Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Wörter im Internet werden zu Links

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.04.2016, 20:33   #1
Fritz83
 
Wörter im Internet werden zu Links - Standard

Wörter im Internet werden zu Links



Hallo zusammen,

Seit heute werden unregelmäßg einzelne Wörter eines Textes auf dem aktuell genutzten Tab im Firefox Browser (aktuelle Version: 42) zu Links, welche bei Mouse-over ein kleines Fenster mit entweder Werbung oder Verweis auf die z.B. ask.com Seite enthalten.

Im Forum gibt es bereits mehrere gleichlautende Beschreibungen. Die habe ich mir durchgelesen. Ihr schreibt immer man solle sich das Programm Farbar's Recovery Scan Tool (bei mir in der 64bit Version) auf den Desktop laden und ausführen wie beschrieben. Dies habe ich bereits getan und kann auch bei Bedarf die FRST.txt und die Addition.txt posten wenn gewünscht.

Im Voraus schon mal vielen Dank für Eure Mühen und Hilfen!

Gruß Fritz

Alt 01.04.2016, 23:03   #2
M-K-D-B
/// TB-Ausbilder
 
Wörter im Internet werden zu Links - Standard

Wörter im Internet werden zu Links






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________

__________________

Alt 02.04.2016, 00:01   #3
Fritz83
 
Wörter im Internet werden zu Links - Standard

Wörter im Internet werden zu Links



Hallo Matthias,
danke für die schnelle Antwort
Hier in mehreren Beiträgen die geforderten Logs:
FRST.txt:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Robert (Administrator) auf HOME-PC (01-04-2016 20:26:08)
Gestartet von C:\Users\Robert\Desktop
Geladene Profile: Robert & MSSQL$SQLEXPRESS (Verfügbare Profile: Robert & Administrator & MSSQL$SQLEXPRESS)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 8 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Realtek) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtlService.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe
(matt.malensek.net) C:\Program Files (x86)\3RVX\3RVX.exe
(Dekisoft) C:\Program Files (x86)\Monitor Off Utility\monoff.exe
() C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopus.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(Dropbox, Inc.) C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files\Serviio\bin\ServiioConsole.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtWLan.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [184320 2007-04-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [SPIRunE] => Rundll32 SPIRunE.dll,RunDLLEntry
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-02-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Directory Opus Desktop Dblclk] => C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe [347792 2012-01-10] (GP Software)
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [3RVX] => C:\Program Files (x86)\3RVX\3RVX.exe [159232 2008-10-13] (matt.malensek.net)
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Dekisoft Monitor Off Utility] => C:\Program Files (x86)\Monitor Off Utility\monoff.exe [430592 2009-08-31] (Dekisoft)
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Rainlendar2] => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2739240 2015-11-13] ()
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Dropbox Update] => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
ShellExecuteHooks: Directory Opus Shell Execute Hook - {3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE} - C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [1356440 2012-01-10] (GP Software)
ShellExecuteHooks-x32: Directory Opus Shell Execute Hook - {EE761688-C137-4b04-8FAB-3C9CDF0886F0} - C:\Program Files\GPSoftware\Directory Opus\dopuslib32.dll [358000 2012-01-10] (GP Software)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Directory Opus (Startup).lnk [2012-02-13]
ShortcutTarget: Directory Opus (Startup).lnk -> C:\Program Files\GPSoftware\Directory Opus\dopus.exe (GP Software)
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-03-19]
ShortcutTarget: Dropbox.lnk -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serviio.lnk [2015-04-09]
ShortcutTarget: Serviio.lnk -> C:\Program Files\Serviio\bin\ServiioConsole.exe ()
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk [2012-02-13]
ShortcutTarget: Yahoo! Widgets.lnk -> C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{D24B0B43-001F-44C2-A1C3-F3FAA135C80B}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ED62443B-E1E2-4206-B3D4-FFFF2D460E09}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-22] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-22] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-21] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Keine Datei
DPF: HKLM-x32 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-11-05] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-11-05] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-11-05] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-11-05] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default
FF Homepage: hxxp://www.spiegel.de/
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function FindProxyForURL(url, host) {if ((host == \"www.abc.net.au\") 

 (host == \"iview.abc.net.au\") 

 (host == \"iviewmetered-vh.akamaihd.net\") 

 (url.indexOf(\"proxmate=au\") != -1) 

 (host == \"livestream.com\") 

 (host == \"www.livestream.com\") 

 (host == \"api.new.livestream.com\") 

 (host == \"player.ooyala.com\") 

 (host == \"xnewsvidhd-vh.akamaihd.net\") 

 (host == \"www.animelab.com\") 

 (host == \"dcgm6i50yfgtk.cloudfront.net\")) { return 'PROXY au-node.proxmate.me:8008' } else if ((url.indexOf(\"proxmate=ca\") != -1) 

 (host == \"ici.tou.tv\") 

 (host == \"toutvuniver1-vh.akamaihd.net\") 

 (host == \"geoip.radio-canada.ca\") 

 (host == \"api.radio-canada.ca\") 

 (host == \"images.tou.tv\") 

 (host == \"player.siriusxm.ca\") 

 (host == \"primary.hls-streaming.production.streaming.siriusxm.ca\") 

 (host == \"now.sportsnet.ca\") 

 (host == \"watch.sportsnet.ca\") 

 (host == \"player.9c9media.com\") 

 (host == \"metrics.ctv.ca\") 

 (host == \"capi.9c9media.com\") 

 (host == \"www.ctv.ca\")) { return 'PROXY ca-node.proxmate.me:8008' } else if ((host == \"arte.tv\") 

 (host == \"www.arte.tv\") 

 (host == \"geoftv-a.akamaihd.net\") 

 (host == \"hdfauthftv-a.akamaihd.net\") 

 (host == \"replayftv-vh.akamaihd.net\") 

 (host == \"geoftv-a.akamaihd.net\") 

 (host == \"hdfauthftv-a.akamaihd.net\") 

 (host == \"replayftv-vh.akamaihd.net\") 

 (host == \"ftvingest-vh.akamaihd.net\") 

 (host == \"live.francetv.fr\") 

 (host == \"d8.tv\") 

 (host == \"www.d8.tv\") 

 (host == \"us-cplus-aka.canal-plus.com\") 

 (host == \"hds_live_d8_aka-lh.akamaihd.net\") 

 (host == \"d17.tv\") 

 (host == \"www.d17.tv\") 

 (host == \"hds_live_d17_aka-lh.akamaihd.net\") 

 (url.indexOf(\"proxmate=fr\") != -1) 

 (host == \"www.6play.fr\") 

 (host == \"geo.6cloud.fr\") 

 (host == \"proxy-021.dc3.dailymotion.com\") 

 (host == \"proxy-67.dailymotion.com\") 

 (host == \"prof.estat.com\") 

 (host == \"metrics.dailymotion.com\") 

 (host == \"www.dailymotion.com\") 

 (host == \"vmap.snappytv.com\")) { return 'PROXY fr-node.proxmate.me:8008' } else if ((host == \"vod-akamai-psd-hds.p7s1digital.de\") 

 (host == \"vas.sim-technik.de\") 

 (url.indexOf(\"proxmate=de\") != -1) 

 (host == \"nightclub.de\") 

 (host == \"zdf.de\") 

 (host == \"www.zdf.de\") 

 (host == \"zdf_hds_de-f.akamaihd.net\") 

 (host == \"api.nowtv.de\") 

 (host == \"delivestream-lh.akamaihd.net\") 

 (host == \"cdnapi.kaltura.com\") 

 (host == \"disneychannel.de\") 

 (host == \"www.southpark.de\")) { return 'PROXY de-node.proxmate.me:8008' } else if ((host == \"www.tg4.ie\") 

 (url.indexOf(\"proxmate=ie\") != -1)) { return 'PROXY ie-node.proxmate.me:8008' } else if ((host == \"rai.tv\") 

 (host == \"www.rai.tv\") 

 (host == \"mediapolis.rai.it\") 

 (host == \"www.rai.it\") 

 (host == \"stream5.rai.it\") 

 (host == \"stream6.rai.it\") 

 (host == \"stream7.rai.it\") 

 (host == \"sspushrai1-s.akamaihd.net\") 

 (host == \"sspushrai2-s.akamaihd.net\") 

 (host == \"sspushraisport2-s.akamaihd.net\") 

 (host == \"sspushrai3-s.akamaihd.net\") 

 (host == \"secondary.adaptiveedge.rai.it\") 

 (host == \"rai-italia01.wt-eu02.net\") 

 (host == \"download.rai.tv\") 

 (host == \"mediapolisvod.rai.it\") 

 (host == \"ww.rai.tv\") 

 (host == \".xuniplay.fdnames.com\") 

 (url.indexOf(\"xuniplay.fdnames.com\") != -1) 

 (host == \"se-to1-8.se.live3.msf.ticdn.it\") 

 (host == \"live.shinystat.com\") 

 (host == \"lic.mediaset.net\") 

 (host == \"cssr.video.mediaset.it\") 

 (url.indexOf(\"proxmate=it\") != -1) 

 (host == \"www.vvvvid.it\")) { return 'PROXY it-node.proxmate.me:8008' } else if ((host == \"telecinco.es\") 

 (host == \"telecinco1-vh.akamaihd.net\") 

 (host == \"www.telecinco.es\") 

 (url.indexOf(\"proxmate=es\") != -1) 

 (host == \"antena3.com\") 

 (host == \"www.antena3.com\") 

 (host == \"geodesprogresiva.antena3.com\") 

 (host == \"rtve.es\") 

 (host == \"www.rtve.es\") 

 (host == \"ztnr.rtve.es\") 

 (host == \"mvodt.lvlt.rtve.es\") 

 (host == \"swf.rtve.es\") 

 (host == \"cuatro.com\") 

 (host == \"www.cuatro.com\") 

 (host == \"cuatro1-vh.akamaihd.net\") 

 (host == \"peliculas-online.atresplayer.com\") 

 (host == \"servicios.atresplayer.com\") 

 (host == \"atresplayer.com\") 

 (host == \"www.atresplayer.com\") 

 (host == \"k.uecdn.es\") 

 (host == \"v.uecdn.es\") 

 (host == \"as.com\") 

 (host == \"ep00.epimg.net\")) { return 'PROXY es-node.proxmate.me:8008' } else if ((host == \"prosieben.ch\") 

 (host == \"www.prosieben.ch\") 

 (host == \"vas.sim-technik.de\") 

 (host == \"s1tv.ch\") 

 (host == \"www.s1tv.ch\") 

 (host == \"zba2-0-hds-live.zahs.tv\") 

 (host == \"embed-zattoo.com\") 

 (host == \"chtv.ch\") 

 (host == \"www.chtv.ch\") 

 (host == \"zba2-1-hds-live.zahs.tv\") 

 (host == \"sat1.ch\") 

 (host == \"www.sat1.ch\") 

 (host == \"rsi.ch\") 

 (host == \"www.rsi.ch\") 

 (host == \"codch-vh.akamaihd.net\") 

 (host == \"il.srgssr.ch\") 

 (host == \"ch.viva.tv\") 

 (host == \"intl.esperanto.mtvi.com\") 

 (url.indexOf(\"proxmate=ch\") != -1) 

 (host == \"zattoo.com\") 

 (host == \"www.srf.ch\") 

 (host == \"srgssruni1ch-lh.akamaihd.net\") 

 (host == \"srgssruni2ch-lh.akamaihd.net\") 

 (host == \"srgssruni3ch-lh.akamaihd.net\") 

 (host == \"www.teleboy.ch\") 

 (host == \"aka-cdn-ns.adtech.de\") 

 (host == \"teleboy.customers.cdn.iptv.ch\")) { return 'PROXY ch-node.proxmate.me:8008' } else if ((host == \"www.bbc.co.uk\") 

 (host == \"open.live.bbc.co.uk\") 

 (host == \"fig.bbc.co.uk\") 

 (host == \"vod-hds-uk-live.edgesuite.net\") 

 (host == \"vod-hds-uk-live.bbcfmt.vo.llnwd.net\") 

 (host == \"www.bbc.co.uk\") 

 (host == \"fig.bbc.co.uk\") 

 (host == \"open.live.bbc.co.uk\") 

 (host == \"vs-hds-uk-live.bbcfmt.vo.llnwd.net\") 

 (host == \"vod-hds-uk-live.edgesuite.net\") 

 (host == \"vs-hds-uk-live.edgesuite.net\") 

 (host == \"vod-hds-uk-live.bbcfmt.vo.llnwd.net\") 

 (host == \"c.brightcove.com\") 

 (host == \"secure.brightcove.com\") 

 (host == \"metrics.brightcove.com\") 

 (host == \"stv-ak.cds1.yospace.com\") 

 (host == \"core.stvfiles.com\") 

 (host == \"player.stv.tv\") 

 (host == \"stv.brightcove.com.edgesuite.net\") 

 (host == \"uk-dev-stv.cdn.videoplaza.tv\") 

 (host == \"mercury.itv.com\") 

 (host == \"www.itv.com\") 

 (host == \"itv.com\") 

 (host == \"llnw.live.btv.simplestream.com\") 

 (host == \"players.simplestream.com\") 

 (host == \"uapi.simplestream.com\") 

 (host == \"channel5.com\") 

 (host == \"wwwcdn.channel5.com\") 

 (host == \"cassie.channel5.com\") 

 (host == \"player.channel5.com\") 

 (host == \"deliver-hls.channel5.com\") 

 (host == \"akahls.channel5.com\") 

 (host == \"llnwhls.channel5.com\") 

 (host == \"milkshake.tv\") 

 (host == \"www.milkshake.tv\") 

 (host == \"trk-euwest.tidaltv.com\") 

 (host == \"mp.adverts.itv.com\") 

 (host == \"req.tidaltv.com\") 

 (host == \"s1.2mdn.net\") 

 (host == \"pes.itv.com\") 

 (host == \"ned.itv.com\") 

 (host == \"itvdotcom.2cnt.net\") 

 (host == \"tom.itv.com\") 

 (host == \"dave.uktv.co.uk\") 

 (host == \"uktvplay.uktv.co.uk\") 

 (host == \"uktvhdse.brightcove.com.edgesuite.net\") 

 (host == \"admin.brightcove.com\") 

 (host == \"really.uktv.co.uk\") 

 (host == \"yesterday.uktv.co.uk\") 

 (host == \"drama.uktv.co.uk\") 

 (host == \"live.tvplayer.com\") 

 (host == \"tvplayer.com\") 

 (host == \"sapi.tvplayer.com\") 

 (host == \"api.tvplayer.com\") 

 (host == \"www.gamefront.com\") 

 (url.indexOf(\"proxmate=uk\") != -1) 

 (host == \"channel4.com\") 

 (host == \"ais.channel4.com\") 

 (host == \"pandr.my.channel4.com\") 

 (host == \"all4nav.channel4.com\") 

 (host == \"4id.channel4.com\")) { return 'PROXY uk-node.proxmate.me:8008' } else if ((host == \"link.theplatform.com\") 

 (host == \"discidevflash-f.akamaihd.net\") 

 (host == \"api.geoip.dp.discovery.com\") 

 (host == \"vidtech.cbsinteractive.com\") 

 (host == \"vidtech.cbsima.com\") 

 (host == \"om.cbsi.com\") 

 (host == \"media.mtvnservices.com\") 

 (host == \"api-manga.crunchyroll.com\") 

 (host == \"crunchyroll.com\") 

 (host == \"www.crunchyroll.com\") 

 (host == \"cdn.wwtv.warnerbros.com\") 

 (host == \"hlsioscwtv.warnerbros.com\") 

 (host == \"media.cwtv.com\") 

 (host == \"servicesaetn-a.akamaihd.net\") 

 (host == \"live.mlssoccer.com\") 

 (host == \"tvewnbc-i.akamaihd.net\") 

 (host == \"tvenbceast-i.akamaihd.net\") 

 (host == \"nbcmpx-vh.akamaihd.net\") 

 (host == \"www.pandora.com\") 

 (host == \"video.pbs.org\") 

 (host == \"ga.video.cdn.pbs.org\") 

 (host == \"urs.pbs.org\") 

 (host == \"play.spotify.com\") 

 (host == \"www.spotify.com\") 

 (host == \"play.spotify.edgekey.net\") 

 (host == \"www.iheart.com\") 

 (host == \"api2.iheart.com\") 

 (host == \"api.iheart.com\") 

 (host == \"iheart.com\") 

 (host == \"nick.mtvnimages.com\") 

 (host == \"sni-vh.akamaihd.net\") 

 (host == \"api.segment.io\") 

 (host == \"www.vevo.com\") 

 (host == \"vevo.com\") 

 (host == \"apiv2.vevo.com\") 

 (host == \"songza.com\") 

 (host == \"new.songza.com\") 

 (host == \"www.daisuki.net\") 

 (host == \"bngn-vh.akamaihd.net\") 

 (host == \"bngnwww.b-ch.com\") 

 (host == \"www.hbogo.com\") 

 (host == \"catalog.lv3.hbogo.com\") 

 (host == \"profile.lv3.hbogo.com\") 

 (host == \"profile.hbogo.com\") 

 (url.indexOf(\".lv3.hbogo.com\") != -1) 

 (host == \"register.hbogo.com\") 

 (host == \"play.hbogo.com\") 

 (host == \"smetrics.hbogo.com\") 

 (url.indexOf(\".lv3.cdn.hbo.com\") != -1) 

 (host == \"comet.api.hbo.com\") 

 (host == \"play.google.com\") 

 (host == \"checkout.google.com\") 

 (host == \"store.google.com\") 

 (host == \"apis.google.com\") 

 (host == \"amc350888def-vh.akamaihd.net\") 

 (host == \"a564avoddashnsus-a.akamaihd.net\") 

 (host == \"atv-ps.amazon.com\") 

 (host == \"www.amazon.com\") 

 (host == \"amazon.com\") 

 (host == \"fls-na.amazon.com\") 

 (host == \"secure.brightcove.com\") 

 (host == \"metrics.brightcove.com\") 

 (host == \"phds-vod.cdn.turner.com\") 

 (host == \"token.vgtf.net\") 

 (host == \"www.ondemandkorea.com\") 

 (host == \"www.fxnetworks.com\") 

 (host == \"fxvcms-f.akamaihd.net\") 

 (host == \"tvetelemundo-vh.akamaihd.net\") 

 (host == \"feed.theplatform.com\") 

 (host == \"fsvideohds-vh.akamaihd.net\") 

 (host == \"watchable.com\") 

 (host == \"cilhlsvod-f.akamaihd.net\") 

 (host == \"oxygenvod-vh.akamaihd.net\") 

 (host == \"tvesyfy-vh.akamaihd.net\") 

 (host == \"www.smithsonianchannel.com\") 

 (host == \"metrics.brightcove.com\") 

 (host == \"c.brightcove.com\") 

 (host == \"brightcove01.brightcove.com\") 

 (host == \"edge.api.brightcove.com\") 

 (host == \"www.eonline.com\") 

 (host == \"link.theplatform.com\") 

 (host == \"api.listenlive.co\") 

 (host == \"playerservices.streamtheworld.com\") 

 (host == \"player.listenlive.co\") 

 (url.indexOf(\"live.streamtheworld.com\") != -1) 

 (host == \"www.cartoonnetwork.com\") 

 (host == \"www.viki.com\") 

 (host == \"\\\"www.viki.com\") 

 (host == \"www.origin.com\") 

 (host == \"ht.cdn.turner.com\") 

 (host == \"aolvideoshd-vh.akamaihd.net\") 

 (host == \"syn.5min.com\") 

 (host == \"stvideos.5min.com\") 

 (host == \"www.showtime.com\") 

 (host == \"secure.showtime.com\") 

 (url.indexOf(\".vgtf.net\") != -1) 

 (host == \"phds-live.cdn.turner.com\")) { return 'PROXY us-node.proxmate.me:8008' } else if ((host == \"livestreams.omroep.nl\") 

 (host == \".npostreaming.nl\") 

 (host == \"ida.omroep.nl\") 

 (host == \"npoplayer.omroep.nl\") 

 (host == \"www.zapp.nl\") 

 (host == \"tellerapi.omroep.nl\") 

 (host == \"e.omroep.nl\") 

 (url.indexOf(\"proxmate=nl\") != -1)) { return 'PROXY nl-node.proxmate.me:8008' } else if ((host == \"tvthek.orf.at\") 

 (host == \"apasfiisl.apa.at\") 

 (host == \"orf.oewabox.at\") 

 (host == \"atvplus.oewabox.at\") 

 (host == \"cdn.atv.at\") 

 (url.indexOf(\"proxmate=at\") != -1) 

 (host == \"hdsvodsportsman-vh.akamaihd.net\") 

 (host == \"streamaccess.unas.tv\") 

 (host == \"www.laola1.tv\") 

 (host == \"www.livestation.com\") 

 (host == \"livestation.com\") 

 (url.indexOf(\".emigrantas.tv\") != -1)) { return 'PROXY at-node.proxmate.me:8008' } else if ((host == \"netflix.com\") 

 (host == \"www.netflix.com\") 

 (host == \"cbp-us.nccp.netflix.com\") 

 (host == \"secure.netflix.com\") 

 (host == \"api-global.netflix.com\") 

 (host == \"ichnaea.netflix.com\") 

 (host == \"customerevents.netflix.com\") 

 (host == \"s.thebrighttag.com\") 

 (url.indexOf(\"proxmate=us\") != -1) 

 (url.indexOf(\"proxmate=us\") != -1)) { return 'PROXY usnet-node.proxmate.me:8008' } else if ((host == \"s.hulu.com\") 

 (host == \"www.funimation.com\") 

 (host == \"wpc.8c48.edgecastcdn.net\") 

 (host == \"southpark.cc.com\") 

 (host == \"api.utils.watchabc.go.com\") 

 (host == \"www.dramafever.com\") 

 (host == \"www.logotv.com\") 

 (host == \"media.mtvnservices.com\") 

 (host == \"api.watchabc.go.com\") 

 (host == \"theanimenetwork.com\") 

 (host == \"huluim.com\") 

 (host == \"www.hulu.com\") 

 (host == \"t2.hulu.com\") 

 (host == \"urlcheck.hulu.com\") 

 (host == \"t.hulu.com\") 

 (host == \"s.hulu.com\") 

 (host == \"play.hulu.com\") 

 (host == \"t2.huluim.com\")) { return 'PROXY ush-node.proxmate.me:8008' } else if ((host == \"player.ooyala.com\") 

 (host == \"l.ooyala.com\")) { return 'PROXY auv-node.proxmate.me:8008' } else if ((host == \"web-api-us.crackle.com\") 

 (host == \"legacyweb-us.crackle.com\")) { return 'PROXY us2-node.proxmate.me:8000' } else if ((host == \"counter.yadro.ru\") 

 (host == \"turbik.tv\") 

 (host == \"player.rutv.ru\") 

 (host == \"api.rutv.ru\") 

 (host == \"cdnng.v.rtr-vesti.ru\") 

 (host == \"player.vgtrk.com\") 

 (url.indexOf(\"proxmate=ru\") != -1) 

 (host == \"stream.1tv.ru\") 

 (host == \"mobdrm.1tv.ru\")) { return 'PROXY ru-node.proxmate.me:8008' } else if ((host == \"security.video.globo.com\") 

 (host == \"api.globovideos.com\") 

 (host == \"s.videos.globo.com\") 

 (host == \"gshow.globo.com\") 

 (host == \"voddownload02.video.globo.com\") 

