA-86A1-56EEC4C20EC0}) (Version: 1.12.18.0 - Texas Instruments Inc.)
TI USB3 Host Driver (x32 Version: 1.12.18.0 - Texas Instruments Inc.) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows-Treiberpaket - Silicon Laboratories (silabenm) Ports  (10/18/2013 6.6.1.0) (HKLM\...\F92C2D6CB4EA0EE558BDF5F8BDD69083DFC62179) (Version: 10/18/2013 6.6.1.0 - Silicon Laboratories)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2013\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2013\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1995632801-4156762099-2201499591-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => Keine Datei

==================== Wiederherstellungspunkte =========================

12-12-2015 17:59:01 ComboFix created restore point
13-12-2015 11:52:43 Windows Update
13-12-2015 12:30:53 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-12-12 18:10 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {3C4C0669-CC05-4A15-8066-E59429FB371D} - System32\Tasks\{A537DF2E-536B-4052-B76F-5102B668C325} => pcalua.exe -a C:\Users\****\Desktop\HLC_1_setup.exe -d C:\Users\****\Desktop
Task: {3C7536F3-D88A-455A-A0E8-CD7ABA9C7830} - System32\Tasks\{677F7317-8AC4-4088-8516-A49FBD6B10AE} => pcalua.exe -a C:\Users\****\Desktop\sp57493.exe -d C:\Users\****\Desktop
Task: {44E3A3D3-02EF-4E76-B9F5-59CE569D6429} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe
Task: {4757814F-4AEF-4C99-9F3C-A9FD68D78A03} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd)
Task: {58887A2E-34C4-4785-99AC-8446350D1EC5} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe
Task: {6A5E421C-3EC2-4E7A-A22D-7E0200A7B8E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe
Task: {880DC1A5-9D5F-479D-AA19-AD406F55CF7B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {A4C7F641-1704-414A-A878-03079828899C} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2015-11-18] (Advanced Micro Devices, Inc.)
Task: {AB8DFF6D-0E81-4CD5-BA48-9E0EAB97E964} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {B893EBF6-A7AD-47BC-A2B5-03E33AB34734} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {D25217AC-ECF7-4169-B760-451487D96EE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {F4030DDB-6882-4786-A053-1FC01C509F0C} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
Task: {F9A1A948-875D-4278-A37C-5FAACB012FE9} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\****\Desktop\rcon.lnk -> C:\Users\****\722\reconnect.bat () <==== ACHTUNG

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-03-16 23:07 - 2011-03-16 23:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-12-12 18:45 - 2014-07-14 15:49 - 00049744 _____ () C:\Users\****\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2013-12-02 18:45 - 2015-11-10 20:55 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-09-17 15:55 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-09-17 15:55 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-09-17 15:55 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-30 13:23 - 2015-12-10 21:11 - 02547280 _____ () C:\Program Files (x86)\Steam\video.dll
2014-11-10 17:35 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-11-10 17:35 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-11-10 17:35 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-11-10 17:35 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-11-10 17:35 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-12-02 18:45 - 2015-12-10 21:11 - 00804432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-09-17 15:55 - 2015-11-03 23:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2013-12-02 18:45 - 2015-11-17 01:31 - 47846176 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-09-17 15:55 - 2015-09-25 00:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:69E87FA2
AlternateDataStreams: C:\ProgramData\Temp:A1EDB939
AlternateDataStreams: C:\ProgramData\Temp:A9967A61
AlternateDataStreams: C:\ProgramData\Temp:F4C624DE