 (host == \"secure.nuuvem.com\")) { return 'PROXY br-node.proxmate.me:8008' } else { return 'DIRECT'; }}"
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-18] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-22] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-21] (Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll [2007-03-10] (Yahoo! Inc.)
FF Plugin HKU\S-1-5-21-1061047688-2763755289-2242981598-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Robert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-25] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\user.js [2016-03-04]
FF Extension: SmoothWheel (mozdev.org) - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi [2015-05-30]
FF Extension: Soundcloud SUPER +2: Downloader and Recommender - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\extensions\{988da70d-b78d-44a1-a9c7-ed11832a9e2e}.xpi [2015-05-30]
FF Extension: Thunderbird Biff - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\extensions\{aee74dd0-6dc9-11db-9fe1-0800200c9a66}.xpi [2015-05-30]
FF Extension: Tab Mix Plus - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-03-07]
FF Extension: WEB.DE MailCheck - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\extensions\mailcheck@web.de [2016-03-16]
FF Extension: Avira Browser Safety - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\abs@avira.com [2016-03-16]
FF Extension: Glaze Black - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\glaze_black@www.theme-oasis.org.xpi [2012-02-13] [ist nicht signiert]
FF Extension: Hotspot Shield Free VPN Proxy – Unblock Sites - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\hotspot-shield@anchorfree.com.xpi [2016-01-27] [ist nicht signiert]
FF Extension: QuickTime Addon Plus - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{46e25d74-0fa9-4e53-8bbe-7b0436aee36e}.xpi [2016-03-14] [ist nicht signiert]
FF Extension: Download Status Bar - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2016-03-12]
FF Extension: NoScript - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-03-23]
FF Extension: Video DownloadHelper - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
FF Extension: Adblock Plus - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF Extension: HD Manager - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{da6af166-be55-40e3-8656-d4896859809f}.xpi [2015-12-19] [ist nicht signiert]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1212048 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-02-13] (Creative Labs) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-30] (Logitech, Inc.)
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [197824 2014-02-21] (Microsoft Corporation)
R2 RealtekSE; C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtlService.exe [36864 2010-04-16] (Realtek) [Datei ist nicht signiert]
R2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [327680 2015-03-21] () [Datei ist nicht signiert]
S4 SQLAgent$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [454848 2014-02-21] (Microsoft Corporation)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [133168 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69888 2016-03-10] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-18] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-01 20:26 - 2016-04-01 20:26 - 00035457 _____ C:\Users\Robert\Desktop\FRST.txt
2016-04-01 20:12 - 2016-04-01 20:26 - 00000000 ____D C:\FRST
2016-04-01 20:11 - 2016-04-01 20:11 - 02374144 _____ (Farbar) C:\Users\Robert\Desktop\FRST64.exe
2016-03-31 22:32 - 2016-03-31 22:34 - 21595095 _____ C:\Users\Robert\Downloads\Audiovision Magazin April No 04 2016.pdf
2016-03-31 22:29 - 2016-03-31 22:30 - 19255143 _____ C:\Users\Robert\Downloads\mavisau0316.pdf
2016-03-29 15:06 - 2016-03-24 09:56 - 41532491 _____ C:\Users\Robert\Downloads\Digital Tested - April Mai 2016.pdf
2016-03-26 23:56 - 2016-03-26 23:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-03-24 19:04 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-03-24 19:04 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-03-24 19:04 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-03-24 19:04 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-03-24 19:04 - 2016-02-01 21:08 - 00114624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-03-24 19:04 - 2016-02-01 20:59 - 03243008 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-03-24 19:04 - 2016-02-01 20:59 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-03-24 19:04 - 2016-02-01 20:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-03-24 19:04 - 2016-02-01 20:56 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-24 19:04 - 2016-02-01 20:56 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-03-24 19:04 - 2016-02-01 20:49 - 02364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-03-24 19:04 - 2016-02-01 20:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-03-24 19:04 - 2016-02-01 20:49 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-03-24 19:04 - 2016-02-01 20:45 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-24 19:04 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-03-24 19:04 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-03-19 17:16 - 2016-03-19 17:16 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-14 22:41 - 2016-02-11 20:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-14 22:41 - 2016-02-11 20:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-14 22:41 - 2016-02-11 20:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-14 22:41 - 2016-02-11 20:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-14 22:41 - 2016-02-11 20:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-14 22:41 - 2016-02-11 20:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-14 22:41 - 2016-02-11 20:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-14 22:41 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-14 22:41 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-14 22:41 - 2016-02-11 20:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-14 22:41 - 2016-02-11 20:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-14 22:41 - 2016-02-11 20:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-14 22:41 - 2016-02-11 20:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-14 22:41 - 2016-02-11 20:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-14 22:41 - 2016-02-11 20:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-14 22:41 - 2016-02-11 20:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-14 22:41 - 2016-02-11 20:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-14 22:41 - 2016-02-11 20:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-14 22:41 - 2016-02-11 20:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-14 22:41 - 2016-02-11 19:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-14 22:41 - 2016-02-11 19:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-14 22:41 - 2016-02-11 19:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-14 22:41 - 2016-02-11 19:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-14 22:41 - 2016-02-11 19:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-14 22:41 - 2016-02-11 19:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-14 22:41 - 2016-02-11 19:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-14 22:41 - 2016-02-11 19:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-14 22:41 - 2016-02-11 19:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-14 22:41 - 2016-02-09 11:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-14 22:41 - 2016-02-05 20:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-14 22:41 - 2016-02-05 20:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-14 22:41 - 2016-02-05 20:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-14 22:41 - 2016-02-05 20:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-14 22:41 - 2016-02-05 20:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-14 22:41 - 2016-02-05 20:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-14 22:41 - 2016-02-05 20:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-14 22:41 - 2016-02-05 19:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-14 22:41 - 2016-02-05 19:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-14 22:41 - 2016-02-05 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-14 22:41 - 2016-02-05 03:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-14 22:41 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-14 22:41 - 2016-02-04 19:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-14 22:41 - 2016-02-03 20:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-14 22:41 - 2016-02-03 20:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-14 22:41 - 2016-02-03 20:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-14 22:41 - 2016-02-03 20:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-14 22:41 - 2016-02-03 20:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-14 22:40 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-14 22:40 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-14 22:40 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-14 22:40 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-14 22:40 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-14 22:40 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-14 22:40 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-14 22:40 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-14 22:40 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-14 22:40 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-06 18:11 - 2016-02-19 21:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-06 18:11 - 2016-02-19 20:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-06 18:11 - 2016-02-19 16:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-06 18:11 - 2016-02-12 20:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-06 18:11 - 2016-02-12 20:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-06 18:11 - 2016-02-12 20:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-06 18:11 - 2016-02-12 20:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-06 18:11 - 2016-02-12 20:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-06 18:11 - 2016-02-12 20:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-06 18:11 - 2016-02-12 20:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-06 18:11 - 2016-02-12 20:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-06 18:11 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-06 18:11 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-06 18:11 - 2016-02-12 20:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-06 18:11 - 2016-02-12 20:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-06 18:11 - 2016-02-12 20:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-06 18:11 - 2016-02-12 20:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-06 18:11 - 2016-02-12 20:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-06 18:11 - 2016-02-12 20:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-06 18:11 - 2016-02-11 16:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-06 18:11 - 2016-02-05 16:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-06 18:11 - 2016-02-05 16:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-06 18:11 - 2016-02-05 16:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-01 20:15 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-01 20:15 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-01 19:49 - 2015-06-18 14:55 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000UA.job
2016-04-01 18:25 - 2014-08-23 09:54 - 00000000 ____D C:\Users\Robert\Desktop\VT
2016-04-01 17:20 - 2014-12-06 17:31 - 00000000 ___RD C:\Users\Robert\Dropbox
2016-04-01 17:20 - 2014-12-06 17:29 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Dropbox
2016-04-01 17:20 - 2014-06-08 09:41 - 00000000 ____D C:\Users\Robert\.rainlendar2
2016-04-01 17:09 - 2011-04-12 09:43 - 00822878 _____ C:\Windows\system32\perfh007.dat
2016-04-01 17:09 - 2011-04-12 09:43 - 00202558 _____ C:\Windows\system32\perfc007.dat
2016-04-01 17:09 - 2009-07-14 07:13 - 01941858 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-01 17:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-04-01 17:04 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-31 23:49 - 2015-06-18 14:55 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000Core.job
2016-03-31 22:59 - 2012-02-13 16:40 - 00000000 ____D C:\Users\Robert\AppData\Roaming\foobar2000
2016-03-27 08:52 - 2012-04-24 18:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-24 23:41 - 2015-10-27 20:03 - 00000000 ____D C:\Users\Robert\Documents\Visual Studio 2013
2016-03-24 21:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-03-24 19:05 - 2015-04-05 22:10 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-24 19:05 - 2015-04-05 22:10 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-14 22:47 - 2009-07-14 06:45 - 00344712 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-14 22:44 - 2013-07-11 17:13 - 00000000 ____D C:\Windows\system32\MRT
2016-03-14 22:41 - 2012-02-13 13:14 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-10 20:50 - 2013-08-05 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-03-10 20:49 - 2013-08-05 22:35 - 00154816 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-03-10 20:49 - 2013-08-05 22:35 - 00133168 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-03-10 20:49 - 2013-08-05 22:35 - 00069888 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2016-03-08 22:40 - 2015-11-12 19:04 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-06 18:11 - 2015-04-15 09:16 - 00000000 ____D C:\Windows\system32\appraiser

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-09-26 12:49 - 2012-05-15 10:33 - 1456640 _____ () C:\Program Files (x86)\Common Files\Falk Navi-Manager classic.msi
2012-03-01 22:47 - 2012-03-28 10:14 - 1456640 _____ () C:\Program Files (x86)\Common Files\Falk Navi-Manager.msi
2012-05-19 12:33 - 2014-11-17 22:05 - 0012800 _____ () C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-02-13 21:36 - 2012-02-13 21:36 - 0000017 _____ () C:\Users\Robert\AppData\Local\resmon.resmoncfg

Einige Dateien in TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\avgnt.exe
C:\Users\Robert\AppData\Local\Temp\atcMedia9881446679000.exe
C:\Users\Robert\AppData\Local\Temp\avgnt.exe
C:\Users\Robert\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuygic8.dll
C:\Users\Robert\AppData\Local\Temp\GUR4375.exe
C:\Users\Robert\AppData\Local\Temp\GURCB03.exe
C:\Users\Robert\AppData\Local\Temp\i4jdel0.exe
C:\Users\Robert\AppData\Local\Temp\Quarantine.exe
C:\Users\Robert\AppData\Local\Temp\vlc-2.1.5-win32.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-03-29 10:49

==================== Ende von FRST.txt ============================
         
__________________

Alt 02.04.2016, 00:04   #4
Fritz83
 
Wörter im Internet werden zu Links - Standard

Wörter im Internet werden zu Links



Addition.txt:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Robert (2016-04-01 20:26:22)
Gestartet von C:\Users\Robert\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-02-13 09:27:55)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1061047688-2763755289-2242981598-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-1061047688-2763755289-2242981598-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1061047688-2763755289-2242981598-1002 - Limited - Enabled)
Robert (S-1-5-21-1061047688-2763755289-2242981598-1000 - Administrator - Enabled) => C:\Users\Robert

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

3RVX (HKLM-x32\...\{66BB5D8F-D9BD-4799-A9FA-5731B3B7839A}) (Version: 2.5 - matt.malensek.net)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Ashampoo Burning Studio Elements 10.0.9 (HKLM-x32\...\Ashampoo Burning Studio Elements_is1) (Version: 3.1.1 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
ATI AVIVO64 Codecs (Version: 11.6.0.10209 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{24732103-FE2A-D954-AFCC-7824D77B7CC6}) (Version: 3.0.816.0 - ATI Technologies, Inc.)
ATI Problem Report Wizard (Version: 3.0.816.0 - ATI Technologies) Hidden
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.1347 - DsNET Corp)
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Hidden
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Build Tools - amd64 (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - )
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version:  - Creative Technology Limited)
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version:  - )
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )
Dropbox (HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Druckerdeinstallation für EPSON SX525WD Series (HKLM\...\EPSON SX525WD Series) (Version:  - SEIKO EPSON Corporation)
Edimax Wireless LAN Driver and Utility (HKLM-x32\...\{556BEFE2-30FF-4113-98F4-01234396DF2B}) (Version: 1.00.0184 - Edimax Technology Co.)
Entity Framework 6.1.3 Tools  for Visual Studio 2013 (HKLM-x32\...\{D5170452-84D1-4725-AD9C-F9ECFD0A9E9F}) (Version: 12.0.40302.0 - Microsoft Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX525WD Series Handbuch (HKLM-x32\...\EPSON SX525WD Series Manual) (Version:  - )
EPSON SX525WD Series Netzwerk-Handbuch (HKLM-x32\...\EPSON SX525WD Series Network Guide) (Version:  - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3a - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Falk Navi-Manager (HKLM-x32\...\{3222B0CE-59C5-4CA0-B545-2B88F200756B}) (Version: 2.10.0 - United Navigation GmbH)
Falk Navi-Manager (x32 Version: 2.8.0 - Falk Navigation GmbH) Hidden
Falk Navi-Manager classic (HKLM-x32\...\{4A9135AC-592E-4767-B029-ADCAC182CCFA}) (Version: 2.11.0 - United Navigation GmbH)
Falk Navi-Manager classic (x32 Version: 2.11.0 - United Navigation GmbH) Hidden
foobar2000 v1.1.11 (HKLM-x32\...\foobar2000) (Version: 1.1.11 - Peter Pawlowski)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2013 Sprachpaket (DEU) - v1.4 (x32 Version: 1.4.30416.1601 - Microsoft Corporation) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.05) (Version: 9.05 - Artifex Software Inc.)
GPSoftware Directory Opus (HKLM-x32\...\{5D4F167D-CCC8-413E-A6EE-F2FABBBBF50D}) (Version: 10.0.3.0 - GPSoftware)
Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 1.00 - Creative Technology Limited)
HydraVision (x32 Version: 4.2.188.0 - ATI Technologies Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
JabRef 2.7.2 (HKLM-x32\...\JabRef 2.7.2) (Version: 2.7.2 - JabRef Team)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Logitech Solar App 1.10 (HKLM\...\SolarApp) (Version: 1.10.3 - Logitech)
LyX 2.0.2-1 (HKLM-x32\...\LyX20) (Version: 2.0.2-1 - LyX Team)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{7D1C6D7B-8E3F-4724-94C8-AA7EB7F60AE0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014-Setup (Deutsch) (HKLM-x32\...\{DFEF8D74-5C1A-4437-9067-190F33AF2252}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.41012.0) (HKLM-x32\...\{79AB8378-D661-4021-9941-FE5F4AEB57BB}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A282A232-780C-45E2-A5E5-9B61D74DCC6E}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server*2014 (HKLM-x32\...\Microsoft SQL Server SQLServer2014) (Version:  - Microsoft Corporation)
Microsoft SQL Server*2014 Express LocalDB  (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU mit Update 5 (HKLM-x32\...\{6502e1ac-767b-4caf-b03d-5ee3c638c46d}) (Version: 12.0.40629.0 - Microsoft Corporation)
Microsoft VSS Writer für SQL Server 2014 (HKLM\...\{D390AADD-C825-4B31-8C79-83A9461D5524}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{9408684F-E1CC-4D2E-AE15-886023557682}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{B9A7B46F-0120-406B-9A12-3AD1DCC94D97}) (Version: 12.0.2000.8 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Monitor Off Utility 1.0 (HKLM-x32\...\{10F0131F-1CA2-4433-8473-7C890C769581}_is1) (Version:  - Dekisoft)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Mozilla Thunderbird 38.7.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.7.1 (x86 de)) (Version: 38.7.1 - Mozilla)
Mp3tag v2.59a (HKLM-x32\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
PowerShellIntegration.Notifications (x32 Version: 2.6.0.0 - Microsoft Corporation) Hidden
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6402 - Realtek Semiconductor Corp.)
Serviio (HKLM\...\Serviio) (Version:  - )
SopCast 3.4.8 (HKLM-x32\...\SopCast) (Version: 3.4.8 - www.sopcast.com)
Sound Blaster X-Fi (HKLM-x32\...\{0C9D0200-FA32-44B7-BBB3-7C03F700C4A0}) (Version: 1.0 - )
SQL Server 2014 Common Files (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server-Browser für SQL Server 2014 (HKLM-x32\...\{B7312B95-77C6-497E-A63F-596A77B20F31}) (Version: 12.0.2000.8 - Microsoft Corporation)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.38846 - TeamViewer)
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Unity Web Player (HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM-x32\...\{2A231800-A7CF-4223-B8A3-1FD9057BAE96}) (Version: 10.3.5500.0 - Microsoft Corporation)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Vista Shortcut Manager x64 (HKLM\...\{C7311329-C491-427B-8880-133E84869B3A}) (Version: 2.0 - Frameworkx)
Visual Studio 2013 Update 5 (KB2829760) (HKLM-x32\...\{17551f85-1d1c-4142-a83f-bbd18a3522c2}) (Version: 12.0.40629 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VS Update core components (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 4.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
WISO steuer:Start 2016 (HKLM-x32\...\{6235C2AC-6365-46BC-8F39-366621479FAB}) (Version: 23.00.1146 - Buhl Data Service GmbH)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Yahoo! Install Manager (HKLM-x32\...\YInstHelper) (Version:  - )
Yahoo! Widgets (HKLM-x32\...\Yahoo! Widget Engine) (Version: 4.5.2.0 - Yahoo! Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{095555F2-7F32-44F7-A59A-5F91B6FC6BA7}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{0B2E8C4B-AFAD-4B21-AEB0-4AB36FA50719}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{174EDE05-B71E-410C-AADE-22C2DA8B0F35}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{20715B03-94A4-422C-AF38-4EF9F4052219}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{528BD565-4549-4149-AAA2-43E927203DB7}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{5B90553F-5202-47C6-A608-94DE1CB632ED}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{65BC4C98-7F65-40A9-8BE4-8B05F50EA118}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{69617E00-4C15-4EAC-AC0A-4670168D8C6F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{6B88424B-D65E-455E-A719-553BE18AF06A}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{A240B964-0E23-4BC1-888D-39BAC4781793}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{AA1931BC-2F97-421C-9681-5C4181141EEE}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{B707C2AF-83F0-4F14-B58D-A9179B87F37A}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{BF67C7D6-666F-4EA4-B7CD-7205AF445657}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{D4DCF277-789A-4DA8-B3D8-62B6AB9265C6}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{DAA61697-3931-49E6-9041-F6CE2CAE9707}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{E116A2FE-2C4D-4804-8D90-E6F9C326AB77}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{E4BCAE1F-E7DF-42FF-9390-2DD9B08AD487}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{E5DAAAA8-117D-4408-83E8-20CEAEFEAF77}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{EEADDEE5-8B1E-4490-9EC6-D95D015FF0AA}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2E900E61-B18A-4821-BAE8-F58F8DF8F83B} - System32\Tasks\RunAsStdUser Task => C:\Program Files\GPSoftware\Directory Opus\dopus.exe [2012-01-10] (GP Software)
Task: {41FFCAEE-2287-4B65-B2B9-08D769F9925A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {527B7DC0-14D2-4C80-9ED6-C694D88B3F02} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000UA => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {63EBCA04-5BCC-4AA3-AA99-D6A05CE9A7F9} - System32\Tasks\{F707FCD1-161C-47D8-9188-370CC55260C3} => pcalua.exe -a C:\Users\Robert\Downloads\irfanview_plugins_433_setup.exe -d C:\Users\Robert\Downloads
Task: {65E7FD65-33CD-428B-A303-092DA6F6E61E} - System32\Tasks\{DE29D441-8030-44E6-A4C9-DDFC73CB2180} => pcalua.exe -a C:\Users\Robert\Downloads\DarkOne301build20110302.exe -d C:\Users\Robert\Downloads
Task: {821C62C0-446C-4849-AC6D-4777BD464F28} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000Core => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {AC2EAA5A-6179-424A-A97A-B07C0288C316} - System32\Tasks\{A93EF223-6769-4FF7-B1EF-8B14E0672D6D} => pcalua.exe -a C:\Users\Robert\Downloads\darkone_v3_0_1_by_tedgo-d33pj8h\DarkOne301build20110302.exe -d C:\Users\Robert\Downloads\darkone_v3_0_1_by_tedgo-d33pj8h

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000Core.job => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000UA.job => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-03-21 10:54 - 2015-03-21 10:54 - 00327680 _____ () C:\Program Files\Serviio\bin\ServiioService.exe
2012-02-13 13:52 - 2012-01-09 20:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2011-10-07 11:39 - 2011-10-07 11:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2015-05-13 18:36 - 2015-05-13 18:36 - 00178688 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\WaveLibMixer\41cd1da537156b6e85b5aa94831ccfa9\WaveLibMixer.ni.dll
2014-09-11 17:24 - 2014-09-11 17:24 - 00108032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\CoreAudioApi\7fd494c22406deed2dfcc8e29c82cb65\CoreAudioApi.ni.dll
2015-11-13 13:57 - 2015-11-13 13:57 - 02739240 _____ () C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
2015-03-21 10:54 - 2015-03-21 10:54 - 00368640 _____ () C:\Program Files\Serviio\bin\ServiioConsole.exe
2011-02-09 22:53 - 2011-02-09 22:53 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-08-14 08:31 - 2015-08-14 08:31 - 00252928 _____ () C:\Program Files (x86)\Rainlendar2\libical.dll
2015-08-14 08:31 - 2015-08-14 08:31 - 00051200 _____ () C:\Program Files (x86)\Rainlendar2\libicalss.dll
2014-05-04 12:48 - 2014-05-04 12:48 - 00197632 _____ () C:\Program Files (x86)\Rainlendar2\lua52.dll
2015-11-13 13:57 - 2015-11-13 13:57 - 00068136 _____ () C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll
2014-05-04 12:49 - 2014-05-04 12:49 - 00027648 _____ () C:\Program Files (x86)\Rainlendar2\lfs.dll
2012-02-13 11:58 - 2009-02-06 19:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2012-02-13 11:58 - 2009-03-26 15:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2009-08-26 06:29 - 2009-08-26 06:29 - 00150016 _____ () C:\Windows\SysWOW64\OemSpiE.dll
2015-12-14 20:49 - 2016-02-23 20:19 - 00034768 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-03-19 17:16 - 2016-02-23 20:20 - 00019408 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-03-19 17:16 - 2016-02-23 20:19 - 00116688 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-14 20:49 - 2016-02-23 20:19 - 00093640 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-14 20:49 - 2016-02-23 20:19 - 00018376 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-14 20:49 - 2016-03-12 02:18 - 00019760 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00105928 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-03-19 17:16 - 2016-02-23 20:19 - 00392144 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-14 20:49 - 2016-03-12 02:18 - 00381752 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-14 20:49 - 2016-02-23 20:19 - 00692688 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00020816 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-14 20:49 - 2016-02-23 20:20 - 00112592 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 01682760 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00020808 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-14 20:49 - 2016-03-12 02:18 - 00020800 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-14 20:49 - 2016-03-12 02:18 - 00021840 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00038696 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-03-19 17:16 - 2016-02-23 20:21 - 00020936 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00024528 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00114640 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00124880 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00021832 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00024016 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00175560 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00030160 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00043472 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00028616 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00048592 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00026456 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00057808 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00024016 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00117056 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00024392 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-03-19 17:16 - 2016-02-23 20:21 - 00036296 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-14 20:49 - 2016-03-12 02:18 - 00023376 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-14 20:49 - 2016-02-23 20:19 - 00134608 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-03-19 17:16 - 2016-02-23 20:19 - 00134088 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-03-19 17:16 - 2016-02-23 20:20 - 00240584 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00052024 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00020800 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00021824 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00019776 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00020800 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00020280 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00350152 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00022352 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00084792 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-03-19 17:16 - 2016-03-12 02:18 - 01826096 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-14 20:49 - 2016-02-23 20:20 - 00083912 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\sip.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 03928880 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 01971504 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00531248 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00132912 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00223544 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00207672 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00158008 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00042808 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-03-19 17:16 - 2016-02-23 20:23 - 00017864 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-03-19 17:16 - 2016-02-23 20:23 - 01631184 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-12-14 20:49 - 2016-03-12 02:18 - 00024904 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00546096 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00357680 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 23:45 - 2016-02-23 20:25 - 00697304 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2008-01-09 00:50 - 2008-01-09 00:50 - 00349147 _____ () C:\Program Files (x86)\Yahoo!\Widgets\sqlite3.dll
2008-03-19 02:21 - 2008-03-19 02:21 - 00512000 _____ () C:\Program Files (x86)\Yahoo!\Widgets\js32.dll
2008-03-19 02:21 - 2008-03-19 02:21 - 00094208 _____ () C:\Program Files (x86)\Yahoo!\Widgets\jsd.dll
2012-02-13 11:48 - 2009-12-09 22:20 - 00126976 _____ () C:\Program Files (x86)\Edimax\PCIe Wireless LAN\EnumDevLib.dll
2016-03-26 23:56 - 2016-03-26 23:56 - 00153032 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2016-03-26 23:56 - 2016-03-26 23:56 - 00022472 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2015-05-28 22:51 - 2015-05-28 22:51 - 00008704 _____ () C:\Users\Robert\AppData\Roaming\Thunderbird\Profiles\srisme7d.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll
2016-02-18 10:10 - 2016-02-18 10:10 - 17891008 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2014-05-16 16:43 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Nero MediaHome 4 => "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{2AE12F74-1D52-45B7-A287-D87269E10D13}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtWLan.exe
FirewallRules: [{5E8E39E4-4198-49C1-A88A-CF65DB2C6DD2}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtWLan.exe
FirewallRules: [{351A706A-524F-4CD7-8ADA-52E4D7846866}] => (Allow) LPort=1542
FirewallRules: [{40213A88-5FFA-41C1-8A17-123AE71B5A3E}] => (Allow) LPort=1542
FirewallRules: [{D129EB02-C30B-4D81-9506-6612A613E868}] => (Allow) LPort=53
FirewallRules: [{B9F7D531-C940-45CC-84DC-048C3C40AFFB}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RTLDHCP.exe
FirewallRules: [{E9CA85F9-B5C7-4F1D-A9A3-0B678194D95C}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RTLDHCP.exe
FirewallRules: [{016DEB10-2705-4C56-ADDF-9A515E9A5B1C}] => (Allow) LPort=67
FirewallRules: [{0B238EF6-7BC3-4D7E-8D8D-5427A40972DE}] => (Allow) LPort=68
FirewallRules: [{4055C5BC-F84C-4316-B298-4F043C57CA58}] => (Allow) LPort=53
FirewallRules: [{B4CBD794-D1C4-446D-83B0-C0F335A464D3}] => (Allow) LPort=53
FirewallRules: [{8479584B-D878-4D47-A8C0-8769E63058BE}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
FirewallRules: [{646807DC-5BB2-4497-B14E-576E499BD82B}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
FirewallRules: [TCP Query User{48C7DD5D-0C99-4AC8-9816-D85869C1CFFB}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{DA1D7715-F811-4B21-8FA4-309584B6E388}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [TCP Query User{3C743D18-DD3E-42A6-8EDA-A3B1224B0A74}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{CFF513EB-DC04-47F8-8233-74BBE6E5443E}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{3DDB80E0-6799-4261-B1FB-01A57C73F98B}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [UDP Query User{418E2F3B-4FCB-46D6-B5C6-E4BD3E680C1E}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [TCP Query User{6329BEC6-E7F4-48F1-B480-553F6A207471}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1E8DCE38-707B-4261-A350-469F17D68659}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{60017BA2-93A8-441D-9C29-62054CCA76EA}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe] => (Allow) C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe
FirewallRules: [UDP Query User{ECA632B0-625E-47AD-B9BE-165281FA9244}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe] => (Allow) C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe
FirewallRules: [TCP Query User{FAE5B579-E8E7-48AA-A5D5-783B3F4CFF79}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [UDP Query User{E7A4CC03-A819-42AA-A250-1F9F342ECCE2}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [TCP Query User{438FB0A1-B440-4C43-949B-B8D12180099D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{BB2396C1-0A01-496C-8C7E-43F4E40F1F2D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{3C0A383C-2ACE-4CFF-886E-4CD7B7F5CD09}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{C29755D3-ECB7-467D-AB98-25983FE603FC}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{95C19226-8416-4893-874C-E693E87459F2}C:\program files (x86)\sopcast\sopcast.exe] => (Block) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{CB36AE15-AA08-4B52-AB72-7E9604A16CE4}C:\program files (x86)\sopcast\sopcast.exe] => (Block) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [TCP Query User{452F99B9-D52A-4DAA-B5CE-E5C7631B174C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1C0164AC-A5E6-4AEB-88AC-C34B998245BF}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{FFD5A33B-5E44-49A8-9B45-ACB601B60805}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{D78F66A4-9612-45A7-BC91-4357759C3789}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{B50C071C-3AE1-4639-9B36-92DF8C16637A}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{4B15FF37-1016-4812-87A7-6B89FD1DA9BF}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{CE012EBF-CF6A-4C0A-BCA6-181E4FA5902A}C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe] => (Allow) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [UDP Query User{8164AFF0-943E-48ED-A757-7AAE4E3ECA4F}C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe] => (Allow) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [{8950CB1A-758E-4DA5-B35B-EAEDF2247726}] => (Block) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [{7720CB72-EE19-43B5-8356-0CC9D1CA82DE}] => (Block) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [{F0BF9464-0628-4330-806E-FC4F08323201}] => (Allow) C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4C1E9A42-2660-4E78-8CC4-696A2515AC79}] => (Allow) C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{0DC97CBC-9814-4E9F-8F3F-450B3CC49698}C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{8640AB99-1027-48E8-B35F-E177067BE650}C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{ECE08A8E-1793-4699-853E-4C69A2E9D10A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DD41B7AE-D30A-49C4-9586-044EE4BDD78D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D4262EAF-DA95-4775-9536-161F74638D82}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{FB373347-5FAF-487E-ABEF-6F7B3A1E6F1F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{625D6BF2-0A82-40C6-A5F7-FF1CD9E628FD}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{A67ADCA2-B694-4E26-9E61-883BAD6A50CA}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{0D9D282C-F1B1-45DA-923D-71F8087E970C}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{BE89447A-9315-47C8-BA7E-57BAD0143DEE}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{4C90BDE5-977E-4C90-8203-FA2C9F0213BA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{FC498BF9-CCDB-4519-A40C-839BB3A2BBD8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{661B2E37-25FF-49AE-90FF-1943CB7CB447}C:\program files\serviio\jre\bin\javaw.exe] => (Allow) C:\program files\serviio\jre\bin\javaw.exe
FirewallRules: [UDP Query User{8CC17E03-2F70-49C3-A054-7336A7B1BD21}C:\program files\serviio\jre\bin\javaw.exe] => (Allow) C:\program files\serviio\jre\bin\javaw.exe
FirewallRules: [{4C527AF1-16A5-4821-8268-DBE283B0AB40}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe
FirewallRules: [{8BA7452F-DAB2-407C-9350-77FAF9D1B050}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe
FirewallRules: [{48FD7F1A-B2EB-4EB4-A603-4FB3B3CAB48E}] => (Allow) C:\Program Files\Serviio\bin\ServiioConsole.exe
FirewallRules: [{E5963B3D-D190-4A83-BAE7-15E0E18DD80B}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\WDExpress.exe
FirewallRules: [{B3C099C3-12BA-4DDE-9979-508FDAD116D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E38B4B12-C687-46EF-90CE-B32EFC133E97}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Wiederherstellungspunkte =========================

22-03-2016 13:11:53 Geplanter Prüfpunkt
24-03-2016 19:05:02 Windows Update
31-03-2016 19:09:40 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/01/2016 05:05:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/01/2016 07:35:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/31/2016 05:33:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/30/2016 05:28:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/29/2016 08:52:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/28/2016 09:22:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/27/2016 08:52:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/26/2016 11:15:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/25/2016 09:29:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/24/2016 07:06:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (04/01/2016 05:05:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (04/01/2016 07:35:36 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (03/31/2016 05:33:20 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (03/30/2016 05:28:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (03/29/2016 08:52:07 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (03/28/2016 09:22:00 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (03/27/2016 08:52:20 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (03/26/2016 11:15:24 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (03/25/2016 09:29:01 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (03/24/2016 07:06:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst RealtekSE erreicht.


CodeIntegrity:
===================================
  Date: 2014-05-16 16:43:36.097
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-16 16:43:36.052
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 38%
Installierter physikalischer RAM: 8173.21 MB
Verfügbarer physikalischer RAM: 4995.27 MB
Summe virtueller Speicher: 16344.63 MB
Verfügbarer virtueller Speicher: 12379.85 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:68.26 GB) (Free:11.94 GB) NTFS
Drive d: () (Fixed) (Total:43.43 GB) (Free:18.81 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 53E941DB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=68.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=43.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 02.04.2016, 00:05   #5
Fritz83
 