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1995632801-4156762099-2201499591-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AML Device Install.lnk => C:\windows\pss\AML Device Install.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CLMLServer_For_P2G8 => "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
MSCONFIG\startupreg: CLVirtualDrive => "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
MSCONFIG\startupreg: HPSYSDRV => C:\Program Files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: Magic Desktop for HP notification => "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
MSCONFIG\startupreg: PC Speed Maximizer => C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe
MSCONFIG\startupreg: Power2GoExpress8 => NA
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{0CA4C219-D2FF-4925-A100-002A050A8347}] => (Allow) C:\windows\system32\ezSharedSvcHost.exe
FirewallRules: [TCP Query User{1F15562D-4477-4495-BF83-10CA4A51AE91}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{A0E3B18B-C147-4F87-8476-EF9FDAFC2A9D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{10B9C4EE-5A02-40FF-AC60-FE010C187CC8}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{7ACEB367-9734-43B9-8D27-EECBFD3BE282}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{A093E01C-8590-46FB-AC73-B1FA9D46FEE0}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{1C71FA02-488B-4BBB-9C07-3CB10102F119}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [TCP Query User{C6AB6512-6992-43A3-9786-218075074358}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{F7AAE679-C5FD-408A-955C-E379472A191A}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{FB28BF63-0D98-4632-ACB6-E1261CBC7155}C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe] => (Allow) C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe
FirewallRules: [UDP Query User{74E6EBAF-8C06-4CFC-A2D8-38348FDEB5BA}C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe] => (Allow) C:\program files (x86)\ubisoft\crytek\far cry\bin32\farcry.exe
FirewallRules: [TCP Query User{C38F944F-3CC4-4EAD-9032-A795D293F9ED}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{67EDAE0E-1A4D-4DC6-B615-5865594E12C6}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{D533ACE1-703A-4F4E-8D79-DFC748CC5BF5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0D363802-E3D8-47FB-BED6-4E5DD5136E09}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4FF8F7D5-D4A6-48B0-846A-8EADC78F7F4C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2B0ED474-46F6-43EC-BC7A-108A40C706CB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D37A6766-9BEE-44F5-9E78-F85A79E0B3CB}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{ADE2E185-AA3C-42FE-80B2-0726539EEF6D}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{BD2E5E50-A169-445A-AE85-0786FFB899BF}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{F4C9D4F1-B852-451A-9C4E-9F5EF0CDD567}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{C3EB01E8-2610-4FCB-9757-C1CF67D46B97}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{8ACF6C73-622B-41AD-94F0-8F3752EDFE87}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{7C3CBB65-C7A8-40CD-B86E-D090C5404E6A}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{9146A497-5E21-4B26-94B8-293049A3C39E}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{B2520B06-0FB1-48C1-9F53-3E0B623372A8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BCFE86BD-DB5E-4651-88B9-BE7D70F2D229}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CC2A9BA8-7C5F-497B-95FC-AFF8059A67FE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{659F1755-810C-4E04-B206-1BB5950E45D5}] => (Allow) LPort=2869
FirewallRules: [{38C3A283-C44C-4DB9-8626-52320370A30D}] => (Allow) LPort=1900
FirewallRules: [{C862143F-9205-4FBD-AE3A-851C214D3A31}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{574E5B55-57BA-4CBA-907A-3FB8ABDB3362}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{1447A363-6092-4187-AA6B-FA9FE6C743D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{17CA7FB0-CAB0-4ADB-A015-29C1B335BD16}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [{5586DDD4-6179-4F16-BBC9-8BF7EB3FEB95}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [{BB564BCB-6B46-47A5-A064-DCFB8D0265C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{E11033AF-AA39-43F8-8341-F0BF1D44C18E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{35D3EE86-2C67-4708-BD69-1C5E3A576D97}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{7101A799-AFA9-45A3-A94C-F97E93203AF8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{209E662D-1234-4A04-A133-83B8D0B915A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{62B884DC-097D-4674-B28F-530FCCD9BD6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{40CF2E32-BB56-4D09-9E85-67775B2CC5A2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{635B6BF8-48D1-4607-9141-494D12FF43D4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9D4BE28F-F714-4082-A955-C31C3B6A3D70}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{DEDABECB-13DD-4663-B186-CB992384C136}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{7D717DC3-3015-45CE-B53F-03A890DA6FE2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{A7642D2E-9A3C-4C8E-8C34-B839831C6EA2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [TCP Query User{585D20FF-FFFB-4A4F-95CE-79BE40130872}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{9B277FB6-FAC9-4A34-8142-CFF23005200F}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{484B8FC8-6D5C-4B91-80B5-695DC099CFB2}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FA187F3F-8067-466D-AE20-D89C1C0F0A3C}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{324E9F23-921A-467D-9D8C-7B3C1401734A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D5F12BEC-E121-47BC-A24F-100CC7652192}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4F98A6DA-0E4C-45AE-95D5-A5521676C57D}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{B71443F8-6917-47D9-AA2B-4F9DF604C604}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{5CC183D8-E479-4E2F-A3B5-6054E535214D}C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe] => (Allow) C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe
FirewallRules: [UDP Query User{2A586386-019A-4812-9E1E-3BA53D3DDF3A}C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe] => (Allow) C:\users\****\desktop\modellbau\graupner hott\graupner_pc_software_de\firmware_upgrade_grstudio.exe
FirewallRules: [{869B0E7E-E2E1-49EA-A47C-E921427B3E95}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5D658E47-57C5-4C7E-B9FE-6C05E5033FC9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{26FB34FD-F080-4650-A5D4-8DF7F8DA93B7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3DD2042A-C02F-432E-9239-0CAB8D9F3CF4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{485E766C-9DAE-42B4-8540-8C21702ED382}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{1751019A-0251-4890-A506-A449A634ACAE}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{A06914C2-2A3C-4C5A-B9CF-93D043C06B24}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{26F3272A-FEDE-4824-B4CE-82725EBC85ED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{88039C32-0C27-45E1-BA65-533293612BB3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7713BDBE-8451-4692-A95A-3A93BA995E39}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B1D7B712-D62D-48B0-9862-2CA82471F75F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C2F5D914-C3F2-4775-8C9E-91F8978C53A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{E9686FED-6C22-4FED-9D77-C8E038448C61}C:\program files\anylogic 7 personal learning edition\anylogic.exe] => (Block) C:\program files\anylogic 7 personal learning edition\anylogic.exe
FirewallRules: [UDP Query User{1999BA5E-4B41-422B-9140-1C19F0980561}C:\program files\anylogic 7 personal learning edition\anylogic.exe] => (Block) C:\program files\anylogic 7 personal learning edition\anylogic.exe
FirewallRules: [TCP Query User{5F8353B4-062E-4578-9226-3D0B1E00792E}C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe] => (Allow) C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe
FirewallRules: [UDP Query User{5B0F36D9-1458-4F2F-AD37-57417A307214}C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe] => (Allow) C:\program files\anylogic 7 personal learning edition\jre\bin\java.exe
FirewallRules: [TCP Query User{4CFD5C25-C032-4987-A965-D5D2822074D7}C:\program files (x86)\anylogic 6 university\anylogic.exe] => (Allow) C:\program files (x86)\anylogic 6 university\anylogic.exe
FirewallRules: [UDP Query User{41EF9D8E-B5E4-49F9-8653-08D2F2CCD939}C:\program files (x86)\anylogic 6 university\anylogic.exe] => (Allow) C:\program files (x86)\anylogic 6 university\anylogic.exe
FirewallRules: [{C45A0356-E7DE-4656-B419-550E7C942D4F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Liftoff\Liftoff.exe
FirewallRules: [{93CF18BD-410E-45DF-BE45-A993CF536A7A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Liftoff\Liftoff.exe
FirewallRules: [TCP Query User{6FBEAB9C-59DA-4D74-B67D-9B7945AB8B30}C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe] => (Allow) C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe
FirewallRules: [UDP Query User{3E1FEF2A-A18F-47E8-ACDE-D1E4D6D1DEB2}C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe] => (Allow) C:\program files (x86)\hotprops\hotprops_data\game\hotprops.exe
FirewallRules: [{F52DF749-EB34-4F87-A374-3595A6F552D7}] => (Allow) C:\Program Files (x86)\LogView Studio\Database\mysql5.6\Windows32\bin\mysqld.exe
FirewallRules: [{49E3AB20-6C8C-43DD-8FF1-F9C9A12E47BC}] => (Allow) C:\Program Files (x86)\LogView Studio\Database\mysql5.6\Windows64\bin\mysqld.exe
FirewallRules: [{CBCBA133-3DCB-40E1-8A8A-E26630DE5320}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{2A4A51CA-ED4B-4CC5-9842-2881FF9557B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{7E3E80F1-26D2-44FC-800D-0920C2FEC7CC}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{B053A559-73F0-4B63-B042-763E0DCD9696}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{AE046801-F22D-4556-A0A8-82E9F699465D}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{D94F3F36-E469-4080-8E53-BD558D460601}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/13/2015 12:39:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (12/13/2015 12:39:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (12/13/2015 12:39:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (12/13/2015 12:34:53 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/13/2015 12:34:42 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/13/2015 12:34:11 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/13/2015 12:02:59 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/13/2015 12:02:46 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (12/13/2015 12:02:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe, Version: 1.1.18.28431, Zeitstempel: 0x53c3ed8f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18869, Zeitstempel: 0x556363bc
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x564
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.ServiceHost.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe1
Pfad des fehlerhaften Moduls: Avira.OE.ServiceHost.exe2
Berichtskennung: Avira.OE.ServiceHost.exe3