Wörter im Internet werden zu Links - Standard

Wörter im Internet werden zu Links



TDSSKiller.3.1.0.9_01.04.2016_23.46.45_log:
Code:
ATTFilter
23:46:45.0972 0x0ccc  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
23:46:56.0903 0x0ccc  ============================================================
23:46:56.0904 0x0ccc  Current date / time: 2016/04/01 23:46:56.0903
23:46:56.0904 0x0ccc  SystemInfo:
23:46:56.0904 0x0ccc  
23:46:56.0904 0x0ccc  OS Version: 6.1.7601 ServicePack: 1.0
23:46:56.0904 0x0ccc  Product type: Workstation
23:46:56.0904 0x0ccc  ComputerName: HOME-PC
23:46:56.0904 0x0ccc  UserName: Robert
23:46:56.0904 0x0ccc  Windows directory: C:\Windows
23:46:56.0904 0x0ccc  System windows directory: C:\Windows
23:46:56.0904 0x0ccc  Running under WOW64
23:46:56.0904 0x0ccc  Processor architecture: Intel x64
23:46:56.0904 0x0ccc  Number of processors: 4
23:46:56.0904 0x0ccc  Page size: 0x1000
23:46:56.0904 0x0ccc  Boot type: Normal boot
23:46:56.0904 0x0ccc  ============================================================
23:46:57.0016 0x0ccc  KLMD registered as C:\Windows\system32\drivers\00691381.sys
23:46:57.0109 0x0ccc  System UUID: {EB8A56B7-68F1-EAB6-D733-360891AEC518}
23:46:57.0354 0x0ccc  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:46:57.0367 0x0ccc  ============================================================
23:46:57.0367 0x0ccc  \Device\Harddisk0\DR0:
23:46:57.0367 0x0ccc  MBR partitions:
23:46:57.0367 0x0ccc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:46:57.0367 0x0ccc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x8886000
23:46:57.0367 0x0ccc  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x88B8800, BlocksNum 0x56DB800
23:46:57.0367 0x0ccc  ============================================================
23:46:57.0369 0x0ccc  C: <-> \Device\Harddisk0\DR0\Partition2
23:46:57.0370 0x0ccc  D: <-> \Device\Harddisk0\DR0\Partition3
23:46:57.0370 0x0ccc  ============================================================
23:46:57.0370 0x0ccc  Initialize success
23:46:57.0370 0x0ccc  ============================================================
23:48:41.0795 0x1d4c  ============================================================
23:48:41.0795 0x1d4c  Scan started
23:48:41.0795 0x1d4c  Mode: Manual; SigCheck; TDLFS; 
23:48:41.0795 0x1d4c  ============================================================
23:48:41.0795 0x1d4c  KSN ping started
23:48:44.0461 0x1d4c  KSN ping finished: true
23:48:44.0711 0x1d4c  ================ Scan system memory ========================
23:48:44.0711 0x1d4c  System memory - ok
23:48:44.0711 0x1d4c  ================ Scan services =============================
23:48:44.0750 0x1d4c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:48:44.0801 0x1d4c  1394ohci - ok
23:48:44.0826 0x1d4c  [ B33CF4DE909A5B30F526D82053A63C8E, ABF5BB962C038E545C18B96E686E072D780C907096C7BB341297AF31D3703ABD ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
23:48:44.0845 0x1d4c  ABBYY.Licensing.FineReader.Sprint.9.0 - ok
23:48:44.0855 0x1d4c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:48:44.0867 0x1d4c  ACPI - ok
23:48:44.0870 0x1d4c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:48:44.0879 0x1d4c  AcpiPmi - ok
23:48:44.0884 0x1d4c  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:48:44.0892 0x1d4c  AdobeARMservice - ok
23:48:44.0904 0x1d4c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
23:48:44.0919 0x1d4c  adp94xx - ok
23:48:44.0928 0x1d4c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
23:48:44.0941 0x1d4c  adpahci - ok
23:48:44.0947 0x1d4c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
23:48:44.0956 0x1d4c  adpu320 - ok
23:48:44.0961 0x1d4c  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:48:44.0970 0x1d4c  AeLookupSvc - ok
23:48:44.0982 0x1d4c  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
23:48:44.0998 0x1d4c  AFD - ok
23:48:45.0002 0x1d4c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
23:48:45.0009 0x1d4c  agp440 - ok
23:48:45.0013 0x1d4c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
23:48:45.0022 0x1d4c  ALG - ok
23:48:45.0024 0x1d4c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:48:45.0031 0x1d4c  aliide - ok
23:48:45.0037 0x1d4c  [ D64C33936CB4E3CB06EB0175F1B7A6EA, ED69DBAB2DD751AEE1037267DDCF40FFA53589E918DEE67A3ECD1E6D5F99C2C6 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:48:45.0049 0x1d4c  AMD External Events Utility - ok
23:48:45.0052 0x1d4c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
23:48:45.0059 0x1d4c  amdide - ok
23:48:45.0062 0x1d4c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
23:48:45.0070 0x1d4c  AmdK8 - ok
23:48:45.0291 0x1d4c  [ A961FD9423AA56D5AB7EB97DC51F94F9, 4E78EEF85A15549C41DBED1E14F0B65CA33765A1F40EA7CAFE648899E92527C0 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
23:48:45.0458 0x1d4c  amdkmdag - ok
23:48:45.0475 0x1d4c  [ B427A2BAF12D1826637A4F442769664E, 60B769D74F34BC375F2EC416F61E45BB384436B233FC1519C0ACDC3EA50CF84E ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
23:48:45.0487 0x1d4c  amdkmdap - ok
23:48:45.0490 0x1d4c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
23:48:45.0499 0x1d4c  AmdPPM - ok
23:48:45.0503 0x1d4c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:48:45.0512 0x1d4c  amdsata - ok
23:48:45.0519 0x1d4c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
23:48:45.0528 0x1d4c  amdsbs - ok
23:48:45.0531 0x1d4c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:48:45.0538 0x1d4c  amdxata - ok
23:48:45.0566 0x1d4c  [ 37CD9EB03B36D8329F96BA921470DB54, 0CD3BFBA51F84D83E3B208D2BED7CE8E91B447B2037014663EC7CB8E5A925201 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
23:48:45.0590 0x1d4c  AntiVirMailService - ok
23:48:45.0602 0x1d4c  [ 98C06275DB53A1E70AB8CB94013B20D4, 5DE48C829A66B0F4C8119E75D985D63C1020FA318696BD19E44E0A07CD6F1ED0 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
23:48:45.0616 0x1d4c  AntiVirSchedulerService - ok
23:48:45.0627 0x1d4c  [ 98C06275DB53A1E70AB8CB94013B20D4, 5DE48C829A66B0F4C8119E75D985D63C1020FA318696BD19E44E0A07CD6F1ED0 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
23:48:45.0642 0x1d4c  AntiVirService - ok
23:48:45.0667 0x1d4c  [ B667AB46FA82FC246F9069D81BB1065C, CC3ADE01E745B6A4F425E41C5C380BF0D06121B3823BDF0A8DF2973DA59F86EA ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
23:48:45.0696 0x1d4c  AntiVirWebService - ok
23:48:45.0700 0x1d4c  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
23:48:45.0708 0x1d4c  AppID - ok
23:48:45.0711 0x1d4c  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:48:45.0718 0x1d4c  AppIDSvc - ok
23:48:45.0722 0x1d4c  [ 046E837786271237A76C50F7CE1F5BC6, 10EFAEC9BCEF241B3046DFECA7659E137DF42C975E50B35D841024D44A58BB98 ] Appinfo         C:\Windows\System32\appinfo.dll
23:48:45.0730 0x1d4c  Appinfo - ok
23:48:45.0736 0x1d4c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
23:48:45.0744 0x1d4c  arc - ok
23:48:45.0748 0x1d4c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:48:45.0756 0x1d4c  arcsas - ok
23:48:45.0761 0x1d4c  [ 0AA7A996792FB0287B33A57A8093AE44, 41894F055F3CDA05794FC46E1F2C59979D1DAF7602F44E4ADF6347E199B8137C ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
23:48:45.0772 0x1d4c  asmthub3 - ok
23:48:45.0783 0x1d4c  [ 125DC3ABF5BFCCFE82AD17D078E0B9EC, FEFF8C37CD688F39C8E341F8BF7A712AA8C0F431B064E07C3EA66A96250D855B ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
23:48:45.0799 0x1d4c  asmtxhci - ok
23:48:45.0812 0x1d4c  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:48:45.0823 0x1d4c  aspnet_state - ok
23:48:45.0826 0x1d4c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:48:45.0848 0x1d4c  AsyncMac - ok
23:48:45.0851 0x1d4c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
23:48:45.0858 0x1d4c  atapi - ok
23:48:45.0863 0x1d4c  [ 4BF5BCA6E2608CD8A00BC4A6673A9F47, 172240231981162F67DD2CF13C6D8C807EFFCE9C24B476F2942BC3E1F41C1A71 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
23:48:45.0870 0x1d4c  AtiHDAudioService - ok
23:48:45.0888 0x1d4c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:48:45.0907 0x1d4c  AudioEndpointBuilder - ok
23:48:45.0924 0x1d4c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:48:45.0942 0x1d4c  AudioSrv - ok
23:48:45.0948 0x1d4c  [ 742D578C28F6F58B8B576F91A1D8EB4E, 6C49EC198E67CE40728F0C19CB2BDCB59310BA59324F58E4D456DA2C8CC28BA6 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
23:48:45.0957 0x1d4c  avgntflt - ok
23:48:45.0962 0x1d4c  [ FBC2483AD62FBC8BD76A4254C50874BA, 04398AB0221535DD5D0A1AF6CA107F815CD607E668E2E7887D061FCED7373728 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
23:48:45.0971 0x1d4c  avipbb - ok
23:48:45.0979 0x1d4c  [ 98BB62ABFD17F284C3C5DE40F8266F3C, CD08C737BE9FC32FF98252FCFFCAE779EC6FAB76BF80F0835ACE71F1E155D70D ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
23:48:45.0991 0x1d4c  Avira.ServiceHost - ok
23:48:45.0994 0x1d4c  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
23:48:46.0001 0x1d4c  avkmgr - ok
23:48:46.0005 0x1d4c  [ 7FDC860B34BDFFDFCE98622F81F24FA9, 3EF774A7F2EB741633611400161B6D4F642F9357BF6E957E14E70D1645BE6466 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
23:48:46.0012 0x1d4c  avnetflt - ok
23:48:46.0017 0x1d4c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:48:46.0030 0x1d4c  AxInstSV - ok
23:48:46.0042 0x1d4c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
23:48:46.0057 0x1d4c  b06bdrv - ok
23:48:46.0065 0x1d4c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:48:46.0077 0x1d4c  b57nd60a - ok
23:48:46.0082 0x1d4c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:48:46.0091 0x1d4c  BDESVC - ok
23:48:46.0093 0x1d4c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:48:46.0115 0x1d4c  Beep - ok
23:48:46.0132 0x1d4c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
23:48:46.0152 0x1d4c  BFE - ok
23:48:46.0173 0x1d4c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
23:48:46.0209 0x1d4c  BITS - ok
23:48:46.0213 0x1d4c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:48:46.0221 0x1d4c  blbdrive - ok
23:48:46.0225 0x1d4c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:48:46.0234 0x1d4c  bowser - ok
23:48:46.0236 0x1d4c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
23:48:46.0245 0x1d4c  BrFiltLo - ok
23:48:46.0247 0x1d4c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
23:48:46.0256 0x1d4c  BrFiltUp - ok
23:48:46.0261 0x1d4c  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
23:48:46.0285 0x1d4c  BridgeMP - ok
23:48:46.0290 0x1d4c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
23:48:46.0301 0x1d4c  Browser - ok
23:48:46.0309 0x1d4c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:48:46.0321 0x1d4c  Brserid - ok
23:48:46.0324 0x1d4c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:48:46.0334 0x1d4c  BrSerWdm - ok
23:48:46.0336 0x1d4c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:48:46.0345 0x1d4c  BrUsbMdm - ok
23:48:46.0348 0x1d4c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:48:46.0355 0x1d4c  BrUsbSer - ok
23:48:46.0358 0x1d4c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
23:48:46.0369 0x1d4c  BTHMODEM - ok
23:48:46.0373 0x1d4c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
23:48:46.0396 0x1d4c  bthserv - ok
23:48:46.0398 0x1d4c  catchme - ok
23:48:46.0403 0x1d4c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:48:46.0427 0x1d4c  cdfs - ok
23:48:46.0432 0x1d4c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:48:46.0442 0x1d4c  cdrom - ok
23:48:46.0446 0x1d4c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
23:48:46.0468 0x1d4c  CertPropSvc - ok
23:48:46.0471 0x1d4c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
23:48:46.0480 0x1d4c  circlass - ok
23:48:46.0490 0x1d4c  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
23:48:46.0504 0x1d4c  CLFS - ok
23:48:46.0510 0x1d4c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:48:46.0519 0x1d4c  clr_optimization_v2.0.50727_32 - ok
23:48:46.0525 0x1d4c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:48:46.0534 0x1d4c  clr_optimization_v2.0.50727_64 - ok
23:48:46.0544 0x1d4c  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:48:46.0560 0x1d4c  clr_optimization_v4.0.30319_32 - ok
23:48:46.0565 0x1d4c  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:48:46.0579 0x1d4c  clr_optimization_v4.0.30319_64 - ok
23:48:46.0582 0x1d4c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
23:48:46.0590 0x1d4c  CmBatt - ok
23:48:46.0592 0x1d4c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:48:46.0599 0x1d4c  cmdide - ok
23:48:46.0610 0x1d4c  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
23:48:46.0629 0x1d4c  CNG - ok
23:48:46.0632 0x1d4c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
23:48:46.0639 0x1d4c  Compbatt - ok
23:48:46.0642 0x1d4c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
23:48:46.0652 0x1d4c  CompositeBus - ok
23:48:46.0654 0x1d4c  COMSysApp - ok
23:48:46.0656 0x1d4c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
23:48:46.0663 0x1d4c  crcdisk - ok
23:48:46.0667 0x1d4c  [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
23:48:46.0671 0x1d4c  Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
23:48:48.0076 0x164c  Object required for P2P: [ 37CD9EB03B36D8329F96BA921470DB54 ] AntiVirMailService
23:48:48.0638 0x17e8  Object required for P2P: [ 98BB62ABFD17F284C3C5DE40F8266F3C ] Avira.ServiceHost
23:48:49.0003 0x1d4c  Detect skipped due to KSN trusted
23:48:49.0003 0x1d4c  Creative Audio Engine Licensing Service - ok
23:48:49.0017 0x1d4c  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:48:49.0039 0x1d4c  CryptSvc - ok
23:48:49.0050 0x1d4c  [ 07BA6D17E66879018B30B6C3F976EBED, 1759CE25519358A47E1B1FA02A415DB5D3F6B511AD3820D0AE8A1533B5DC83CD ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
23:48:49.0058 0x1d4c  CTAudSvcService - detected UnsignedFile.Multi.Generic ( 1 )
23:48:50.0552 0x164c  Object send P2P result: true
23:48:51.0075 0x17e8  Object send P2P result: true
23:48:51.0392 0x1d4c  Detect skipped due to KSN trusted
23:48:51.0393 0x1d4c  CTAudSvcService - ok
23:48:51.0428 0x1d4c  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:48:51.0453 0x1d4c  DcomLaunch - ok
23:48:51.0461 0x1d4c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
23:48:51.0489 0x1d4c  defragsvc - ok
23:48:51.0493 0x1d4c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:48:51.0516 0x1d4c  DfsC - ok
23:48:51.0526 0x1d4c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:48:51.0543 0x1d4c  Dhcp - ok
23:48:51.0575 0x1d4c  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
23:48:51.0606 0x1d4c  DiagTrack - ok
23:48:51.0610 0x1d4c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
23:48:51.0632 0x1d4c  discache - ok
23:48:51.0636 0x1d4c  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
23:48:51.0644 0x1d4c  Disk - ok
23:48:51.0651 0x1d4c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:48:51.0661 0x1d4c  Dnscache - ok
23:48:51.0668 0x1d4c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:48:51.0694 0x1d4c  dot3svc - ok
23:48:51.0700 0x1d4c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
23:48:51.0724 0x1d4c  DPS - ok
23:48:51.0727 0x1d4c  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:48:51.0734 0x1d4c  drmkaud - ok
23:48:51.0758 0x1d4c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:48:51.0782 0x1d4c  DXGKrnl - ok
23:48:51.0787 0x1d4c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
23:48:51.0811 0x1d4c  EapHost - ok
23:48:51.0880 0x1d4c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
23:48:51.0943 0x1d4c  ebdrv - ok
23:48:51.0950 0x1d4c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] EFS             C:\Windows\System32\lsass.exe
23:48:51.0957 0x1d4c  EFS - ok
23:48:51.0977 0x1d4c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:48:51.0997 0x1d4c  ehRecvr - ok
23:48:52.0001 0x1d4c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
23:48:52.0011 0x1d4c  ehSched - ok
23:48:52.0023 0x1d4c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
23:48:52.0039 0x1d4c  elxstor - ok
23:48:52.0044 0x1d4c  [ ABDD5AD016AFFD34AD40E944CE94BF59, 61089124CD8FEA31142CD4D3C47224A6310B9BE7B7FA974956D9EDDAD4381503 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
23:48:52.0048 0x1d4c  EpsonBidirectionalService - detected UnsignedFile.Multi.Generic ( 1 )
23:48:54.0385 0x1d4c  Detect skipped due to KSN trusted
23:48:54.0385 0x1d4c  EpsonBidirectionalService - ok
23:48:54.0392 0x1d4c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:48:54.0407 0x1d4c  ErrDev - ok
23:48:54.0429 0x1d4c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
23:48:54.0465 0x1d4c  EventSystem - ok
23:48:54.0472 0x1d4c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
23:48:54.0497 0x1d4c  exfat - ok
23:48:54.0503 0x1d4c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:48:54.0529 0x1d4c  fastfat - ok
23:48:54.0545 0x1d4c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
23:48:54.0564 0x1d4c  Fax - ok
23:48:54.0567 0x1d4c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
23:48:54.0575 0x1d4c  fdc - ok
23:48:54.0577 0x1d4c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
23:48:54.0600 0x1d4c  fdPHost - ok
23:48:54.0603 0x1d4c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:48:54.0625 0x1d4c  FDResPub - ok
23:48:54.0629 0x1d4c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:48:54.0637 0x1d4c  FileInfo - ok
23:48:54.0640 0x1d4c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:48:54.0662 0x1d4c  Filetrace - ok
23:48:54.0664 0x1d4c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
23:48:54.0672 0x1d4c  flpydisk - ok
23:48:54.0681 0x1d4c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:48:54.0692 0x1d4c  FltMgr - ok
23:48:54.0716 0x1d4c  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
23:48:54.0744 0x1d4c  FontCache - ok
23:48:54.0748 0x1d4c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:48:54.0754 0x1d4c  FontCache3.0.0.0 - ok
23:48:54.0758 0x1d4c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:48:54.0765 0x1d4c  FsDepends - ok
23:48:54.0768 0x1d4c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:48:54.0775 0x1d4c  Fs_Rec - ok
23:48:54.0781 0x1d4c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:48:54.0795 0x1d4c  fvevol - ok
23:48:54.0798 0x1d4c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
23:48:54.0806 0x1d4c  gagp30kx - ok
23:48:54.0824 0x1d4c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
23:48:54.0859 0x1d4c  gpsvc - ok
23:48:54.0862 0x1d4c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:48:54.0870 0x1d4c  hcw85cir - ok
23:48:54.0879 0x1d4c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:48:54.0894 0x1d4c  HdAudAddService - ok
23:48:54.0898 0x1d4c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:48:54.0909 0x1d4c  HDAudBus - ok
23:48:54.0912 0x1d4c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
23:48:54.0920 0x1d4c  HidBatt - ok
23:48:54.0924 0x1d4c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
23:48:54.0935 0x1d4c  HidBth - ok
23:48:54.0938 0x1d4c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
23:48:54.0947 0x1d4c  HidIr - ok
23:48:54.0950 0x1d4c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
23:48:54.0973 0x1d4c  hidserv - ok
23:48:54.0976 0x1d4c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
23:48:54.0983 0x1d4c  HidUsb - ok
23:48:54.0987 0x1d4c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:48:55.0010 0x1d4c  hkmsvc - ok
23:48:55.0017 0x1d4c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:48:55.0029 0x1d4c  HomeGroupListener - ok
23:48:55.0035 0x1d4c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:48:55.0046 0x1d4c  HomeGroupProvider - ok
23:48:55.0050 0x1d4c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:48:55.0057 0x1d4c  HpSAMD - ok
23:48:55.0075 0x1d4c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:48:55.0095 0x1d4c  HTTP - ok
23:48:55.0098 0x1d4c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:48:55.0105 0x1d4c  hwpolicy - ok
23:48:55.0110 0x1d4c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
23:48:55.0119 0x1d4c  i8042prt - ok
23:48:55.0130 0x1d4c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:48:55.0143 0x1d4c  iaStorV - ok
23:48:55.0164 0x1d4c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:48:55.0186 0x1d4c  idsvc - ok
23:48:55.0189 0x1d4c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
23:48:55.0197 0x1d4c  iirsp - ok
23:48:55.0217 0x1d4c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
23:48:55.0240 0x1d4c  IKEEXT - ok
23:48:55.0306 0x1d4c  [ EB5FA493A4B6EA290200AE39EBA2FBC6, 1C2797058A52D87D0F4412F40D372BABB7E4E4146F6DA5F4FFB7C6BA026A1FAC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:48:55.0362 0x1d4c  IntcAzAudAddService - ok
23:48:55.0368 0x1d4c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
23:48:55.0374 0x1d4c  intelide - ok
23:48:55.0378 0x1d4c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:48:55.0386 0x1d4c  intelppm - ok
23:48:55.0391 0x1d4c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:48:55.0414 0x1d4c  IPBusEnum - ok
23:48:55.0418 0x1d4c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:48:55.0441 0x1d4c  IpFilterDriver - ok
23:48:55.0457 0x1d4c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:48:55.0474 0x1d4c  iphlpsvc - ok
23:48:55.0479 0x1d4c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:48:55.0487 0x1d4c  IPMIDRV - ok
23:48:55.0492 0x1d4c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:48:55.0516 0x1d4c  IPNAT - ok
23:48:55.0518 0x1d4c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:48:55.0529 0x1d4c  IRENUM - ok
23:48:55.0531 0x1d4c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:48:55.0538 0x1d4c  isapnp - ok
23:48:55.0546 0x1d4c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:48:55.0557 0x1d4c  iScsiPrt - ok
23:48:55.0560 0x1d4c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:48:55.0568 0x1d4c  kbdclass - ok
23:48:55.0570 0x1d4c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:48:55.0578 0x1d4c  kbdhid - ok
23:48:55.0581 0x1d4c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] KeyIso          C:\Windows\system32\lsass.exe
23:48:55.0588 0x1d4c  KeyIso - ok
23:48:55.0592 0x1d4c  [ 211A379BAAB812A7B437319BD85B2435, 4C8B82817B735BEFC0C8E2A42C7EF547D1C179561D3C97B3067B5EA3408F9E4D ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:48:55.0600 0x1d4c  KSecDD - ok
23:48:55.0605 0x1d4c  [ CC1B3B52F33CBC1CE60867DA4E23537C, A373DBCE6A53B77F59D9C83E243E5C1A2B4C38571CA28198229730D612561978 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:48:55.0614 0x1d4c  KSecPkg - ok
23:48:55.0617 0x1d4c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:48:55.0639 0x1d4c  ksthunk - ok
23:48:55.0649 0x1d4c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:48:55.0678 0x1d4c  KtmRm - ok
23:48:55.0691 0x1d4c  [ 28A4BB5CCFA252FC1D9460E5FB22AB08, 85DC7F8191245FDBBD90DABC2D03D70B373550615125471C90C10550EF6D5EEB ] L4301_Solar     C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
23:48:55.0704 0x1d4c  L4301_Solar - ok
23:48:55.0712 0x1d4c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
23:48:55.0737 0x1d4c  LanmanServer - ok
23:48:55.0742 0x1d4c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:48:55.0766 0x1d4c  LanmanWorkstation - ok
23:48:55.0778 0x1d4c  [ 7772DFAB22611050B79504E671B06E6E, 331FE235EDBCF48EE96A5A9D5D0560457CD85FA3FD7BEACD3700055F815D9F13 ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
23:48:55.0791 0x1d4c  LBTServ - ok
23:48:55.0797 0x1d4c  [ ED7EC050CD6C20E1A93A4DAFB7EFD14D, 9B3B9FA23788680D13E3DC2EEA2F127591A368578AEAB70F03AC379BA7379184 ] LEqdUsb         C:\Windows\system32\DRIVERS\LEqdUsb.Sys
23:48:55.0804 0x1d4c  LEqdUsb - ok
23:48:55.0807 0x1d4c  [ 3267BC698E29474A8381E68904EB0390, A653ED6364D4B7E02FB7087D364E33D029B15A92E0FAAB176877DE5F93B36B65 ] LHidEqd         C:\Windows\system32\DRIVERS\LHidEqd.Sys
23:48:55.0813 0x1d4c  LHidEqd - ok
23:48:55.0816 0x1d4c  [ 241F2648ADF090E2A10095BD6D6F5DCB, D31F50F7A70A62E3CA45071F75C56FFA21464BFAF4CA4A3AD2482D7477D78D4E ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
23:48:55.0824 0x1d4c  LHidFilt - ok
23:48:55.0827 0x1d4c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:48:55.0850 0x1d4c  lltdio - ok
23:48:55.0858 0x1d4c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:48:55.0886 0x1d4c  lltdsvc - ok
23:48:55.0888 0x1d4c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:48:55.0911 0x1d4c  lmhosts - ok
23:48:55.0914 0x1d4c  [ 342ED5A4B3326014438F36D22D803737, 45488402BD919D84729A19E618B3595D615EB1F73FB9BC77675A21E7DB80AB6C ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
23:48:55.0922 0x1d4c  LMouFilt - ok
23:48:55.0927 0x1d4c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
23:48:55.0935 0x1d4c  LSI_FC - ok
23:48:55.0940 0x1d4c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
23:48:55.0948 0x1d4c  LSI_SAS - ok
23:48:55.0952 0x1d4c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
23:48:55.0959 0x1d4c  LSI_SAS2 - ok
23:48:55.0963 0x1d4c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
23:48:55.0972 0x1d4c  LSI_SCSI - ok
23:48:55.0976 0x1d4c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
23:48:56.0000 0x1d4c  luafv - ok
23:48:56.0006 0x1d4c  [ 6140163BFE9D8F2DFDBA088ED5521C13, B7B501F0D1527A15B1610D133E97AB431574502F0553734009627488D0007595 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
23:48:56.0014 0x1d4c  MBAMSwissArmy - ok
23:48:56.0018 0x1d4c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:48:56.0027 0x1d4c  Mcx2Svc - ok
23:48:56.0030 0x1d4c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
23:48:56.0037 0x1d4c  megasas - ok
23:48:56.0045 0x1d4c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
23:48:56.0057 0x1d4c  MegaSR - ok
23:48:56.0060 0x1d4c  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
23:48:56.0067 0x1d4c  MEIx64 - ok
23:48:56.0071 0x1d4c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
23:48:56.0095 0x1d4c  MMCSS - ok
23:48:56.0097 0x1d4c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
23:48:56.0120 0x1d4c  Modem - ok
23:48:56.0122 0x1d4c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:48:56.0132 0x1d4c  monitor - ok
23:48:56.0135 0x1d4c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:48:56.0142 0x1d4c  mouclass - ok
23:48:56.0145 0x1d4c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:48:56.0153 0x1d4c  mouhid - ok
23:48:56.0157 0x1d4c  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:48:56.0165 0x1d4c  mountmgr - ok
23:48:56.0171 0x1d4c  [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:48:56.0180 0x1d4c  MozillaMaintenance - ok
23:48:56.0185 0x1d4c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:48:56.0195 0x1d4c  mpio - ok
23:48:56.0198 0x1d4c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:48:56.0222 0x1d4c  mpsdrv - ok
23:48:56.0242 0x1d4c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:48:56.0278 0x1d4c  MpsSvc - ok
23:48:56.0283 0x1d4c  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:48:56.0293 0x1d4c  MRxDAV - ok
23:48:56.0298 0x1d4c  [ 07F8F6B0CAEC7ADD30EBD94940A315D7, 288429A146B74E88D93C5BC19D878A42AC6F411EE31D9A6D36A2A2FFCF7B9436 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:48:56.0308 0x1d4c  mrxsmb - ok
23:48:56.0316 0x1d4c  [ 8856E45D23BFF4D977BF06D0543BCD96, 0066C061A3516A16C2477590859865E46E522A290CCE17C3EC1B69F81E466E9E ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:48:56.0328 0x1d4c  mrxsmb10 - ok
23:48:56.0332 0x1d4c  [ 8D383CED28332B5F3894658857472F47, CB3872543D08C6432CF884C11A5897637A6FC7E9AC40F424444BAAA49C9FC32A ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:48:56.0342 0x1d4c  mrxsmb20 - ok
23:48:56.0345 0x1d4c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:48:56.0352 0x1d4c  msahci - ok
23:48:56.0357 0x1d4c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:48:56.0365 0x1d4c  msdsm - ok
23:48:56.0371 0x1d4c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
23:48:56.0381 0x1d4c  MSDTC - ok
23:48:56.0386 0x1d4c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:48:56.0408 0x1d4c  Msfs - ok
23:48:56.0410 0x1d4c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:48:56.0432 0x1d4c  mshidkmdf - ok
23:48:56.0435 0x1d4c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:48:56.0441 0x1d4c  msisadrv - ok
23:48:56.0447 0x1d4c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:48:56.0472 0x1d4c  MSiSCSI - ok
23:48:56.0474 0x1d4c  msiserver - ok
23:48:56.0476 0x1d4c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:48:56.0498 0x1d4c  MSKSSRV - ok
23:48:56.0501 0x1d4c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:48:56.0522 0x1d4c  MSPCLOCK - ok
23:48:56.0524 0x1d4c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:48:56.0547 0x1d4c  MSPQM - ok
23:48:56.0557 0x1d4c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:48:56.0572 0x1d4c  MsRPC - ok
23:48:56.0575 0x1d4c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
23:48:56.0583 0x1d4c  mssmbios - ok
23:48:56.0597 0x1d4c  [ D1DF0547CE7B633D9E379F616A8D1F47, B78A6024108E9E8F827AD34607F5517CF7366C4E1EFE88AE5E69B8BC654470BD ] MSSQL$SQLEXPRESS C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
23:48:56.0607 0x1d4c  MSSQL$SQLEXPRESS - ok
23:48:56.0610 0x1d4c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:48:56.0632 0x1d4c  MSTEE - ok
23:48:56.0634 0x1d4c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
23:48:56.0642 0x1d4c  MTConfig - ok
23:48:56.0645 0x1d4c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
23:48:56.0653 0x1d4c  Mup - ok
23:48:56.0665 0x1d4c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
23:48:56.0695 0x1d4c  napagent - ok
23:48:56.0704 0x1d4c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:48:56.0720 0x1d4c  NativeWifiP - ok
23:48:56.0740 0x1d4c  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:48:56.0763 0x1d4c  NDIS - ok
23:48:56.0766 0x1d4c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:48:56.0789 0x1d4c  NdisCap - ok
23:48:56.0792 0x1d4c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:48:56.0814 0x1d4c  NdisTapi - ok
23:48:56.0817 0x1d4c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:48:56.0839 0x1d4c  Ndisuio - ok
23:48:56.0845 0x1d4c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:48:56.0869 0x1d4c  NdisWan - ok
23:48:56.0872 0x1d4c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:48:56.0895 0x1d4c  NDProxy - ok
23:48:56.0898 0x1d4c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:48:56.0921 0x1d4c  NetBIOS - ok
23:48:56.0929 0x1d4c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:48:56.0954 0x1d4c  NetBT - ok
23:48:56.0957 0x1d4c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] Netlogon        C:\Windows\system32\lsass.exe
23:48:56.0964 0x1d4c  Netlogon - ok
23:48:56.0974 0x1d4c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
23:48:57.0002 0x1d4c  Netman - ok
23:48:57.0007 0x1d4c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:48:57.0019 0x1d4c  NetMsmqActivator - ok
23:48:57.0023 0x1d4c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:48:57.0033 0x1d4c  NetPipeActivator - ok
23:48:57.0046 0x1d4c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
23:48:57.0076 0x1d4c  netprofm - ok
23:48:57.0081 0x1d4c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:48:57.0090 0x1d4c  NetTcpActivator - ok
23:48:57.0094 0x1d4c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:48:57.0104 0x1d4c  NetTcpPortSharing - ok
23:48:57.0108 0x1d4c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
23:48:57.0115 0x1d4c  nfrd960 - ok
23:48:57.0123 0x1d4c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:48:57.0136 0x1d4c  NlaSvc - ok
23:48:57.0140 0x1d4c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:48:57.0163 0x1d4c  Npfs - ok
23:48:57.0166 0x1d4c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
23:48:57.0189 0x1d4c  nsi - ok
23:48:57.0191 0x1d4c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:48:57.0214 0x1d4c  nsiproxy - ok
23:48:57.0248 0x1d4c  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:48:57.0289 0x1d4c  Ntfs - ok
23:48:57.0293 0x1d4c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
23:48:57.0315 0x1d4c  Null - ok
23:48:57.0320 0x1d4c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:48:57.0329 0x1d4c  nvraid - ok
23:48:57.0335 0x1d4c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:48:57.0344 0x1d4c  nvstor - ok
23:48:57.0349 0x1d4c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:48:57.0357 0x1d4c  nv_agp - ok
23:48:57.0370 0x1d4c  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:48:57.0384 0x1d4c  odserv - ok
23:48:57.0388 0x1d4c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:48:57.0396 0x1d4c  ohci1394 - ok
23:48:57.0401 0x1d4c  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:48:57.0409 0x1d4c  ose - ok
23:48:57.0419 0x1d4c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:48:57.0433 0x1d4c  p2pimsvc - ok
23:48:57.0445 0x1d4c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
23:48:57.0460 0x1d4c  p2psvc - ok
23:48:57.0464 0x1d4c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
23:48:57.0473 0x1d4c  Parport - ok
23:48:57.0477 0x1d4c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:48:57.0485 0x1d4c  partmgr - ok
23:48:57.0491 0x1d4c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:48:57.0502 0x1d4c  PcaSvc - ok
23:48:57.0508 0x1d4c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
23:48:57.0517 0x1d4c  pci - ok
23:48:57.0520 0x1d4c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
23:48:57.0527 0x1d4c  pciide - ok
23:48:57.0533 0x1d4c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
23:48:57.0544 0x1d4c  pcmcia - ok
23:48:57.0547 0x1d4c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:48:57.0554 0x1d4c  pcw - ok
23:48:57.0571 0x1d4c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:48:57.0589 0x1d4c  PEAUTH - ok
23:48:57.0615 0x1d4c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:48:57.0624 0x1d4c  PerfHost - ok
23:48:57.0659 0x1d4c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
23:48:57.0704 0x1d4c  pla - ok
23:48:57.0718 0x1d4c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:48:57.0733 0x1d4c  PlugPlay - ok
23:48:57.0736 0x1d4c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:48:57.0743 0x1d4c  PNRPAutoReg - ok
23:48:57.0753 0x1d4c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:48:57.0766 0x1d4c  PNRPsvc - ok
23:48:57.0779 0x1d4c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:48:57.0811 0x1d4c  PolicyAgent - ok
23:48:57.0820 0x1d4c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
23:48:57.0846 0x1d4c  Power - ok
23:48:57.0850 0x1d4c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:48:57.0873 0x1d4c  PptpMiniport - ok
23:48:57.0877 0x1d4c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
23:48:57.0885 0x1d4c  Processor - ok
23:48:57.0891 0x1d4c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:48:57.0902 0x1d4c  ProfSvc - ok
23:48:57.0905 0x1d4c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:48:57.0913 0x1d4c  ProtectedStorage - ok
23:48:57.0917 0x1d4c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:48:57.0941 0x1d4c  Psched - ok
23:48:57.0973 0x1d4c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
23:48:58.0005 0x1d4c  ql2300 - ok
23:48:58.0012 0x1d4c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
23:48:58.0021 0x1d4c  ql40xx - ok
23:48:58.0029 0x1d4c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
23:48:58.0044 0x1d4c  QWAVE - ok
23:48:58.0046 0x1d4c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:48:58.0058 0x1d4c  QWAVEdrv - ok
23:48:58.0066 0x1d4c  [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
23:48:58.0076 0x1d4c  RapiMgr - ok
23:48:58.0079 0x1d4c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:48:58.0101 0x1d4c  RasAcd - ok
23:48:58.0105 0x1d4c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:48:58.0127 0x1d4c  RasAgileVpn - ok
23:48:58.0131 0x1d4c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
23:48:58.0156 0x1d4c  RasAuto - ok
23:48:58.0160 0x1d4c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:48:58.0184 0x1d4c  Rasl2tp - ok
23:48:58.0193 0x1d4c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
23:48:58.0221 0x1d4c  RasMan - ok
23:48:58.0225 0x1d4c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:48:58.0248 0x1d4c  RasPppoe - ok
23:48:58.0252 0x1d4c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:48:58.0275 0x1d4c  RasSstp - ok
23:48:58.0284 0x1d4c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:48:58.0311 0x1d4c  rdbss - ok
23:48:58.0313 0x1d4c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
23:48:58.0323 0x1d4c  rdpbus - ok
23:48:58.0325 0x1d4c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:48:58.0347 0x1d4c  RDPCDD - ok
23:48:58.0350 0x1d4c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:48:58.0372 0x1d4c  RDPENCDD - ok
23:48:58.0375 0x1d4c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:48:58.0397 0x1d4c  RDPREFMP - ok
23:48:58.0401 0x1d4c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:48:58.0409 0x1d4c  RdpVideoMiniport - ok
23:48:58.0415 0x1d4c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:48:58.0427 0x1d4c  RDPWD - ok
23:48:58.0434 0x1d4c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:48:58.0444 0x1d4c  rdyboost - ok
23:48:58.0448 0x1d4c  [ EA569D48B2E755AF6D96F03F3335D98A, EED2DCDF187A69F36A38129C8A1E0D6FE0EBF9232DEAF68A116E9A26E40AB636 ] RealtekSE       C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtlService.exe
23:48:58.0451 0x1d4c  RealtekSE - detected UnsignedFile.Multi.Generic ( 1 )
23:49:00.0787 0x1d4c  Detect skipped due to KSN trusted
23:49:00.0787 0x1d4c  RealtekSE - ok
23:49:00.0796 0x1d4c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:49:00.0839 0x1d4c  RemoteAccess - ok
23:49:00.0845 0x1d4c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:49:00.0870 0x1d4c  RemoteRegistry - ok
23:49:00.0874 0x1d4c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:49:00.0898 0x1d4c  RpcEptMapper - ok
23:49:00.0900 0x1d4c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
23:49:00.0908 0x1d4c  RpcLocator - ok
23:49:00.0920 0x1d4c  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
23:49:00.0936 0x1d4c  RpcSs - ok
23:49:00.0940 0x1d4c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:49:00.0963 0x1d4c  rspndr - ok
23:49:00.0977 0x1d4c  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
23:49:00.0992 0x1d4c  RTL8167 - ok
23:49:01.0021 0x1d4c  [ 6D17B48C2465E26808E5FB4FE7B77304, FD6E87D4AB5D19D9AFE4D47D19352701EB0DA8ABA017BE15519EAAE47544099C ] RTL8192Ce       C:\Windows\system32\DRIVERS\rtl8192Ce.sys
23:49:01.0046 0x1d4c  RTL8192Ce - ok
23:49:01.0051 0x1d4c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] SamSs           C:\Windows\system32\lsass.exe
23:49:01.0058 0x1d4c  SamSs - ok
23:49:01.0063 0x1d4c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:49:01.0071 0x1d4c  sbp2port - ok
23:49:01.0077 0x1d4c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:49:01.0102 0x1d4c  SCardSvr - ok
23:49:01.0105 0x1d4c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:49:01.0127 0x1d4c  scfilter - ok
23:49:01.0148 0x1d4c  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
23:49:01.0175 0x1d4c  Schedule - ok
23:49:01.0180 0x1d4c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:49:01.0202 0x1d4c  SCPolicySvc - ok
23:49:01.0208 0x1d4c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:49:01.0219 0x1d4c  SDRSVC - ok
23:49:01.0222 0x1d4c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:49:01.0229 0x1d4c  secdrv - ok
23:49:01.0232 0x1d4c  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
23:49:01.0240 0x1d4c  seclogon - ok
23:49:01.0243 0x1d4c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
23:49:01.0266 0x1d4c  SENS - ok
23:49:01.0269 0x1d4c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:49:01.0277 0x1d4c  SensrSvc - ok
23:49:01.0280 0x1d4c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:49:01.0288 0x1d4c  Serenum - ok
23:49:01.0292 0x1d4c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:49:01.0300 0x1d4c  Serial - ok
23:49:01.0303 0x1d4c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
23:49:01.0311 0x1d4c  sermouse - ok
23:49:01.0325 0x1d4c  [ D2E25B1FE392E6E1C9A149F17920C318, F2FB3BC29ECF2F59A99CC33C57227B7DBC22E9935678877F06803EBA742CFDD8 ] Serviio         C:\Program Files\Serviio\bin\ServiioService.exe
23:49:01.0333 0x1d4c  Serviio - detected UnsignedFile.Multi.Generic ( 1 )
23:49:03.0685 0x1d4c  Detect skipped due to KSN trusted
23:49:03.0685 0x1d4c  Serviio - ok
23:49:03.0695 0x1d4c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
23:49:03.0730 0x1d4c  SessionEnv - ok
23:49:03.0733 0x1d4c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:49:03.0743 0x1d4c  sffdisk - ok
23:49:03.0746 0x1d4c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:49:03.0755 0x1d4c  sffp_mmc - ok
23:49:03.0758 0x1d4c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:49:03.0767 0x1d4c  sffp_sd - ok
23:49:03.0769 0x1d4c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
23:49:03.0777 0x1d4c  sfloppy - ok
23:49:03.0788 0x1d4c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:49:03.0816 0x1d4c  SharedAccess - ok
23:49:03.0826 0x1d4c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:49:03.0854 0x1d4c  ShellHWDetection - ok
23:49:03.0857 0x1d4c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
23:49:03.0865 0x1d4c  SiSRaid2 - ok
23:49:03.0868 0x1d4c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
23:49:03.0876 0x1d4c  SiSRaid4 - ok
23:49:03.0880 0x1d4c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:49:03.0904 0x1d4c  Smb - ok
23:49:03.0908 0x1d4c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:49:03.0917 0x1d4c  SNMPTRAP - ok
23:49:03.0919 0x1d4c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:49:03.0926 0x1d4c  spldr - ok
23:49:03.0940 0x1d4c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
23:49:03.0958 0x1d4c  Spooler - ok
23:49:04.0040 0x1d4c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
23:49:04.0122 0x1d4c  sppsvc - ok
23:49:04.0129 0x1d4c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:49:04.0153 0x1d4c  sppuinotify - ok
23:49:04.0168 0x1d4c  [ CFA0828E78FE714C71687982FA21A96E, 56F872D42F8A4DBAA1DC087AAEF86F6ECC9C198D9A5BF86A7BFCDC2176FC5C47 ] SQLAgent$SQLEXPRESS C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
23:49:04.0183 0x1d4c  SQLAgent$SQLEXPRESS - ok
23:49:04.0192 0x1d4c  [ 774C1D27B9ED5A420E11C2343B0FFF7B, 6C291CF9C9205D6F9BA43156E1EBB370CA11DD1656694F1B434E2E7F8AFBC6A4 ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
23:49:04.0204 0x1d4c  SQLBrowser - ok
23:49:04.0209 0x1d4c  [ 8FD8EE71D7D639F85805EEE4ADB2AA15, 027E680BE49F705843B0117A72FAFC7681798B99685B91989928EF03767CD7A5 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
23:49:04.0219 0x1d4c  SQLWriter - ok
23:49:04.0231 0x1d4c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:49:04.0246 0x1d4c  srv - ok
23:49:04.0257 0x1d4c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:49:04.0271 0x1d4c  srv2 - ok
23:49:04.0277 0x1d4c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:49:04.0287 0x1d4c  srvnet - ok
23:49:04.0293 0x1d4c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:49:04.0319 0x1d4c  SSDPSRV - ok
23:49:04.0323 0x1d4c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:49:04.0347 0x1d4c  SstpSvc - ok
23:49:04.0350 0x1d4c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
23:49:04.0357 0x1d4c  stexstor - ok
23:49:04.0372 0x1d4c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
23:49:04.0393 0x1d4c  stisvc - ok
23:49:04.0396 0x1d4c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
23:49:04.0402 0x1d4c  swenum - ok
23:49:04.0415 0x1d4c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
23:49:04.0447 0x1d4c  swprv - ok
23:49:04.0481 0x1d4c  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
23:49:04.0519 0x1d4c  SysMain - ok
23:49:04.0537 0x1d4c  [ 6B153E518DBE6EF59191152E1ECF7ED4, 0E3B703CE08CD310B81FD27D009D4E15DA582D06EC570B539BDA56FCADEA69FA ] t3              C:\Windows\system32\drivers\t3.sys
23:49:04.0555 0x1d4c  t3 - ok
23:49:04.0559 0x1d4c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:49:04.0572 0x1d4c  TabletInputService - ok
23:49:04.0581 0x1d4c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:49:04.0608 0x1d4c  TapiSrv - ok
23:49:04.0651 0x1d4c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:49:04.0690 0x1d4c  Tcpip - ok
23:49:04.0733 0x1d4c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:49:04.0772 0x1d4c  TCPIP6 - ok
23:49:04.0779 0x1d4c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:49:04.0788 0x1d4c  tcpipreg - ok
23:49:04.0791 0x1d4c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:49:04.0799 0x1d4c  TDPIPE - ok
23:49:04.0801 0x1d4c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:49:04.0808 0x1d4c  TDTCP - ok
23:49:04.0813 0x1d4c  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:49:04.0821 0x1d4c  tdx - ok
23:49:04.0961 0x1d4c  [ F01CC856780524410EA86C07C39E5B77, 01C62D94D7FB7E411BAC2E2996BC09EBBDC0F3E03C62D06E1121DCB169AD6326 ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
23:49:05.0058 0x1d4c  TeamViewer9 - ok
23:49:05.0066 0x1d4c  [ F5520DBB47C60EE83024B38720ABDA24, B8E555D92440BF93E3B55A66E27CEF936477EF7528F870D3B78BD3B294A05CC0 ] teamviewervpn   C:\Windows\system32\DRIVERS\teamviewervpn.sys
23:49:05.0072 0x1d4c  teamviewervpn - ok
23:49:05.0075 0x1d4c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
23:49:05.0083 0x1d4c  TermDD - ok
23:49:05.0099 0x1d4c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
23:49:05.0119 0x1d4c  TermService - ok
23:49:05.0122 0x1d4c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
23:49:05.0134 0x1d4c  Themes - ok
23:49:05.0138 0x1d4c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
23:49:05.0161 0x1d4c  THREADORDER - ok
23:49:05.0167 0x1d4c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
23:49:05.0191 0x1d4c  TrkWks - ok
23:49:05.0198 0x1d4c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:49:05.0222 0x1d4c  TrustedInstaller - ok
23:49:05.0226 0x1d4c  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:49:05.0234 0x1d4c  tssecsrv - ok
23:49:05.0238 0x1d4c  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:49:05.0246 0x1d4c  TsUsbFlt - ok
23:49:05.0249 0x1d4c  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
23:49:05.0256 0x1d4c  TsUsbGD - ok
23:49:05.0261 0x1d4c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:49:05.0284 0x1d4c  tunnel - ok
23:49:05.0288 0x1d4c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
23:49:05.0295 0x1d4c  uagp35 - ok
23:49:05.0304 0x1d4c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:49:05.0331 0x1d4c  udfs - ok
23:49:05.0336 0x1d4c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:49:05.0345 0x1d4c  UI0Detect - ok
23:49:05.0349 0x1d4c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:49:05.0356 0x1d4c  uliagpkx - ok
23:49:05.0359 0x1d4c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:49:05.0368 0x1d4c  umbus - ok
23:49:05.0370 0x1d4c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
23:49:05.0377 0x1d4c  UmPass - ok
23:49:05.0388 0x1d4c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
23:49:05.0416 0x1d4c  upnphost - ok
23:49:05.0421 0x1d4c  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
23:49:05.0430 0x1d4c  usbaudio - ok
23:49:05.0434 0x1d4c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:49:05.0442 0x1d4c  usbccgp - ok
23:49:05.0447 0x1d4c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:49:05.0456 0x1d4c  usbcir - ok
23:49:05.0459 0x1d4c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
23:49:05.0467 0x1d4c  usbehci - ok
23:49:05.0477 0x1d4c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:49:05.0489 0x1d4c  usbhub - ok
23:49:05.0492 0x1d4c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
23:49:05.0500 0x1d4c  usbohci - ok
23:49:05.0502 0x1d4c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
23:49:05.0512 0x1d4c  usbprint - ok
23:49:05.0515 0x1d4c  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\drivers\usbser.sys
23:49:05.0522 0x1d4c  usbser - ok
23:49:05.0526 0x1d4c  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
23:49:05.0535 0x1d4c  USBSTOR - ok
23:49:05.0537 0x1d4c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
23:49:05.0545 0x1d4c  usbuhci - ok
23:49:05.0548 0x1d4c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
23:49:05.0571 0x1d4c  UxSms - ok
23:49:05.0573 0x1d4c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] VaultSvc        C:\Windows\system32\lsass.exe
23:49:05.0581 0x1d4c  VaultSvc - ok
23:49:05.0584 0x1d4c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:49:05.0591 0x1d4c  vdrvroot - ok
23:49:05.0603 0x1d4c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
23:49:05.0634 0x1d4c  vds - ok
23:49:05.0637 0x1d4c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:49:05.0647 0x1d4c  vga - ok
23:49:05.0649 0x1d4c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:49:05.0671 0x1d4c  VgaSave - ok
23:49:05.0678 0x1d4c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:49:05.0688 0x1d4c  vhdmp - ok
23:49:05.0691 0x1d4c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:49:05.0698 0x1d4c  viaide - ok
23:49:05.0701 0x1d4c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:49:05.0709 0x1d4c  volmgr - ok
23:49:05.0719 0x1d4c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:49:05.0731 0x1d4c  volmgrx - ok
23:49:05.0740 0x1d4c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:49:05.0751 0x1d4c  volsnap - ok
23:49:05.0757 0x1d4c  [ ED1F4BDF68C649C6F79A02502BB6C9BC, 3D2830822D4A2C7B3676100B27DEC7B1C2EF640DA36C6543365A9CF2A61BF68E ] VsEtwService120 C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe
23:49:05.0766 0x1d4c  VsEtwService120 - ok
23:49:05.0772 0x1d4c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
23:49:05.0781 0x1d4c  vsmraid - ok
23:49:05.0817 0x1d4c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
23:49:05.0866 0x1d4c  VSS - ok
23:49:05.0871 0x1d4c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
23:49:05.0880 0x1d4c  vwifibus - ok
23:49:05.0884 0x1d4c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:49:05.0895 0x1d4c  vwififlt - ok
23:49:05.0897 0x1d4c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
23:49:05.0908 0x1d4c  vwifimp - ok
23:49:05.0918 0x1d4c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
23:49:05.0947 0x1d4c  W32Time - ok
23:49:05.0951 0x1d4c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
23:49:05.0959 0x1d4c  WacomPen - ok
23:49:05.0963 0x1d4c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:49:05.0985 0x1d4c  WANARP - ok
23:49:05.0989 0x1d4c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:49:06.0012 0x1d4c  Wanarpv6 - ok
23:49:06.0043 0x1d4c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
23:49:06.0077 0x1d4c  wbengine - ok
23:49:06.0085 0x1d4c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:49:06.0099 0x1d4c  WbioSrvc - ok
23:49:06.0111 0x1d4c  [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
23:49:06.0124 0x1d4c  WcesComm - ok
23:49:06.0134 0x1d4c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:49:06.0152 0x1d4c  wcncsvc - ok
23:49:06.0155 0x1d4c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:49:06.0163 0x1d4c  WcsPlugInService - ok
23:49:06.0166 0x1d4c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
23:49:06.0173 0x1d4c  Wd - ok
23:49:06.0192 0x1d4c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:49:06.0213 0x1d4c  Wdf01000 - ok
23:49:06.0218 0x1d4c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:49:06.0227 0x1d4c  WdiServiceHost - ok
23:49:06.0230 0x1d4c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:49:06.0239 0x1d4c  WdiSystemHost - ok
23:49:06.0246 0x1d4c  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
23:49:06.0258 0x1d4c  WebClient - ok
23:49:06.0266 0x1d4c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:49:06.0292 0x1d4c  Wecsvc - ok
23:49:06.0297 0x1d4c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:49:06.0321 0x1d4c  wercplsupport - ok
23:49:06.0324 0x1d4c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:49:06.0348 0x1d4c  WerSvc - ok
23:49:06.0351 0x1d4c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:49:06.0373 0x1d4c  WfpLwf - ok
23:49:06.0375 0x1d4c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:49:06.0382 0x1d4c  WIMMount - ok
23:49:06.0384 0x1d4c  WinDefend - ok
23:49:06.0387 0x1d4c  WinHttpAutoProxySvc - ok
23:49:06.0398 0x1d4c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:49:06.0424 0x1d4c  Winmgmt - ok
23:49:06.0464 0x1d4c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
23:49:06.0507 0x1d4c  WinRM - ok
23:49:06.0515 0x1d4c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WINUSB          C:\Windows\system32\DRIVERS\WinUsb.sys
23:49:06.0524 0x1d4c  WINUSB - ok
23:49:06.0545 0x1d4c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:49:06.0572 0x1d4c  Wlansvc - ok
23:49:06.0575 0x1d4c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
23:49:06.0583 0x1d4c  WmiAcpi - ok
23:49:06.0590 0x1d4c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:49:06.0601 0x1d4c  wmiApSrv - ok
23:49:06.0603 0x1d4c  WMPNetworkSvc - ok
23:49:06.0606 0x1d4c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:49:06.0614 0x1d4c  WPCSvc - ok
23:49:06.0618 0x1d4c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:49:06.0629 0x1d4c  WPDBusEnum - ok
23:49:06.0632 0x1d4c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:49:06.0654 0x1d4c  ws2ifsl - ok
23:49:06.0658 0x1d4c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
23:49:06.0671 0x1d4c  wscsvc - ok
23:49:06.0673 0x1d4c  WSearch - ok
23:49:06.0724 0x1d4c  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:49:06.0777 0x1d4c  wuauserv - ok
23:49:06.0785 0x1d4c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:49:06.0813 0x1d4c  WudfPf - ok
23:49:06.0819 0x1d4c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:49:06.0830 0x1d4c  WUDFRd - ok
23:49:06.0834 0x1d4c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:49:06.0843 0x1d4c  wudfsvc - ok
23:49:06.0850 0x1d4c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:49:06.0862 0x1d4c  WwanSvc - ok
23:49:06.0867 0x1d4c  ================ Scan global ===============================
23:49:06.0869 0x1d4c  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
23:49:06.0876 0x1d4c  [ DE4812AB2E6926D0FF2423F3B774585A, 77604B47F2A91F77DDF778D8D362A0145636ED060596760ED55D76DD12E04B79 ] C:\Windows\system32\winsrv.dll
23:49:06.0885 0x1d4c  [ DE4812AB2E6926D0FF2423F3B774585A, 77604B47F2A91F77DDF778D8D362A0145636ED060596760ED55D76DD12E04B79 ] C:\Windows\system32\winsrv.dll
23:49:06.0891 0x1d4c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
23:49:06.0899 0x1d4c  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
23:49:06.0905 0x1d4c  [ Global ] - ok
23:49:06.0905 0x1d4c  ================ Scan MBR ==================================
23:49:06.0907 0x1d4c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:49:07.0007 0x1d4c  \Device\Harddisk0\DR0 - ok
23:49:07.0007 0x1d4c  ================ Scan VBR ==================================
23:49:07.0008 0x1d4c  [ 18154D2AB0A88C438808A961C3507C5A ] \Device\Harddisk0\DR0\Partition1
23:49:07.0009 0x1d4c  \Device\Harddisk0\DR0\Partition1 - ok
23:49:07.0011 0x1d4c  [ 5C644DD8C708AE2EC0E20CCEA8FEB4B8 ] \Device\Harddisk0\DR0\Partition2
23:49:07.0012 0x1d4c  \Device\Harddisk0\DR0\Partition2 - ok
23:49:07.0014 0x1d4c  [ 3C373EA1EDB79FDEBEB3EF6DE2C1ABF6 ] \Device\Harddisk0\DR0\Partition3
23:49:07.0015 0x1d4c  \Device\Harddisk0\DR0\Partition3 - ok
23:49:07.0015 0x1d4c  ================ Scan generic autorun ======================
23:49:07.0290 0x1d4c  [ BCFF8CD24809941E28C73185FC58CA39, 353CA65A5EAFAF5DEC777C422A1B842DAF84ED66626AF314670E49402B6DE994 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
23:49:07.0513 0x1d4c  RTHDVCPL - ok
23:49:07.0561 0x1d4c  [ DF72D700CC33611206675B8A2FD4D4F9, AB3AF6FD92140A1432FEAFFF2015CFAD5E9362F0018EA1D859A2DA349E95847D ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
23:49:07.0600 0x1d4c  EvtMgr6 - ok
23:49:07.0617 0x1d4c  [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdc.exe
23:49:07.0634 0x1d4c  Windows Mobile Device Center - ok
23:49:07.0641 0x1d4c  [ 3D1C5578D1A7088142A1482DEB8E693B, 0F98C6B36EF814EDB613F7758EC11CAC93C01B003070C096898CAD3D2444A894 ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
23:49:07.0647 0x1d4c  VolPanel - detected UnsignedFile.Multi.Generic ( 1 )
23:49:09.0981 0x1d4c  Detect skipped due to KSN trusted
23:49:09.0981 0x1d4c  VolPanel - ok
23:49:09.0982 0x1d4c  SPIRunE - ok
23:49:10.0000 0x1d4c  [ 20ECD0F17EA807112EEA89BD1135EF91, 79906A6225B30248DCE2AB6B6B2DF12399D1EB425969A85FBAAB2EA8389B7F60 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
23:49:10.0010 0x1d4c  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
23:49:12.0352 0x1d4c  Detect skipped due to KSN trusted
23:49:12.0352 0x1d4c  StartCCC - ok
23:49:12.0390 0x1d4c  [ 1CE11C53E562D5F7EAFCF47E0E696516, 4E8264DB3CA9B2344905BC2CAE6A9E73190A3CCF3D154B3CBDAF4F73F8FCD64B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
23:49:12.0429 0x1d4c  avgnt - ok
23:49:12.0436 0x1d4c  [ 86069F4F421FB355C41FD734500E477F, CB4CE22C3298280B033105875079A373D7E1ADEA15F0F71A2095CCA50CF7E5A5 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
23:49:12.0448 0x1d4c  Avira SystrayStartTrigger - ok
23:49:12.0463 0x1d4c  [ 44B946D5CE1079F60A2ACA2E8260456E, 6973CCB3830014B9A476E8DFADA593EE48C3BEAC6227F91D3B73C1400C8E82B3 ] C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe
23:49:12.0478 0x1d4c  Directory Opus Desktop Dblclk - ok
23:49:12.0483 0x1d4c  [ 387FD826630C57270A42EC070F70F420, 9B18EF7FB5727DD89E44EFDE5A5A0F9CCDDAD5FDF37AD94C3048C53B8975CDC1 ] C:\Program Files (x86)\3RVX\3RVX.exe
23:49:12.0489 0x1d4c  3RVX - detected UnsignedFile.Multi.Generic ( 1 )
23:49:14.0823 0x1d4c  Detect skipped due to KSN trusted
23:49:14.0823 0x1d4c  3RVX - ok
23:49:14.0843 0x1d4c  [ 8380DA2C21B6F05F0F794030C5A7329E, 51A31BB49D1102E1006861C59133BC1D020C436BF04242FE29127C2D5BDD44F0 ] C:\Program Files (x86)\Monitor Off Utility\monoff.exe
23:49:14.0864 0x1d4c  Dekisoft Monitor Off Utility - detected UnsignedFile.Multi.Generic ( 1 )
23:49:17.0206 0x1d4c  Detect skipped due to KSN trusted
23:49:17.0206 0x1d4c  Dekisoft Monitor Off Utility - ok
23:49:17.0290 0x1d4c  [ 3DF5FF913964E3980175EC503B7CA5EF, 81F26E9DEB75FCEDCC34A116F755A74D5CC1BA55A513F082CD99206B3D679C8F ] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
23:49:17.0355 0x1d4c  Rainlendar2 - ok
23:49:17.0365 0x1d4c  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe
23:49:17.0372 0x1d4c  Dropbox Update - ok
23:49:17.0384 0x1d4c  [ 44B946D5CE1079F60A2ACA2E8260456E, 6973CCB3830014B9A476E8DFADA593EE48C3BEAC6227F91D3B73C1400C8E82B3 ] C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe
23:49:17.0395 0x1d4c  Directory Opus Desktop Dblclk - ok
23:49:17.0396 0x1d4c  Volume2 - ok
23:49:17.0401 0x1d4c  [ 387FD826630C57270A42EC070F70F420, 9B18EF7FB5727DD89E44EFDE5A5A0F9CCDDAD5FDF37AD94C3048C53B8975CDC1 ] C:\Program Files (x86)\3RVX\3RVX.exe
23:49:17.0406 0x1d4c  3RVX - detected UnsignedFile.Multi.Generic ( 1 )
23:49:17.0407 0x1d4c  Detect skipped due to KSN trusted
23:49:17.0407 0x1d4c  3RVX - ok
23:49:17.0434 0x1d4c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:49:17.0468 0x1d4c  Sidebar - ok
23:49:17.0472 0x1d4c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:49:17.0485 0x1d4c  mctadmin - ok
23:49:17.0511 0x1d4c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:49:17.0538 0x1d4c  Sidebar - ok
23:49:17.0543 0x1d4c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:49:17.0555 0x1d4c  mctadmin - ok
23:49:17.0580 0x1d4c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:49:17.0607 0x1d4c  Sidebar - ok
23:49:17.0612 0x1d4c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:49:17.0624 0x1d4c  mctadmin - ok
23:49:17.0625 0x1d4c  Waiting for KSN requests completion. In queue: 8
23:49:18.0625 0x1d4c  Waiting for KSN requests completion. In queue: 8
23:49:19.0625 0x1d4c  Waiting for KSN requests completion. In queue: 8
23:49:20.0652 0x1d4c  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.16.273 ), 0x41000 ( enabled : updated )
23:49:20.0657 0x1d4c  Win FW state via NFP2: enabled ( trusted )
23:49:23.0055 0x1d4c  ============================================================
23:49:23.0055 0x1d4c  Scan finished
23:49:23.0055 0x1d4c  ============================================================
23:49:23.0062 0x1418  Detected object count: 0
23:49:23.0062 0x1418  Actual detected object count: 0
         