Error: (12/13/2015 12:02:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
   bei System.Linq.Enumerable.First[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>)
   bei Avira.OE.BrowserExtensionConnector.FirefoxProductInfo.ExtensionIsInstalled(System.String)
   bei System.Linq.Enumerable.Any[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>, System.Func`2<System.__Canon,Boolean>)
   bei Avira.OE.BrowserExtensionConnector.FirefoxProductInfo.ExtensionIsInstalled(System.Collections.Generic.List`1<System.String>)
   bei Avira.OE.BrowserExtensionConnector.SafeSearchProductInfo.IsInstalled(Avira.OE.WinCore.Browser)
   bei Avira.OE.WinCore.BrowserInfo.GetBrowsersData(System.Func`2<Avira.OE.WinCore.Browser,Boolean>)
   bei Avira.OE.BrowserExtensionConnector.AviraSafeSearchStatusConnector.GetBrowserInfo()
   bei Avira.OE.ServiceHost.ComputerAndServicesInfo.SetPayloadForSafeSearch(Avira.OE.WinCore.Interface.DevCheckUpdatePayload)
   bei Avira.OE.ServiceHost.ComputerAndServicesInfo.CreateMessagePayload()
   bei Avira.OE.ServiceHost.UpdateAvailabilityChecker.CheckForUpdate()
   bei Avira.OE.ServiceHost.UpdateAvailabilityChecker.OnRecurrentUpdateCheck(System.Object)
   bei System.Threading.TimerQueueTimer.CallCallbackInContext(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.TimerQueueTimer.CallCallback()
   bei System.Threading.TimerQueueTimer.Fire()
   bei System.Threading.TimerQueue.FireNextTimers()
   bei System.Threading.TimerQueue.AppDomainTimerCallback()


Systemfehler:
=============
Error: (12/13/2015 12:34:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (12/13/2015 12:34:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/13/2015 12:34:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/13/2015 12:32:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800706ba fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4.5, 4.5.1 und 4.5.2 unter Windows 7, Vista, Server 2008 und Server 2008 R2 x64 (KB3074550)

Error: (12/13/2015 12:32:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800706ba fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB3086255)

Error: (12/13/2015 12:32:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800706ba fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB3075226)

Error: (12/13/2015 12:32:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800706ba fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB3081320)

Error: (12/13/2015 12:32:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800706ba fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB3084135)

Error: (12/13/2015 12:32:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800706ba fehlgeschlagen: Update für Windows 7 für x64-basierte Systeme (KB3112148)

Error: (12/13/2015 12:32:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800706ba fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4.5, 4.5.1 und 4.5.2 unter Windows 7, Vista, Server 2008 und Server 2008 R2 x64 (KB3097996)


CodeIntegrity:
===================================
  Date: 2015-12-12 18:05:26.824
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-12-12 18:05:26.779
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-3450 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 22%
Installierter physikalischer RAM: 8148.01 MB
Verfügbarer physikalischer RAM: 6306.88 MB
Summe virtueller Speicher: 16294.23 MB
Verfügbarer virtueller Speicher: 13792.59 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:914.41 GB) (Free:557.48 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Daten) (Fixed) (Total:16.88 GB) (Free:16.76 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 568CEE24)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Antwort