Alt 02.04.2016, 16:49   #6
M-K-D-B
/// TB-Ausbilder
 
Wörter im Internet werden zu Links - Standard

Wörter im Internet werden zu Links



Servus,




Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.
__________________
--> Wörter im Internet werden zu Links

Alt 02.04.2016, 19:01   #7
Fritz83
 
Wörter im Internet werden zu Links - Standard

Wörter im Internet werden zu Links



Alles durchgeführt:
Logdatei von AdwCleaner:
Code:
ATTFilter
# AdwCleaner v5.108 - Bericht erstellt am 02/04/2016 um 18:24:52
# Aktualisiert am 30/03/2016 von Xplode
# Datenbank : 2016-03-30.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Robert - HOME-PC
# Gestartet von : C:\Users\Robert\Desktop\AdwCleaner_5.108.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****

[-] Geplante Aufgabe gelöscht : RunAsStdUser Task

***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****

[-] [C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\prefs.js] [Preference] gelöscht : user_pref("network.proxy.autoconfig_url", "data:text/javascript,function FindProxyForURL(url, host) {if ((host == \"www.abc.net.au\")  (host == \"iview.abc.net.au\")  (host == \"iviewmetered-vh.ak[...]

*************************

:: "Tracing" schlüssel löschen
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1263 Bytes] - [02/04/2016 18:24:52]
C:\AdwCleaner\AdwCleaner[S1].txt - [1186 Bytes] - [02/04/2016 18:23:38]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1409 Bytes] ##########
         
Logdatei von MBAM:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 02.04.2016
Suchlaufzeit: 18:32
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.04.02.04
Rootkit-Datenbank: v2016.03.30.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Robert

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 560292
Abgelaufene Zeit: 9 Min., 42 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 1
PUP.Optional.APNToolBar, C:\Users\Robert\AppData\Local\Temp\is-FT4M4.tmp\Offercast33_ATU3_.exe, In Quarantäne, [dc3022889bfec76f4cb1ea5cd42d738d], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Logdatei von JRT:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 7 Home Premium x64 
Ran by Robert (Administrator) on 02.04.2016 at 18:51:05,54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 58 

Successfully deleted: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\extensions\mailcheck@web.de\searchplugins\mailcom-search.xml (File) 
Successfully deleted: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\user.js (File) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1O16CQCS (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3H4JIXWD (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5UA11Y9R (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5ZPODYNA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\69O76JHB (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F049GJ5Q (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F7NZN8S6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FWLCTSIW (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HXM7N2A8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JN57QVRU (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JVJQG4IT (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LGZGBBTF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LJU82QLY (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NZ1QAMYY (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OPBDVRBE (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RW5CD3V3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S5XHGTCO (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8SMAKIT (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TKMG236M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UANMXFNV (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V90VMHQQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W87021BS (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y6VAK6HE (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z3U73B3S (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1O16CQCS (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3H4JIXWD (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5UA11Y9R (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5ZPODYNA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\69O76JHB (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F049GJ5Q (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F7NZN8S6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FWLCTSIW (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HXM7N2A8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JN57QVRU (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JVJQG4IT (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LGZGBBTF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LJU82QLY (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NZ1QAMYY (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OPBDVRBE (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RW5CD3V3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S5XHGTCO (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8SMAKIT (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TKMG236M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UANMXFNV (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V90VMHQQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W87021BS (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y6VAK6HE (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z3U73B3S (Temporary Internet Files Folder) 

Deleted the following from C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\prefs.js
user_pref(extensions.unitedinternet.email.runonceNewUsersShown, true);



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.04.2016 at 18:52:08,86
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
logs von FRST folgen...

FRST.txt:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Robert (Administrator) auf HOME-PC (02-04-2016 18:54:16)
Gestartet von C:\Users\Robert\Desktop
Geladene Profile: Robert & MSSQL$SQLEXPRESS &  (Verfügbare Profile: Robert & Administrator & MSSQL$SQLEXPRESS)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 8 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Realtek) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtlService.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopus.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [184320 2007-04-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [SPIRunE] => Rundll32 SPIRunE.dll,RunDLLEntry
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-02-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Directory Opus Desktop Dblclk] => C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe [347792 2012-01-10] (GP Software)
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [3RVX] => C:\Program Files (x86)\3RVX\3RVX.exe [159232 2008-10-13] (matt.malensek.net)
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Dekisoft Monitor Off Utility] => C:\Program Files (x86)\Monitor Off Utility\monoff.exe [430592 2009-08-31] (Dekisoft)
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Rainlendar2] => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2739240 2015-11-13] ()
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Dropbox Update] => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-1061047688-2763755289-2242981598-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Directory Opus Desktop Dblclk] => C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe [347792 2012-01-10] (GP Software)
HKU\S-1-5-21-1061047688-2763755289-2242981598-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Volume2] => C:\Program Files (x86)\Volume2\Volume2.exe
HKU\S-1-5-21-1061047688-2763755289-2242981598-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [3RVX] => C:\Program Files (x86)\3RVX\3RVX.exe [159232 2008-10-13] (matt.malensek.net)
ShellExecuteHooks: Directory Opus Shell Execute Hook - {3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE} - C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [1356440 2012-01-10] (GP Software)
ShellExecuteHooks-x32: Directory Opus Shell Execute Hook - {EE761688-C137-4b04-8FAB-3C9CDF0886F0} - C:\Program Files\GPSoftware\Directory Opus\dopuslib32.dll [358000 2012-01-10] (GP Software)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Directory Opus (Startup).lnk [2012-02-13]
ShortcutTarget: Directory Opus (Startup).lnk -> C:\Program Files\GPSoftware\Directory Opus\dopus.exe (GP Software)
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-03-19]
ShortcutTarget: Dropbox.lnk -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serviio.lnk [2015-04-09]
ShortcutTarget: Serviio.lnk -> C:\Program Files\Serviio\bin\ServiioConsole.exe ()
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk [2012-02-13]
ShortcutTarget: Yahoo! Widgets.lnk -> C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{D24B0B43-001F-44C2-A1C3-F3FAA135C80B}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ED62443B-E1E2-4206-B3D4-FFFF2D460E09}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-22] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-22] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-21] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Keine Datei
Toolbar: HKU\S-1-5-21-1061047688-2763755289-2242981598-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Keine Datei
DPF: HKLM-x32 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-11-05] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-11-05] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-11-05] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-11-05] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default
FF Homepage: hxxp://www.spiegel.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-18] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-22] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-21] (Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll [2007-03-10] (Yahoo! Inc.)
FF Plugin HKU\S-1-5-21-1061047688-2763755289-2242981598-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Robert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-25] (Unity Technologies ApS)
FF Extension: SmoothWheel (mozdev.org) - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi [2015-05-30]
FF Extension: Soundcloud SUPER +2: Downloader and Recommender - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\extensions\{988da70d-b78d-44a1-a9c7-ed11832a9e2e}.xpi [2015-05-30]
FF Extension: Thunderbird Biff - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\extensions\{aee74dd0-6dc9-11db-9fe1-0800200c9a66}.xpi [2015-05-30]
FF Extension: Tab Mix Plus - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-03-07]
FF Extension: WEB.DE MailCheck - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\extensions\mailcheck@web.de [2016-03-16]
FF Extension: Avira Browser Safety - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\abs@avira.com [2016-03-16]
FF Extension: Glaze Black - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\glaze_black@www.theme-oasis.org.xpi [2012-02-13] [ist nicht signiert]
FF Extension: Hotspot Shield Free VPN Proxy – Unblock Sites - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\hotspot-shield@anchorfree.com.xpi [2016-01-27] [ist nicht signiert]
FF Extension: QuickTime Addon Plus - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{46e25d74-0fa9-4e53-8bbe-7b0436aee36e}.xpi [2016-03-14] [ist nicht signiert]
FF Extension: Download Status Bar - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2016-03-12]
FF Extension: NoScript - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-03-23]
FF Extension: Video DownloadHelper - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
FF Extension: Adblock Plus - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF Extension: HD Manager - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\wohgwd59.default\Extensions\{da6af166-be55-40e3-8656-d4896859809f}.xpi [2015-12-19] [ist nicht signiert]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1212048 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-02-13] (Creative Labs) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-30] (Logitech, Inc.)
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [197824 2014-02-21] (Microsoft Corporation)
R2 RealtekSE; C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtlService.exe [36864 2010-04-16] (Realtek) [Datei ist nicht signiert]
R2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [327680 2015-03-21] () [Datei ist nicht signiert]
S4 SQLAgent$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [454848 2014-02-21] (Microsoft Corporation)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [133168 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69888 2016-03-10] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-02 18:54 - 2016-04-02 18:54 - 00019209 _____ C:\Users\Robert\Desktop\FRST.txt
2016-04-02 18:52 - 2016-04-02 18:52 - 00010232 _____ C:\Users\Robert\Desktop\JRT.txt
2016-04-02 18:48 - 2016-04-02 18:48 - 00001322 _____ C:\Users\Robert\Desktop\mbam.txt
2016-04-02 18:31 - 2016-04-02 18:31 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-04-02 18:31 - 2016-04-02 18:31 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-04-02 18:31 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-04-02 18:31 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-02 18:31 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-04-02 18:27 - 2016-04-02 18:27 - 00001491 _____ C:\Users\Robert\Desktop\AdwCleaner[C1].txt
2016-04-02 18:21 - 2016-04-02 18:24 - 00000000 ____D C:\AdwCleaner
2016-04-02 18:18 - 2016-04-02 18:18 - 01610352 _____ (Malwarebytes) C:\Users\Robert\Desktop\JRT.exe
2016-04-02 18:17 - 2016-04-02 18:17 - 22851472 _____ (Malwarebytes ) C:\Users\Robert\Desktop\mbam-setup-2.2.1.1043.exe
2016-04-02 18:16 - 2016-04-02 18:16 - 03102720 _____ C:\Users\Robert\Desktop\AdwCleaner_5.108.exe
2016-04-01 23:46 - 2016-04-02 00:06 - 00207296 _____ C:\TDSSKiller.3.1.0.9_01.04.2016_23.46.45_log.txt
2016-04-01 23:42 - 2016-04-01 23:42 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Robert\Desktop\tdsskiller.exe
2016-04-01 20:12 - 2016-04-02 18:54 - 00000000 ____D C:\FRST
2016-04-01 20:11 - 2016-04-01 20:11 - 02374144 _____ (Farbar) C:\Users\Robert\Desktop\FRST64.exe
2016-03-31 22:32 - 2016-03-31 22:34 - 21595095 _____ C:\Users\Robert\Downloads\Audiovision Magazin April No 04 2016.pdf
2016-03-31 22:29 - 2016-03-31 22:30 - 19255143 _____ C:\Users\Robert\Downloads\mavisau0316.pdf
2016-03-29 15:06 - 2016-03-24 09:56 - 41532491 _____ C:\Users\Robert\Downloads\Digital Tested - April Mai 2016.pdf
2016-03-26 23:56 - 2016-03-26 23:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-03-24 19:04 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-03-24 19:04 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-03-24 19:04 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-03-24 19:04 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-03-24 19:04 - 2016-02-01 21:08 - 00114624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-03-24 19:04 - 2016-02-01 20:59 - 03243008 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-03-24 19:04 - 2016-02-01 20:59 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-03-24 19:04 - 2016-02-01 20:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-03-24 19:04 - 2016-02-01 20:56 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-24 19:04 - 2016-02-01 20:56 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-03-24 19:04 - 2016-02-01 20:49 - 02364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-03-24 19:04 - 2016-02-01 20:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-03-24 19:04 - 2016-02-01 20:49 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-03-24 19:04 - 2016-02-01 20:45 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-24 19:04 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-03-24 19:04 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-03-19 17:16 - 2016-03-19 17:16 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-14 22:41 - 2016-02-11 20:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-14 22:41 - 2016-02-11 20:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-14 22:41 - 2016-02-11 20:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-14 22:41 - 2016-02-11 20:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-14 22:41 - 2016-02-11 20:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-14 22:41 - 2016-02-11 20:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-14 22:41 - 2016-02-11 20:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-14 22:41 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-14 22:41 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-14 22:41 - 2016-02-11 20:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-14 22:41 - 2016-02-11 20:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-14 22:41 - 2016-02-11 20:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-14 22:41 - 2016-02-11 20:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-14 22:41 - 2016-02-11 20:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-14 22:41 - 2016-02-11 20:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-14 22:41 - 2016-02-11 20:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-14 22:41 - 2016-02-11 20:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-14 22:41 - 2016-02-11 20:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-14 22:41 - 2016-02-11 20:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-14 22:41 - 2016-02-11 19:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-14 22:41 - 2016-02-11 19:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-14 22:41 - 2016-02-11 19:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-14 22:41 - 2016-02-11 19:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-14 22:41 - 2016-02-11 19:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-14 22:41 - 2016-02-11 19:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-14 22:41 - 2016-02-11 19:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-14 22:41 - 2016-02-11 19:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-14 22:41 - 2016-02-11 19:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-14 22:41 - 2016-02-09 11:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-14 22:41 - 2016-02-05 20:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-14 22:41 - 2016-02-05 20:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-14 22:41 - 2016-02-05 20:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-14 22:41 - 2016-02-05 20:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-14 22:41 - 2016-02-05 20:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-14 22:41 - 2016-02-05 20:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-14 22:41 - 2016-02-05 20:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-14 22:41 - 2016-02-05 19:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-14 22:41 - 2016-02-05 19:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-14 22:41 - 2016-02-05 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-14 22:41 - 2016-02-05 03:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-14 22:41 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-14 22:41 - 2016-02-04 19:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-14 22:41 - 2016-02-03 20:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-14 22:41 - 2016-02-03 20:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-14 22:41 - 2016-02-03 20:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-14 22:41 - 2016-02-03 20:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-14 22:41 - 2016-02-03 20:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-14 22:40 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-14 22:40 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-14 22:40 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-14 22:40 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-14 22:40 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-14 22:40 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-14 22:40 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-14 22:40 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-14 22:40 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-14 22:40 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-06 18:11 - 2016-02-19 21:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-06 18:11 - 2016-02-19 20:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-06 18:11 - 2016-02-19 16:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-06 18:11 - 2016-02-12 20:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-06 18:11 - 2016-02-12 20:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-06 18:11 - 2016-02-12 20:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-06 18:11 - 2016-02-12 20:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-06 18:11 - 2016-02-12 20:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-06 18:11 - 2016-02-12 20:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-06 18:11 - 2016-02-12 20:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-06 18:11 - 2016-02-12 20:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-06 18:11 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-06 18:11 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-06 18:11 - 2016-02-12 20:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-06 18:11 - 2016-02-12 20:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-06 18:11 - 2016-02-12 20:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-06 18:11 - 2016-02-12 20:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-06 18:11 - 2016-02-12 20:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-06 18:11 - 2016-02-12 20:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-06 18:11 - 2016-02-11 16:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-06 18:11 - 2016-02-05 16:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-06 18:11 - 2016-02-05 16:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-06 18:11 - 2016-02-05 16:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-02 18:54 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-02 18:54 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-02 18:49 - 2015-06-18 14:55 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000UA.job
2016-04-02 18:47 - 2014-12-06 17:31 - 00000000 ___RD C:\Users\Robert\Dropbox
2016-04-02 18:47 - 2014-12-06 17:29 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Dropbox
2016-04-02 18:47 - 2014-06-08 09:41 - 00000000 ____D C:\Users\Robert\.rainlendar2
2016-04-02 18:47 - 2014-05-17 10:47 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-02 18:46 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-02 18:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\ModemLogs
2016-04-02 18:34 - 2011-04-12 09:43 - 00822878 _____ C:\Windows\system32\perfh007.dat
2016-04-02 18:34 - 2011-04-12 09:43 - 00202558 _____ C:\Windows\system32\perfc007.dat
2016-04-02 18:34 - 2009-07-14 07:13 - 01941858 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-02 18:34 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-04-01 23:58 - 2015-06-18 14:55 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000Core.job
2016-04-01 18:25 - 2014-08-23 09:54 - 00000000 ____D C:\Users\Robert\Desktop\VT
2016-03-31 22:59 - 2012-02-13 16:40 - 00000000 ____D C:\Users\Robert\AppData\Roaming\foobar2000
2016-03-27 08:52 - 2012-04-24 18:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-24 23:41 - 2015-10-27 20:03 - 00000000 ____D C:\Users\Robert\Documents\Visual Studio 2013
2016-03-24 21:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-03-24 19:05 - 2015-04-05 22:10 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-24 19:05 - 2015-04-05 22:10 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-14 22:47 - 2009-07-14 06:45 - 00344712 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-14 22:44 - 2013-07-11 17:13 - 00000000 ____D C:\Windows\system32\MRT
2016-03-14 22:41 - 2012-02-13 13:14 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-10 20:50 - 2013-08-05 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-03-10 20:49 - 2013-08-05 22:35 - 00154816 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-03-10 20:49 - 2013-08-05 22:35 - 00133168 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-03-10 20:49 - 2013-08-05 22:35 - 00069888 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2016-03-08 22:40 - 2015-11-12 19:04 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-06 18:11 - 2015-04-15 09:16 - 00000000 ____D C:\Windows\system32\appraiser

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-09-26 12:49 - 2012-05-15 10:33 - 1456640 _____ () C:\Program Files (x86)\Common Files\Falk Navi-Manager classic.msi
2012-03-01 22:47 - 2012-03-28 10:14 - 1456640 _____ () C:\Program Files (x86)\Common Files\Falk Navi-Manager.msi
2012-05-19 12:33 - 2014-11-17 22:05 - 0012800 _____ () C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-02-13 21:36 - 2012-02-13 21:36 - 0000017 _____ () C:\Users\Robert\AppData\Local\resmon.resmoncfg

Einige Dateien in TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\avgnt.exe
C:\Users\Robert\AppData\Local\Temp\atcMedia9881446679000.exe
C:\Users\Robert\AppData\Local\Temp\avgnt.exe
C:\Users\Robert\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuygic8.dll
C:\Users\Robert\AppData\Local\Temp\GUR4375.exe
C:\Users\Robert\AppData\Local\Temp\GURCB03.exe
C:\Users\Robert\AppData\Local\Temp\i4jdel0.exe
C:\Users\Robert\AppData\Local\Temp\libeay32.dll
C:\Users\Robert\AppData\Local\Temp\msvcr120.dll
C:\Users\Robert\AppData\Local\Temp\Quarantine.exe
C:\Users\Robert\AppData\Local\Temp\sqlite3.dll
C:\Users\Robert\AppData\Local\Temp\vlc-2.1.5-win32.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-03-29 10:49

==================== Ende von FRST.txt ============================
         
Addition.txt:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Robert (2016-04-02 18:54:35)
Gestartet von C:\Users\Robert\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-02-13 09:27:55)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1061047688-2763755289-2242981598-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-1061047688-2763755289-2242981598-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1061047688-2763755289-2242981598-1002 - Limited - Enabled)
Robert (S-1-5-21-1061047688-2763755289-2242981598-1000 - Administrator - Enabled) => C:\Users\Robert

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

3RVX (HKLM-x32\...\{66BB5D8F-D9BD-4799-A9FA-5731B3B7839A}) (Version: 2.5 - matt.malensek.net)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Ashampoo Burning Studio Elements 10.0.9 (HKLM-x32\...\Ashampoo Burning Studio Elements_is1) (Version: 3.1.1 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
ATI AVIVO64 Codecs (Version: 11.6.0.10209 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{24732103-FE2A-D954-AFCC-7824D77B7CC6}) (Version: 3.0.816.0 - ATI Technologies, Inc.)
ATI Problem Report Wizard (Version: 3.0.816.0 - ATI Technologies) Hidden
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.1347 - DsNET Corp)
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Hidden
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Build Tools - amd64 (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - )
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version:  - Creative Technology Limited)
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version:  - )
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )
Dropbox (HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Druckerdeinstallation für EPSON SX525WD Series (HKLM\...\EPSON SX525WD Series) (Version:  - SEIKO EPSON Corporation)
Edimax Wireless LAN Driver and Utility (HKLM-x32\...\{556BEFE2-30FF-4113-98F4-01234396DF2B}) (Version: 1.00.0184 - Edimax Technology Co.)
Entity Framework 6.1.3 Tools  for Visual Studio 2013 (HKLM-x32\...\{D5170452-84D1-4725-AD9C-F9ECFD0A9E9F}) (Version: 12.0.40302.0 - Microsoft Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX525WD Series Handbuch (HKLM-x32\...\EPSON SX525WD Series Manual) (Version:  - )
EPSON SX525WD Series Netzwerk-Handbuch (HKLM-x32\...\EPSON SX525WD Series Network Guide) (Version:  - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3a - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Falk Navi-Manager (HKLM-x32\...\{3222B0CE-59C5-4CA0-B545-2B88F200756B}) (Version: 2.10.0 - United Navigation GmbH)
Falk Navi-Manager (x32 Version: 2.8.0 - Falk Navigation GmbH) Hidden
Falk Navi-Manager classic (HKLM-x32\...\{4A9135AC-592E-4767-B029-ADCAC182CCFA}) (Version: 2.11.0 - United Navigation GmbH)
Falk Navi-Manager classic (x32 Version: 2.11.0 - United Navigation GmbH) Hidden
foobar2000 v1.1.11 (HKLM-x32\...\foobar2000) (Version: 1.1.11 - Peter Pawlowski)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2013 Sprachpaket (DEU) - v1.4 (x32 Version: 1.4.30416.1601 - Microsoft Corporation) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.05) (Version: 9.05 - Artifex Software Inc.)
GPSoftware Directory Opus (HKLM-x32\...\{5D4F167D-CCC8-413E-A6EE-F2FABBBBF50D}) (Version: 10.0.3.0 - GPSoftware)
Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 1.00 - Creative Technology Limited)
HydraVision (x32 Version: 4.2.188.0 - ATI Technologies Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
JabRef 2.7.2 (HKLM-x32\...\JabRef 2.7.2) (Version: 2.7.2 - JabRef Team)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Logitech Solar App 1.10 (HKLM\...\SolarApp) (Version: 1.10.3 - Logitech)
LyX 2.0.2-1 (HKLM-x32\...\LyX20) (Version: 2.0.2-1 - LyX Team)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{7D1C6D7B-8E3F-4724-94C8-AA7EB7F60AE0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014-Setup (Deutsch) (HKLM-x32\...\{DFEF8D74-5C1A-4437-9067-190F33AF2252}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.41012.0) (HKLM-x32\...\{79AB8378-D661-4021-9941-FE5F4AEB57BB}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A282A232-780C-45E2-A5E5-9B61D74DCC6E}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server*2014 (HKLM-x32\...\Microsoft SQL Server SQLServer2014) (Version:  - Microsoft Corporation)
Microsoft SQL Server*2014 Express LocalDB  (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU mit Update 5 (HKLM-x32\...\{6502e1ac-767b-4caf-b03d-5ee3c638c46d}) (Version: 12.0.40629.0 - Microsoft Corporation)
Microsoft VSS Writer für SQL Server 2014 (HKLM\...\{D390AADD-C825-4B31-8C79-83A9461D5524}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{9408684F-E1CC-4D2E-AE15-886023557682}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{B9A7B46F-0120-406B-9A12-3AD1DCC94D97}) (Version: 12.0.2000.8 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Monitor Off Utility 1.0 (HKLM-x32\...\{10F0131F-1CA2-4433-8473-7C890C769581}_is1) (Version:  - Dekisoft)
Mozilla Firefox 15.0.1 (x86 de) (HKU\S-1-5-21-1061047688-2763755289-2242981598-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Mozilla Firefox 15.0.1 (x86 de)) (Version: 15.0.1 - Mozilla)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Mozilla Thunderbird 38.7.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.7.1 (x86 de)) (Version: 38.7.1 - Mozilla)
Mp3tag v2.59a (HKLM-x32\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
PowerShellIntegration.Notifications (x32 Version: 2.6.0.0 - Microsoft Corporation) Hidden
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6402 - Realtek Semiconductor Corp.)
Serviio (HKLM\...\Serviio) (Version:  - )
SopCast 3.4.8 (HKLM-x32\...\SopCast) (Version: 3.4.8 - www.sopcast.com)
Sound Blaster X-Fi (HKLM-x32\...\{0C9D0200-FA32-44B7-BBB3-7C03F700C4A0}) (Version: 1.0 - )
SQL Server 2014 Common Files (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server-Browser für SQL Server 2014 (HKLM-x32\...\{B7312B95-77C6-497E-A63F-596A77B20F31}) (Version: 12.0.2000.8 - Microsoft Corporation)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.38846 - TeamViewer)
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Unity Web Player (HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM-x32\...\{2A231800-A7CF-4223-B8A3-1FD9057BAE96}) (Version: 10.3.5500.0 - Microsoft Corporation)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Vista Shortcut Manager x64 (HKLM\...\{C7311329-C491-427B-8880-133E84869B3A}) (Version: 2.0 - Frameworkx)
Visual Studio 2013 Update 5 (KB2829760) (HKLM-x32\...\{17551f85-1d1c-4142-a83f-bbd18a3522c2}) (Version: 12.0.40629 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VS Update core components (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 4.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
WISO steuer:Start 2016 (HKLM-x32\...\{6235C2AC-6365-46BC-8F39-366621479FAB}) (Version: 23.00.1146 - Buhl Data Service GmbH)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Yahoo! Install Manager (HKLM-x32\...\YInstHelper) (Version:  - )
Yahoo! Widgets (HKLM-x32\...\Yahoo! Widget Engine) (Version: 4.5.2.0 - Yahoo! Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{095555F2-7F32-44F7-A59A-5F91B6FC6BA7}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{0B2E8C4B-AFAD-4B21-AEB0-4AB36FA50719}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{174EDE05-B71E-410C-AADE-22C2DA8B0F35}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{20715B03-94A4-422C-AF38-4EF9F4052219}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{528BD565-4549-4149-AAA2-43E927203DB7}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{5B90553F-5202-47C6-A608-94DE1CB632ED}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{65BC4C98-7F65-40A9-8BE4-8B05F50EA118}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{69617E00-4C15-4EAC-AC0A-4670168D8C6F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{6B88424B-D65E-455E-A719-553BE18AF06A}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{A240B964-0E23-4BC1-888D-39BAC4781793}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{AA1931BC-2F97-421C-9681-5C4181141EEE}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{B707C2AF-83F0-4F14-B58D-A9179B87F37A}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{BF67C7D6-666F-4EA4-B7CD-7205AF445657}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{D4DCF277-789A-4DA8-B3D8-62B6AB9265C6}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{DAA61697-3931-49E6-9041-F6CE2CAE9707}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{E116A2FE-2C4D-4804-8D90-E6F9C326AB77}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{E4BCAE1F-E7DF-42FF-9390-2DD9B08AD487}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{E5DAAAA8-117D-4408-83E8-20CEAEFEAF77}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{EEADDEE5-8B1E-4490-9EC6-D95D015FF0AA}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {41FFCAEE-2287-4B65-B2B9-08D769F9925A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {527B7DC0-14D2-4C80-9ED6-C694D88B3F02} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000UA => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {63EBCA04-5BCC-4AA3-AA99-D6A05CE9A7F9} - System32\Tasks\{F707FCD1-161C-47D8-9188-370CC55260C3} => pcalua.exe -a C:\Users\Robert\Downloads\irfanview_plugins_433_setup.exe -d C:\Users\Robert\Downloads
Task: {65E7FD65-33CD-428B-A303-092DA6F6E61E} - System32\Tasks\{DE29D441-8030-44E6-A4C9-DDFC73CB2180} => pcalua.exe -a C:\Users\Robert\Downloads\DarkOne301build20110302.exe -d C:\Users\Robert\Downloads
Task: {821C62C0-446C-4849-AC6D-4777BD464F28} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000Core => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {AC2EAA5A-6179-424A-A97A-B07C0288C316} - System32\Tasks\{A93EF223-6769-4FF7-B1EF-8B14E0672D6D} => pcalua.exe -a C:\Users\Robert\Downloads\darkone_v3_0_1_by_tedgo-d33pj8h\DarkOne301build20110302.exe -d C:\Users\Robert\Downloads\darkone_v3_0_1_by_tedgo-d33pj8h

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000Core.job => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000UA.job => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-03-21 10:54 - 2015-03-21 10:54 - 00327680 _____ () C:\Program Files\Serviio\bin\ServiioService.exe
2012-02-13 13:52 - 2012-01-09 20:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2014-05-16 16:43 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1061047688-2763755289-2242981598-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Nero MediaHome 4 => "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{2AE12F74-1D52-45B7-A287-D87269E10D13}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtWLan.exe
FirewallRules: [{5E8E39E4-4198-49C1-A88A-CF65DB2C6DD2}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtWLan.exe
FirewallRules: [{351A706A-524F-4CD7-8ADA-52E4D7846866}] => (Allow) LPort=1542
FirewallRules: [{40213A88-5FFA-41C1-8A17-123AE71B5A3E}] => (Allow) LPort=1542
FirewallRules: [{D129EB02-C30B-4D81-9506-6612A613E868}] => (Allow) LPort=53
FirewallRules: [{B9F7D531-C940-45CC-84DC-048C3C40AFFB}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RTLDHCP.exe
FirewallRules: [{E9CA85F9-B5C7-4F1D-A9A3-0B678194D95C}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RTLDHCP.exe
FirewallRules: [{016DEB10-2705-4C56-ADDF-9A515E9A5B1C}] => (Allow) LPort=67
FirewallRules: [{0B238EF6-7BC3-4D7E-8D8D-5427A40972DE}] => (Allow) LPort=68
FirewallRules: [{4055C5BC-F84C-4316-B298-4F043C57CA58}] => (Allow) LPort=53
FirewallRules: [{B4CBD794-D1C4-446D-83B0-C0F335A464D3}] => (Allow) LPort=53
FirewallRules: [{8479584B-D878-4D47-A8C0-8769E63058BE}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
FirewallRules: [{646807DC-5BB2-4497-B14E-576E499BD82B}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
FirewallRules: [TCP Query User{48C7DD5D-0C99-4AC8-9816-D85869C1CFFB}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{DA1D7715-F811-4B21-8FA4-309584B6E388}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [TCP Query User{3C743D18-DD3E-42A6-8EDA-A3B1224B0A74}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{CFF513EB-DC04-47F8-8233-74BBE6E5443E}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{3DDB80E0-6799-4261-B1FB-01A57C73F98B}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [UDP Query User{418E2F3B-4FCB-46D6-B5C6-E4BD3E680C1E}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [TCP Query User{6329BEC6-E7F4-48F1-B480-553F6A207471}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1E8DCE38-707B-4261-A350-469F17D68659}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{60017BA2-93A8-441D-9C29-62054CCA76EA}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe] => (Allow) C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe
FirewallRules: [UDP Query User{ECA632B0-625E-47AD-B9BE-165281FA9244}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe] => (Allow) C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe
FirewallRules: [TCP Query User{FAE5B579-E8E7-48AA-A5D5-783B3F4CFF79}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [UDP Query User{E7A4CC03-A819-42AA-A250-1F9F342ECCE2}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [TCP Query User{438FB0A1-B440-4C43-949B-B8D12180099D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{BB2396C1-0A01-496C-8C7E-43F4E40F1F2D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{3C0A383C-2ACE-4CFF-886E-4CD7B7F5CD09}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{C29755D3-ECB7-467D-AB98-25983FE603FC}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{95C19226-8416-4893-874C-E693E87459F2}C:\program files (x86)\sopcast\sopcast.exe] => (Block) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{CB36AE15-AA08-4B52-AB72-7E9604A16CE4}C:\program files (x86)\sopcast\sopcast.exe] => (Block) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [TCP Query User{452F99B9-D52A-4DAA-B5CE-E5C7631B174C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1C0164AC-A5E6-4AEB-88AC-C34B998245BF}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{FFD5A33B-5E44-49A8-9B45-ACB601B60805}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{D78F66A4-9612-45A7-BC91-4357759C3789}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{B50C071C-3AE1-4639-9B36-92DF8C16637A}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{4B15FF37-1016-4812-87A7-6B89FD1DA9BF}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{CE012EBF-CF6A-4C0A-BCA6-181E4FA5902A}C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe] => (Allow) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [UDP Query User{8164AFF0-943E-48ED-A757-7AAE4E3ECA4F}C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe] => (Allow) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [{8950CB1A-758E-4DA5-B35B-EAEDF2247726}] => (Block) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [{7720CB72-EE19-43B5-8356-0CC9D1CA82DE}] => (Block) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [{F0BF9464-0628-4330-806E-FC4F08323201}] => (Allow) C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4C1E9A42-2660-4E78-8CC4-696A2515AC79}] => (Allow) C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{0DC97CBC-9814-4E9F-8F3F-450B3CC49698}C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{8640AB99-1027-48E8-B35F-E177067BE650}C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{ECE08A8E-1793-4699-853E-4C69A2E9D10A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DD41B7AE-D30A-49C4-9586-044EE4BDD78D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D4262EAF-DA95-4775-9536-161F74638D82}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{FB373347-5FAF-487E-ABEF-6F7B3A1E6F1F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{625D6BF2-0A82-40C6-A5F7-FF1CD9E628FD}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{A67ADCA2-B694-4E26-9E61-883BAD6A50CA}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{0D9D282C-F1B1-45DA-923D-71F8087E970C}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{BE89447A-9315-47C8-BA7E-57BAD0143DEE}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{4C90BDE5-977E-4C90-8203-FA2C9F0213BA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{FC498BF9-CCDB-4519-A40C-839BB3A2BBD8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{661B2E37-25FF-49AE-90FF-1943CB7CB447}C:\program files\serviio\jre\bin\javaw.exe] => (Allow) C:\program files\serviio\jre\bin\javaw.exe
FirewallRules: [UDP Query User{8CC17E03-2F70-49C3-A054-7336A7B1BD21}C:\program files\serviio\jre\bin\javaw.exe] => (Allow) C:\program files\serviio\jre\bin\javaw.exe
FirewallRules: [{4C527AF1-16A5-4821-8268-DBE283B0AB40}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe
FirewallRules: [{8BA7452F-DAB2-407C-9350-77FAF9D1B050}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe
FirewallRules: [{48FD7F1A-B2EB-4EB4-A603-4FB3B3CAB48E}] => (Allow) C:\Program Files\Serviio\bin\ServiioConsole.exe
FirewallRules: [{E5963B3D-D190-4A83-BAE7-15E0E18DD80B}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\WDExpress.exe
FirewallRules: [{B3C099C3-12BA-4DDE-9979-508FDAD116D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E38B4B12-C687-46EF-90CE-B32EFC133E97}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Wiederherstellungspunkte =========================

22-03-2016 13:11:53 Geplanter Prüfpunkt
24-03-2016 19:05:02 Windows Update
31-03-2016 19:09:40 Geplanter Prüfpunkt
02-04-2016 18:51:05 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/02/2016 06:46:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/02/2016 06:26:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/02/2016 09:12:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/02/2016 09:10:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm thunderbird.exe, Version 38.7.1.5926 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1b20

Startzeit: 01d18caea7d81385

Endzeit: 16

Anwendungspfad: C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

Berichts-ID: 06bfaf1c-f8a2-11e5-81cf-5404a6c5872d

Error: (04/02/2016 09:09:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: YahooWidgets.exe, Version: 4.5.2.0, Zeitstempel: 0x47e05eca
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0xfff6bfc8
ID des fehlerhaften Prozesses: 0xecc
Startzeit der fehlerhaften Anwendung: 0xYahooWidgets.exe0
Pfad der fehlerhaften Anwendung: YahooWidgets.exe1
Pfad des fehlerhaften Moduls: YahooWidgets.exe2
Berichtskennung: YahooWidgets.exe3

Error: (04/02/2016 09:09:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/01/2016 05:05:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/01/2016 07:35:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/31/2016 05:33:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/30/2016 05:28:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (04/02/2016 06:46:35 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (04/02/2016 06:26:08 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (04/02/2016 06:25:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (04/02/2016 06:25:21 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WMPNetworkSvc" konnte sich nicht als "NT AUTHORITY\NetworkService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (04/02/2016 06:25:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (04/02/2016 06:25:21 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (04/02/2016 06:24:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/02/2016 06:24:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/02/2016 06:24:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/02/2016 06:24:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2014-05-16 16:43:36.097
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-16 16:43:36.052
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 8173.21 MB
Verfügbarer physikalischer RAM: 6082.97 MB
Summe virtueller Speicher: 16344.63 MB
Verfügbarer virtueller Speicher: 14267.84 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:68.26 GB) (Free:11.71 GB) NTFS
Drive d: () (Fixed) (Total:43.43 GB) (Free:18.81 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 53E941DB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=68.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=43.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 03.04.2016, 11:15   #8
M-K-D-B
/// TB-Ausbilder
 
Wörter im Internet werden zu Links - Standard

Wörter im Internet werden zu Links



Servus,


wir entfernen die letzten Reste und kontrollieren nochmal alles.



setze bitte Firefox wie folgt zurück:
Firefox zurücksetzen

Anschließend die neueste Version von Firefox downloaden und installieren:
https://www.mozilla.org/de/firefox/new/





Hinweis: Der Suchlauf mit ESET kann länger dauern.



Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von HitmanPro,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.

Geändert von M-K-D-B (03.04.2016 um 11:42 Uhr)

Alt 03.04.2016, 14:19   #9
Fritz83
 
Wörter im Internet werden zu Links - Standard

Wörter im Internet werden zu Links



Alles durchgeführt!
Hier die Logs:
FRST-Fix:
Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Robert (2016-04-03 12:25:41) Run:1
Gestartet von C:\Users\Robert\Desktop
Geladene Profile: Robert & MSSQL$SQLEXPRESS (Verfügbare Profile: Robert & Administrator & MSSQL$SQLEXPRESS)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************

Prozess erfolgreich geschlossen.

========= RemoveProxy: =========

"HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========  ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl�sungscache wurde geleert.

========= Ende von CMD: =========


=========  netsh winsock reset =========


Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.


========= Ende von CMD: =========

EmptyTemp: => 2.1 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 12:26:12 ====
         
ESET:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c073ca0f0d55a5429a02f394337a299e
# engine=18306
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-17 06:56:45
# local_time=2014-05-17 08:56:45 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 94 19171 171024310 11951 0
# compatibility_mode=5893 16776573 100 94 102589 151982855 0 0
# scanned=964
# found=0
# cleaned=0
# scan_time=30
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c073ca0f0d55a5429a02f394337a299e
# engine=18306
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-17 07:17:20
# local_time=2014-05-17 09:17:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 94 20406 171025545 13186 0
# compatibility_mode=5893 16776573 100 94 103824 151984090 0 0
# scanned=189015
# found=0
# cleaned=0
# scan_time=1102
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c073ca0f0d55a5429a02f394337a299e
# end=init
# utc_time=2016-04-03 10:32:09
# local_time=2016-04-03 12:32:09 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 28881
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c073ca0f0d55a5429a02f394337a299e
# end=updated
# utc_time=2016-04-03 10:34:28
# local_time=2016-04-03 12:34:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=c073ca0f0d55a5429a02f394337a299e
# engine=28881
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-04-03 11:16:22
# local_time=2016-04-03 01:16:22 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 100 6507 57873048 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 12739 211312032 0 0
# scanned=252163
# found=0
# cleaned=0
# scan_time=2514
         
HitmanPro:
Code:
ATTFilter
Code:
ATTFilter
HitmanPro 3.7.13.258
www.hitmanpro.com

   Computer name . . . . : HOME-PC
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : Home-PC\Robert
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2016-04-03 14:10:03
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 23s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 1

   Objects scanned . . . : 2.331.858
   Files scanned . . . . : 56.049
   Remnants scanned  . . : 384.076 files / 1.891.733 keys

Suspicious files ____________________________________________________________

   C:\Users\Robert\Desktop\FRST64.exe
      Size . . . . . . . : 2.374.144 bytes
      Age  . . . . . . . : 1.7 days (2016-04-01 20:11:39)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 1CB35A93213562911D4E4218EFFCB9FC5A946B6E1A99509BCD2B5C936898D159
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
         
FRST:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Robert (Administrator) auf HOME-PC (03-04-2016 14:12:13)
Gestartet von C:\Users\Robert\Desktop
Geladene Profile: Robert & Administrator & MSSQL$SQLEXPRESS &  (Verfügbare Profile: Robert & Administrator & MSSQL$SQLEXPRESS)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 8 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Realtek) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtlService.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtWLan.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe
(matt.malensek.net) C:\Program Files (x86)\3RVX\3RVX.exe
(Dekisoft) C:\Program Files (x86)\Monitor Off Utility\monoff.exe
() C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopus.exe
(Dropbox, Inc.) C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\Serviio\bin\ServiioConsole.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [184320 2007-04-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [SPIRunE] => Rundll32 SPIRunE.dll,RunDLLEntry
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-02-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Directory Opus Desktop Dblclk] => C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe [347792 2012-01-10] (GP Software)
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [3RVX] => C:\Program Files (x86)\3RVX\3RVX.exe [159232 2008-10-13] (matt.malensek.net)
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Dekisoft Monitor Off Utility] => C:\Program Files (x86)\Monitor Off Utility\monoff.exe [430592 2009-08-31] (Dekisoft)
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Rainlendar2] => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2739240 2015-11-13] ()
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Run: [Dropbox Update] => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-1061047688-2763755289-2242981598-500\...\Run: [Directory Opus Desktop Dblclk] => C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe [347792 2012-01-10] (GP Software)
HKU\S-1-5-21-1061047688-2763755289-2242981598-500\...\Run: [Volume2] => C:\Program Files (x86)\Volume2\Volume2.exe
HKU\S-1-5-21-1061047688-2763755289-2242981598-500\...\Run: [3RVX] => C:\Program Files (x86)\3RVX\3RVX.exe [159232 2008-10-13] (matt.malensek.net)
ShellExecuteHooks: Directory Opus Shell Execute Hook - {3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE} - C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [1356440 2012-01-10] (GP Software)
ShellExecuteHooks-x32: Directory Opus Shell Execute Hook - {EE761688-C137-4b04-8FAB-3C9CDF0886F0} - C:\Program Files\GPSoftware\Directory Opus\dopuslib32.dll [358000 2012-01-10] (GP Software)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Directory Opus (Startup).lnk [2012-02-13]
ShortcutTarget: Directory Opus (Startup).lnk -> C:\Program Files\GPSoftware\Directory Opus\dopus.exe (GP Software)
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-03-19]
ShortcutTarget: Dropbox.lnk -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serviio.lnk [2015-04-09]
ShortcutTarget: Serviio.lnk -> C:\Program Files\Serviio\bin\ServiioConsole.exe ()
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk [2012-02-13]
ShortcutTarget: Yahoo! Widgets.lnk -> C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{D24B0B43-001F-44C2-A1C3-F3FAA135C80B}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ED62443B-E1E2-4206-B3D4-FFFF2D460E09}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-22] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-22] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-21] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Keine Datei
Toolbar: HKU\S-1-5-21-1061047688-2763755289-2242981598-500 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Keine Datei
DPF: HKLM-x32 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-11-05] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-11-05] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-11-05] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-11-05] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\cup2ftxf.default-1459675819417
FF Homepage: hxxp://www.spiegel.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-18] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-22] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-21] (Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll [2007-03-10] (Yahoo! Inc.)
FF Plugin HKU\S-1-5-21-1061047688-2763755289-2242981598-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Robert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-25] (Unity Technologies ApS)
FF Extension: Tab Mix Plus - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\cup2ftxf.default-1459675819417\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-04-03]
FF Extension: Thunderbird Biff - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\cup2ftxf.default-1459675819417\extensions\{aee74dd0-6dc9-11db-9fe1-0800200c9a66}.xpi [2016-04-03]
FF Extension: WEB.DE MailCheck - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\cup2ftxf.default-1459675819417\extensions\toolbar@web.de [2016-04-03]
FF Extension: Download Status Bar - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\cup2ftxf.default-1459675819417\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2016-04-03]
FF Extension: Adblock Plus - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\cup2ftxf.default-1459675819417\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-03]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1212048 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-02-13] (Creative Labs) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-30] (Logitech, Inc.)
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [197824 2014-02-21] (Microsoft Corporation)
R2 RealtekSE; C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtlService.exe [36864 2010-04-16] (Realtek) [Datei ist nicht signiert]
R2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [327680 2015-03-21] () [Datei ist nicht signiert]
S4 SQLAgent$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [454848 2014-02-21] (Microsoft Corporation)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [133168 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69888 2016-03-10] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-03 14:12 - 2016-04-03 14:12 - 00018862 _____ C:\Users\Robert\Desktop\FRST.txt
2016-04-03 14:09 - 2016-04-03 14:11 - 00000000 ____D C:\ProgramData\HitmanPro
2016-04-03 13:32 - 2016-04-03 13:32 - 11441744 _____ (SurfRight B.V.) C:\Users\Robert\Desktop\HitmanPro_x64.exe
2016-04-03 12:30 - 2016-04-03 12:30 - 02870984 _____ (ESET) C:\Users\Robert\Desktop\esetsmartinstaller_deu.exe
2016-04-03 12:25 - 2016-04-03 12:26 - 00001749 _____ C:\Users\Robert\Desktop\Fixlog.txt
2016-04-03 12:23 - 2016-04-03 12:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-03 09:43 - 2016-03-25 21:06 - 00038120 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-03 09:43 - 2016-03-25 20:54 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-03 09:43 - 2016-03-23 16:02 - 01385472 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-03 09:43 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-03 09:43 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-03 09:43 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-03 09:43 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-03 09:43 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-02 18:31 - 2016-04-02 18:31 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-04-02 18:31 - 2016-04-02 18:31 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-04-02 18:31 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-04-02 18:31 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-02 18:31 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-04-02 18:21 - 2016-04-02 18:24 - 00000000 ____D C:\AdwCleaner
2016-04-02 18:18 - 2016-04-02 18:18 - 01610352 _____ (Malwarebytes) C:\Users\Robert\Desktop\JRT.exe
2016-04-02 18:16 - 2016-04-02 18:16 - 03102720 _____ C:\Users\Robert\Desktop\AdwCleaner_5.108.exe
2016-04-01 23:46 - 2016-04-02 00:06 - 00207296 _____ C:\TDSSKiller.3.1.0.9_01.04.2016_23.46.45_log.txt
2016-04-01 23:42 - 2016-04-01 23:42 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Robert\Desktop\tdsskiller.exe
2016-04-01 20:12 - 2016-04-03 14:12 - 00000000 ____D C:\FRST
2016-04-01 20:11 - 2016-04-01 20:11 - 02374144 _____ (Farbar) C:\Users\Robert\Desktop\FRST64.exe
2016-03-31 22:32 - 2016-03-31 22:34 - 21595095 _____ C:\Users\Robert\Downloads\Audiovision Magazin April No 04 2016.pdf
2016-03-31 22:29 - 2016-03-31 22:30 - 19255143 _____ C:\Users\Robert\Downloads\mavisau0316.pdf
2016-03-29 15:06 - 2016-03-24 09:56 - 41532491 _____ C:\Users\Robert\Downloads\Digital Tested - April Mai 2016.pdf
2016-03-26 23:56 - 2016-03-26 23:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-03-24 19:04 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-03-24 19:04 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-03-24 19:04 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-03-24 19:04 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-03-24 19:04 - 2016-02-01 21:08 - 00114624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-03-24 19:04 - 2016-02-01 20:59 - 03243008 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-03-24 19:04 - 2016-02-01 20:59 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-03-24 19:04 - 2016-02-01 20:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-03-24 19:04 - 2016-02-01 20:56 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-24 19:04 - 2016-02-01 20:56 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-03-24 19:04 - 2016-02-01 20:49 - 02364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-03-24 19:04 - 2016-02-01 20:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-03-24 19:04 - 2016-02-01 20:49 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-03-24 19:04 - 2016-02-01 20:45 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-24 19:04 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-03-24 19:04 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-03-19 17:16 - 2016-03-19 17:16 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-14 22:41 - 2016-02-11 20:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-14 22:41 - 2016-02-11 20:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-14 22:41 - 2016-02-11 20:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-14 22:41 - 2016-02-11 20:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-14 22:41 - 2016-02-11 20:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-14 22:41 - 2016-02-11 20:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-14 22:41 - 2016-02-11 20:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-14 22:41 - 2016-02-11 20:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-14 22:41 - 2016-02-11 20:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-14 22:41 - 2016-02-11 20:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-14 22:41 - 2016-02-11 20:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-14 22:41 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-14 22:41 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-14 22:41 - 2016-02-11 20:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-14 22:41 - 2016-02-11 20:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-14 22:41 - 2016-02-11 20:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-14 22:41 - 2016-02-11 20:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-14 22:41 - 2016-02-11 20:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-14 22:41 - 2016-02-11 20:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-14 22:41 - 2016-02-11 20:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-14 22:41 - 2016-02-11 20:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-14 22:41 - 2016-02-11 20:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-14 22:41 - 2016-02-11 20:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-14 22:41 - 2016-02-11 20:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-14 22:41 - 2016-02-11 19:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-14 22:41 - 2016-02-11 19:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-14 22:41 - 2016-02-11 19:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-14 22:41 - 2016-02-11 19:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-14 22:41 - 2016-02-11 19:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-14 22:41 - 2016-02-11 19:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-14 22:41 - 2016-02-11 19:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-14 22:41 - 2016-02-11 19:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-14 22:41 - 2016-02-11 19:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-14 22:41 - 2016-02-11 19:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-14 22:41 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-14 22:41 - 2016-02-09 11:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-14 22:41 - 2016-02-05 20:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-14 22:41 - 2016-02-05 20:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-14 22:41 - 2016-02-05 20:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-14 22:41 - 2016-02-05 20:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-14 22:41 - 2016-02-05 20:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-14 22:41 - 2016-02-05 20:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-14 22:41 - 2016-02-05 20:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-14 22:41 - 2016-02-05 19:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-14 22:41 - 2016-02-05 19:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-14 22:41 - 2016-02-05 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-14 22:41 - 2016-02-05 03:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-14 22:41 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-14 22:41 - 2016-02-04 19:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-14 22:41 - 2016-02-03 20:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-14 22:41 - 2016-02-03 20:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-14 22:41 - 2016-02-03 20:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-14 22:41 - 2016-02-03 20:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-14 22:41 - 2016-02-03 20:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-14 22:40 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-14 22:40 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-14 22:40 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-14 22:40 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-14 22:40 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-14 22:40 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-14 22:40 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-14 22:40 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-14 22:40 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-14 22:40 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-06 18:11 - 2016-02-12 20:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-06 18:11 - 2016-02-12 20:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-06 18:11 - 2016-02-12 20:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-06 18:11 - 2016-02-12 20:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-06 18:11 - 2016-02-12 20:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-06 18:11 - 2016-02-12 20:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-06 18:11 - 2016-02-12 20:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-06 18:11 - 2016-02-12 20:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-06 18:11 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-06 18:11 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-06 18:11 - 2016-02-12 20:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-06 18:11 - 2016-02-12 20:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-06 18:11 - 2016-02-12 20:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-06 18:11 - 2016-02-12 20:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-06 18:11 - 2016-02-12 20:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-06 18:11 - 2016-02-12 20:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-03 13:49 - 2015-06-18 14:55 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000UA.job
2016-04-03 12:37 - 2011-04-12 09:43 - 00822878 _____ C:\Windows\system32\perfh007.dat
2016-04-03 12:37 - 2011-04-12 09:43 - 00202558 _____ C:\Windows\system32\perfc007.dat
2016-04-03 12:37 - 2009-07-14 07:13 - 01941858 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-03 12:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-04-03 12:36 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-03 12:36 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-03 12:29 - 2014-12-06 17:31 - 00000000 ___RD C:\Users\Robert\Dropbox
2016-04-03 12:29 - 2014-12-06 17:29 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Dropbox
2016-04-03 12:29 - 2014-06-08 09:41 - 00000000 ____D C:\Users\Robert\.rainlendar2
2016-04-03 12:28 - 2012-04-24 18:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-03 12:28 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-03 12:25 - 2014-11-20 08:58 - 00000000 ____D C:\Users\Robert\AppData\LocalLow\Temp
2016-04-03 09:44 - 2015-04-15 09:16 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-02 23:49 - 2015-06-18 14:55 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000Core.job
2016-04-02 18:47 - 2014-05-17 10:47 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-02 18:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\ModemLogs
2016-04-01 18:25 - 2014-08-23 09:54 - 00000000 ____D C:\Users\Robert\Desktop\VT
2016-03-31 22:59 - 2012-02-13 16:40 - 00000000 ____D C:\Users\Robert\AppData\Roaming\foobar2000
2016-03-24 23:41 - 2015-10-27 20:03 - 00000000 ____D C:\Users\Robert\Documents\Visual Studio 2013
2016-03-24 21:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-03-24 19:05 - 2015-04-05 22:10 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-24 19:05 - 2015-04-05 22:10 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-14 22:47 - 2009-07-14 06:45 - 00344712 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-14 22:44 - 2013-07-11 17:13 - 00000000 ____D C:\Windows\system32\MRT
2016-03-14 22:41 - 2012-02-13 13:14 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-10 20:50 - 2013-08-05 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-03-10 20:49 - 2013-08-05 22:35 - 00154816 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-03-10 20:49 - 2013-08-05 22:35 - 00133168 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-03-10 20:49 - 2013-08-05 22:35 - 00069888 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2016-03-08 22:40 - 2015-11-12 19:04 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-09-26 12:49 - 2012-05-15 10:33 - 1456640 _____ () C:\Program Files (x86)\Common Files\Falk Navi-Manager classic.msi
2012-03-01 22:47 - 2012-03-28 10:14 - 1456640 _____ () C:\Program Files (x86)\Common Files\Falk Navi-Manager.msi
2012-05-19 12:33 - 2014-11-17 22:05 - 0012800 _____ () C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-02-13 21:36 - 2012-02-13 21:36 - 0000017 _____ () C:\Users\Robert\AppData\Local\resmon.resmoncfg