Themen zu Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4
.dll, administrator, anlage, antivir, auftrag, defender, dnsapi.dll, firefox, flash player, hijack, home, homepage, mozilla, mp3, programm, prozesse, registry, services.exe, software, tr/crypt.xpack.gen, tr/crypt.xpack.gen4, trojan, windows, winlogon.exe



Ähnliche Themen: Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4


  1. Mein antivir hat folgende virus gefunden:" tr/crypt.zpack.gen4 " kann ihn nicht entfernen.
    Plagegeister aller Art und deren Bekämpfung - 01.02.2015 (7)
  2. Windows 7: ADWARE/CrossRider.Gen4, ADWARE/EoRezo.Gen4 und ADWARE/MPlug 6.14 durch AntiVir gefunden
    Log-Analyse und Auswertung - 22.10.2014 (4)
  3. Bin planlos. MS DOS emailanhang geöffnet!
    Plagegeister aller Art und deren Bekämpfung - 10.02.2014 (20)
  4. Windows 8: Rechnung.zip von vermeitlichen Telefonanbieter geöffnet und Antivir schlägt Alarm
    Log-Analyse und Auswertung - 18.12.2013 (13)
  5. Windows 7: zweifelhaften Emailanhang zip-Datei geöffnet
    Log-Analyse und Auswertung - 02.12.2013 (9)
  6. Win7: TR/Crypt.XPACK.Gen
    Log-Analyse und Auswertung - 08.10.2013 (3)
  7. Depp ^10 - emailAnhang *.zip geöffnet und MS-DOS Anwendung ausgeführt
    Plagegeister aller Art und deren Bekämpfung - 16.08.2013 (15)
  8. crypt.xpack.gen und ...gen8 über Emailanhang eingefangen
    Log-Analyse und Auswertung - 19.02.2013 (13)
  9. AntiVir hat folgede Viren gefunden: TR/Crypt.ZPACK.Gen2' & 'TR/Crypt.XPACK.Gen5' [trojan
    Plagegeister aller Art und deren Bekämpfung - 26.09.2012 (33)
  10. TR/Reveton.ZT in Emailanhang geöffnet und Backdoor.Bot in autorun.exe
    Log-Analyse und Auswertung - 02.08.2012 (13)
  11. 'TR/Crypt.XPACK.Gen2' und 'Trojan.W32.Grumm ALARM' gefunden in C:\documents and setti
    Log-Analyse und Auswertung - 03.05.2010 (21)
  12. Antivir schlägt Alarm- Trojaner TR/Crypt.XPACK.Gen?
    Log-Analyse und Auswertung - 21.10.2009 (12)
  13. Trojaner TR/Crypt.XPACK.Gen? - Antivir schlägt Alarm
    Log-Analyse und Auswertung - 12.06.2009 (0)
  14. Antivir schlägt Alarm!: TR/Crypt.XPACK.Gen
    Plagegeister aller Art und deren Bekämpfung - 27.02.2009 (7)
  15. Antivir schlägt alarm TR/Crypt.XPACK.Gen
    Mülltonne - 12.11.2008 (0)
  16. TR/Crypt.ULPM.Gen und .crypt.xpack.gen von antivir gemeldet
    Log-Analyse und Auswertung - 27.09.2008 (1)
  17. Emailanhang von postcards@hallmark.com geöffnet
    Plagegeister aller Art und deren Bekämpfung - 08.08.2008 (25)

Zum Thema Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 - Hallo, gestern Abend habe ich einen Emailanhang "doc_fGDepjgooT.zip" heruntergeladen und die darin enthaltene Datei "doc.js" entpackt und angeklickt. Da der Absender ein Familienmitglied war hab ich das so nebenbei einfach - Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4...
Archiv
Du betrachtest: Win7: Emailanhang geöffnet - Antivir Alarm: TR/Crypt.XPACK.Gen4 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.