Einige Dateien in TEMP:
====================
C:\Users\Robert\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-03-29 10:49

==================== Ende von FRST.txt ============================
         
Addition:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Robert (2016-04-03 14:12:31)
Gestartet von C:\Users\Robert\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-02-13 09:27:55)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1061047688-2763755289-2242981598-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-1061047688-2763755289-2242981598-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1061047688-2763755289-2242981598-1002 - Limited - Enabled)
Robert (S-1-5-21-1061047688-2763755289-2242981598-1000 - Administrator - Enabled) => C:\Users\Robert

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

3RVX (HKLM-x32\...\{66BB5D8F-D9BD-4799-A9FA-5731B3B7839A}) (Version: 2.5 - matt.malensek.net)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Ashampoo Burning Studio Elements 10.0.9 (HKLM-x32\...\Ashampoo Burning Studio Elements_is1) (Version: 3.1.1 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
ATI AVIVO64 Codecs (Version: 11.6.0.10209 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{24732103-FE2A-D954-AFCC-7824D77B7CC6}) (Version: 3.0.816.0 - ATI Technologies, Inc.)
ATI Problem Report Wizard (Version: 3.0.816.0 - ATI Technologies) Hidden
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.1347 - DsNET Corp)
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Hidden
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Build Tools - amd64 (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - )
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version:  - Creative Technology Limited)
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version:  - )
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )
Dropbox (HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Druckerdeinstallation für EPSON SX525WD Series (HKLM\...\EPSON SX525WD Series) (Version:  - SEIKO EPSON Corporation)
Edimax Wireless LAN Driver and Utility (HKLM-x32\...\{556BEFE2-30FF-4113-98F4-01234396DF2B}) (Version: 1.00.0184 - Edimax Technology Co.)
Entity Framework 6.1.3 Tools  for Visual Studio 2013 (HKLM-x32\...\{D5170452-84D1-4725-AD9C-F9ECFD0A9E9F}) (Version: 12.0.40302.0 - Microsoft Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX525WD Series Handbuch (HKLM-x32\...\EPSON SX525WD Series Manual) (Version:  - )
EPSON SX525WD Series Netzwerk-Handbuch (HKLM-x32\...\EPSON SX525WD Series Network Guide) (Version:  - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3a - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Falk Navi-Manager (HKLM-x32\...\{3222B0CE-59C5-4CA0-B545-2B88F200756B}) (Version: 2.10.0 - United Navigation GmbH)
Falk Navi-Manager (x32 Version: 2.8.0 - Falk Navigation GmbH) Hidden
Falk Navi-Manager classic (HKLM-x32\...\{4A9135AC-592E-4767-B029-ADCAC182CCFA}) (Version: 2.11.0 - United Navigation GmbH)
Falk Navi-Manager classic (x32 Version: 2.11.0 - United Navigation GmbH) Hidden
foobar2000 v1.1.11 (HKLM-x32\...\foobar2000) (Version: 1.1.11 - Peter Pawlowski)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2013 Sprachpaket (DEU) - v1.4 (x32 Version: 1.4.30416.1601 - Microsoft Corporation) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.05) (Version: 9.05 - Artifex Software Inc.)
GPSoftware Directory Opus (HKLM-x32\...\{5D4F167D-CCC8-413E-A6EE-F2FABBBBF50D}) (Version: 10.0.3.0 - GPSoftware)
Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 1.00 - Creative Technology Limited)
HydraVision (x32 Version: 4.2.188.0 - ATI Technologies Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
JabRef 2.7.2 (HKLM-x32\...\JabRef 2.7.2) (Version: 2.7.2 - JabRef Team)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Logitech Solar App 1.10 (HKLM\...\SolarApp) (Version: 1.10.3 - Logitech)
LyX 2.0.2-1 (HKLM-x32\...\LyX20) (Version: 2.0.2-1 - LyX Team)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{7D1C6D7B-8E3F-4724-94C8-AA7EB7F60AE0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014-Setup (Deutsch) (HKLM-x32\...\{DFEF8D74-5C1A-4437-9067-190F33AF2252}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.41012.0) (HKLM-x32\...\{79AB8378-D661-4021-9941-FE5F4AEB57BB}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A282A232-780C-45E2-A5E5-9B61D74DCC6E}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server*2014 (HKLM-x32\...\Microsoft SQL Server SQLServer2014) (Version:  - Microsoft Corporation)
Microsoft SQL Server*2014 Express LocalDB  (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU mit Update 5 (HKLM-x32\...\{6502e1ac-767b-4caf-b03d-5ee3c638c46d}) (Version: 12.0.40629.0 - Microsoft Corporation)
Microsoft VSS Writer für SQL Server 2014 (HKLM\...\{D390AADD-C825-4B31-8C79-83A9461D5524}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{9408684F-E1CC-4D2E-AE15-886023557682}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{B9A7B46F-0120-406B-9A12-3AD1DCC94D97}) (Version: 12.0.2000.8 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Monitor Off Utility 1.0 (HKLM-x32\...\{10F0131F-1CA2-4433-8473-7C890C769581}_is1) (Version:  - Dekisoft)
Mozilla Firefox 15.0.1 (x86 de) (HKU\S-1-5-21-1061047688-2763755289-2242981598-500\...\Mozilla Firefox 15.0.1 (x86 de)) (Version: 15.0.1 - Mozilla)
Mozilla Firefox 43.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 de)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
Mozilla Thunderbird 38.7.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.7.1 (x86 de)) (Version: 38.7.1 - Mozilla)
Mp3tag v2.59a (HKLM-x32\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
PowerShellIntegration.Notifications (x32 Version: 2.6.0.0 - Microsoft Corporation) Hidden
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6402 - Realtek Semiconductor Corp.)
Serviio (HKLM\...\Serviio) (Version:  - )
SopCast 3.4.8 (HKLM-x32\...\SopCast) (Version: 3.4.8 - www.sopcast.com)
Sound Blaster X-Fi (HKLM-x32\...\{0C9D0200-FA32-44B7-BBB3-7C03F700C4A0}) (Version: 1.0 - )
SQL Server 2014 Common Files (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server-Browser für SQL Server 2014 (HKLM-x32\...\{B7312B95-77C6-497E-A63F-596A77B20F31}) (Version: 12.0.2000.8 - Microsoft Corporation)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.38846 - TeamViewer)
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Unity Web Player (HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM-x32\...\{2A231800-A7CF-4223-B8A3-1FD9057BAE96}) (Version: 10.3.5500.0 - Microsoft Corporation)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Vista Shortcut Manager x64 (HKLM\...\{C7311329-C491-427B-8880-133E84869B3A}) (Version: 2.0 - Frameworkx)
Visual Studio 2013 Update 5 (KB2829760) (HKLM-x32\...\{17551f85-1d1c-4142-a83f-bbd18a3522c2}) (Version: 12.0.40629 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VS Update core components (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 4.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
WISO steuer:Start 2016 (HKLM-x32\...\{6235C2AC-6365-46BC-8F39-366621479FAB}) (Version: 23.00.1146 - Buhl Data Service GmbH)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Yahoo! Install Manager (HKLM-x32\...\YInstHelper) (Version:  - )
Yahoo! Widgets (HKLM-x32\...\Yahoo! Widget Engine) (Version: 4.5.2.0 - Yahoo! Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{095555F2-7F32-44F7-A59A-5F91B6FC6BA7}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{0B2E8C4B-AFAD-4B21-AEB0-4AB36FA50719}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{174EDE05-B71E-410C-AADE-22C2DA8B0F35}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{20715B03-94A4-422C-AF38-4EF9F4052219}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{528BD565-4549-4149-AAA2-43E927203DB7}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{5B90553F-5202-47C6-A608-94DE1CB632ED}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{65BC4C98-7F65-40A9-8BE4-8B05F50EA118}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{69617E00-4C15-4EAC-AC0A-4670168D8C6F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{6B88424B-D65E-455E-A719-553BE18AF06A}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{A240B964-0E23-4BC1-888D-39BAC4781793}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{AA1931BC-2F97-421C-9681-5C4181141EEE}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{B707C2AF-83F0-4F14-B58D-A9179B87F37A}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{BF67C7D6-666F-4EA4-B7CD-7205AF445657}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{D4DCF277-789A-4DA8-B3D8-62B6AB9265C6}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{DAA61697-3931-49E6-9041-F6CE2CAE9707}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{E116A2FE-2C4D-4804-8D90-E6F9C326AB77}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{E4BCAE1F-E7DF-42FF-9390-2DD9B08AD487}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{E5DAAAA8-117D-4408-83E8-20CEAEFEAF77}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{EEADDEE5-8B1E-4490-9EC6-D95D015FF0AA}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1061047688-2763755289-2242981598-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {41FFCAEE-2287-4B65-B2B9-08D769F9925A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {527B7DC0-14D2-4C80-9ED6-C694D88B3F02} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000UA => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {63EBCA04-5BCC-4AA3-AA99-D6A05CE9A7F9} - System32\Tasks\{F707FCD1-161C-47D8-9188-370CC55260C3} => pcalua.exe -a C:\Users\Robert\Downloads\irfanview_plugins_433_setup.exe -d C:\Users\Robert\Downloads
Task: {65E7FD65-33CD-428B-A303-092DA6F6E61E} - System32\Tasks\{DE29D441-8030-44E6-A4C9-DDFC73CB2180} => pcalua.exe -a C:\Users\Robert\Downloads\DarkOne301build20110302.exe -d C:\Users\Robert\Downloads
Task: {821C62C0-446C-4849-AC6D-4777BD464F28} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000Core => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {AC2EAA5A-6179-424A-A97A-B07C0288C316} - System32\Tasks\{A93EF223-6769-4FF7-B1EF-8B14E0672D6D} => pcalua.exe -a C:\Users\Robert\Downloads\darkone_v3_0_1_by_tedgo-d33pj8h\DarkOne301build20110302.exe -d C:\Users\Robert\Downloads\darkone_v3_0_1_by_tedgo-d33pj8h

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000Core.job => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1061047688-2763755289-2242981598-1000UA.job => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-03-21 10:54 - 2015-03-21 10:54 - 00327680 _____ () C:\Program Files\Serviio\bin\ServiioService.exe
2012-02-13 13:52 - 2012-01-09 20:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2011-10-07 11:39 - 2011-10-07 11:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2015-05-13 18:36 - 2015-05-13 18:36 - 00178688 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\WaveLibMixer\41cd1da537156b6e85b5aa94831ccfa9\WaveLibMixer.ni.dll
2014-09-11 17:24 - 2014-09-11 17:24 - 00108032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\CoreAudioApi\7fd494c22406deed2dfcc8e29c82cb65\CoreAudioApi.ni.dll
2015-11-13 13:57 - 2015-11-13 13:57 - 02739240 _____ () C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
2015-03-21 10:54 - 2015-03-21 10:54 - 00368640 _____ () C:\Program Files\Serviio\bin\ServiioConsole.exe
2011-02-09 22:53 - 2011-02-09 22:53 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-02-13 11:48 - 2009-12-09 22:20 - 00126976 _____ () C:\Program Files (x86)\Edimax\PCIe Wireless LAN\EnumDevLib.dll
2015-08-14 08:31 - 2015-08-14 08:31 - 00252928 _____ () C:\Program Files (x86)\Rainlendar2\libical.dll
2015-08-14 08:31 - 2015-08-14 08:31 - 00051200 _____ () C:\Program Files (x86)\Rainlendar2\libicalss.dll
2014-05-04 12:48 - 2014-05-04 12:48 - 00197632 _____ () C:\Program Files (x86)\Rainlendar2\lua52.dll
2015-11-13 13:57 - 2015-11-13 13:57 - 00068136 _____ () C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll
2014-05-04 12:49 - 2014-05-04 12:49 - 00027648 _____ () C:\Program Files (x86)\Rainlendar2\lfs.dll
2015-12-14 20:49 - 2016-02-23 20:19 - 00034768 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-03-19 17:16 - 2016-02-23 20:20 - 00019408 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-03-19 17:16 - 2016-02-23 20:19 - 00116688 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-14 20:49 - 2016-02-23 20:19 - 00093640 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-14 20:49 - 2016-02-23 20:19 - 00018376 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-14 20:49 - 2016-03-12 02:18 - 00019760 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00105928 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-03-19 17:16 - 2016-02-23 20:19 - 00392144 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-14 20:49 - 2016-03-12 02:18 - 00381752 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-14 20:49 - 2016-02-23 20:19 - 00692688 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00020816 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-14 20:49 - 2016-02-23 20:20 - 00112592 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 01682760 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00020808 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-14 20:49 - 2016-03-12 02:18 - 00020800 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-14 20:49 - 2016-03-12 02:18 - 00021840 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00038696 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-03-19 17:16 - 2016-02-23 20:21 - 00020936 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00024528 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00114640 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00124880 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00021832 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00024016 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00175560 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00030160 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00043472 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00028616 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00048592 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00026456 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00057808 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00024016 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00117056 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00024392 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-03-19 17:16 - 2016-02-23 20:21 - 00036296 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-14 20:49 - 2016-03-12 02:18 - 00023376 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-14 20:49 - 2016-02-23 20:19 - 00134608 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-03-19 17:16 - 2016-02-23 20:19 - 00134088 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-03-19 17:16 - 2016-02-23 20:20 - 00240584 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00052024 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00020800 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00021824 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00019776 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00020800 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00020280 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-14 20:49 - 2016-02-23 20:21 - 00350152 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-11 09:37 - 2016-03-12 02:18 - 00022352 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00084792 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-03-19 17:16 - 2016-03-12 02:18 - 01826096 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-14 20:49 - 2016-02-23 20:20 - 00083912 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\sip.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 03928880 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 01971504 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00531248 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00132912 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00223544 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00207672 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00158008 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00042808 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-03-19 17:16 - 2016-02-23 20:23 - 00017864 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-03-19 17:16 - 2016-02-23 20:23 - 01631184 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-12-14 20:49 - 2016-03-12 02:18 - 00024904 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00546096 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-03-19 17:16 - 2016-03-12 02:18 - 00357680 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 23:45 - 2016-02-23 20:25 - 00697304 _____ () C:\Users\Robert\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2012-02-13 11:58 - 2009-02-06 19:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2012-02-13 11:58 - 2009-03-26 15:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2009-08-26 06:29 - 2009-08-26 06:29 - 00150016 _____ () C:\Windows\SysWOW64\OemSpiE.dll
2008-01-09 00:50 - 2008-01-09 00:50 - 00349147 _____ () C:\Program Files (x86)\Yahoo!\Widgets\sqlite3.dll
2008-03-19 02:21 - 2008-03-19 02:21 - 00512000 _____ () C:\Program Files (x86)\Yahoo!\Widgets\js32.dll
2008-03-19 02:21 - 2008-03-19 02:21 - 00094208 _____ () C:\Program Files (x86)\Yahoo!\Widgets\jsd.dll
2016-03-26 23:56 - 2016-03-26 23:56 - 00153032 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2016-03-26 23:56 - 2016-03-26 23:56 - 00022472 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2015-05-28 22:51 - 2015-05-28 22:51 - 00008704 _____ () C:\Users\Robert\AppData\Roaming\Thunderbird\Profiles\srisme7d.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2014-05-16 16:43 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1061047688-2763755289-2242981598-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1061047688-2763755289-2242981598-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Nero MediaHome 4 => "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{2AE12F74-1D52-45B7-A287-D87269E10D13}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtWLan.exe
FirewallRules: [{5E8E39E4-4198-49C1-A88A-CF65DB2C6DD2}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RtWLan.exe
FirewallRules: [{351A706A-524F-4CD7-8ADA-52E4D7846866}] => (Allow) LPort=1542
FirewallRules: [{40213A88-5FFA-41C1-8A17-123AE71B5A3E}] => (Allow) LPort=1542
FirewallRules: [{D129EB02-C30B-4D81-9506-6612A613E868}] => (Allow) LPort=53
FirewallRules: [{B9F7D531-C940-45CC-84DC-048C3C40AFFB}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RTLDHCP.exe
FirewallRules: [{E9CA85F9-B5C7-4F1D-A9A3-0B678194D95C}] => (Allow) C:\Program Files (x86)\Edimax\PCIe Wireless LAN\RTLDHCP.exe
FirewallRules: [{016DEB10-2705-4C56-ADDF-9A515E9A5B1C}] => (Allow) LPort=67
FirewallRules: [{0B238EF6-7BC3-4D7E-8D8D-5427A40972DE}] => (Allow) LPort=68
FirewallRules: [{4055C5BC-F84C-4316-B298-4F043C57CA58}] => (Allow) LPort=53
FirewallRules: [{B4CBD794-D1C4-446D-83B0-C0F335A464D3}] => (Allow) LPort=53
FirewallRules: [{8479584B-D878-4D47-A8C0-8769E63058BE}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
FirewallRules: [{646807DC-5BB2-4497-B14E-576E499BD82B}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
FirewallRules: [TCP Query User{48C7DD5D-0C99-4AC8-9816-D85869C1CFFB}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{DA1D7715-F811-4B21-8FA4-309584B6E388}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [TCP Query User{3C743D18-DD3E-42A6-8EDA-A3B1224B0A74}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{CFF513EB-DC04-47F8-8233-74BBE6E5443E}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{3DDB80E0-6799-4261-B1FB-01A57C73F98B}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [UDP Query User{418E2F3B-4FCB-46D6-B5C6-E4BD3E680C1E}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [TCP Query User{6329BEC6-E7F4-48F1-B480-553F6A207471}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1E8DCE38-707B-4261-A350-469F17D68659}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{60017BA2-93A8-441D-9C29-62054CCA76EA}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe] => (Allow) C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe
FirewallRules: [UDP Query User{ECA632B0-625E-47AD-B9BE-165281FA9244}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe] => (Allow) C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe
FirewallRules: [TCP Query User{FAE5B579-E8E7-48AA-A5D5-783B3F4CFF79}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [UDP Query User{E7A4CC03-A819-42AA-A250-1F9F342ECCE2}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [TCP Query User{438FB0A1-B440-4C43-949B-B8D12180099D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{BB2396C1-0A01-496C-8C7E-43F4E40F1F2D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{3C0A383C-2ACE-4CFF-886E-4CD7B7F5CD09}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{C29755D3-ECB7-467D-AB98-25983FE603FC}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{95C19226-8416-4893-874C-E693E87459F2}C:\program files (x86)\sopcast\sopcast.exe] => (Block) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{CB36AE15-AA08-4B52-AB72-7E9604A16CE4}C:\program files (x86)\sopcast\sopcast.exe] => (Block) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [TCP Query User{452F99B9-D52A-4DAA-B5CE-E5C7631B174C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1C0164AC-A5E6-4AEB-88AC-C34B998245BF}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{FFD5A33B-5E44-49A8-9B45-ACB601B60805}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{D78F66A4-9612-45A7-BC91-4357759C3789}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{B50C071C-3AE1-4639-9B36-92DF8C16637A}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{4B15FF37-1016-4812-87A7-6B89FD1DA9BF}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{CE012EBF-CF6A-4C0A-BCA6-181E4FA5902A}C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe] => (Allow) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [UDP Query User{8164AFF0-943E-48ED-A757-7AAE4E3ECA4F}C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe] => (Allow) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [{8950CB1A-758E-4DA5-B35B-EAEDF2247726}] => (Block) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [{7720CB72-EE19-43B5-8356-0CC9D1CA82DE}] => (Block) C:\users\robert\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe
FirewallRules: [{F0BF9464-0628-4330-806E-FC4F08323201}] => (Allow) C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4C1E9A42-2660-4E78-8CC4-696A2515AC79}] => (Allow) C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{0DC97CBC-9814-4E9F-8F3F-450B3CC49698}C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{8640AB99-1027-48E8-B35F-E177067BE650}C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{ECE08A8E-1793-4699-853E-4C69A2E9D10A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DD41B7AE-D30A-49C4-9586-044EE4BDD78D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D4262EAF-DA95-4775-9536-161F74638D82}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{FB373347-5FAF-487E-ABEF-6F7B3A1E6F1F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{625D6BF2-0A82-40C6-A5F7-FF1CD9E628FD}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{A67ADCA2-B694-4E26-9E61-883BAD6A50CA}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{0D9D282C-F1B1-45DA-923D-71F8087E970C}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{BE89447A-9315-47C8-BA7E-57BAD0143DEE}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{4C90BDE5-977E-4C90-8203-FA2C9F0213BA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{FC498BF9-CCDB-4519-A40C-839BB3A2BBD8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{661B2E37-25FF-49AE-90FF-1943CB7CB447}C:\program files\serviio\jre\bin\javaw.exe] => (Allow) C:\program files\serviio\jre\bin\javaw.exe
FirewallRules: [UDP Query User{8CC17E03-2F70-49C3-A054-7336A7B1BD21}C:\program files\serviio\jre\bin\javaw.exe] => (Allow) C:\program files\serviio\jre\bin\javaw.exe
FirewallRules: [{4C527AF1-16A5-4821-8268-DBE283B0AB40}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe
FirewallRules: [{8BA7452F-DAB2-407C-9350-77FAF9D1B050}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe
FirewallRules: [{48FD7F1A-B2EB-4EB4-A603-4FB3B3CAB48E}] => (Allow) C:\Program Files\Serviio\bin\ServiioConsole.exe
FirewallRules: [{E5963B3D-D190-4A83-BAE7-15E0E18DD80B}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\WDExpress.exe
FirewallRules: [{B3C099C3-12BA-4DDE-9979-508FDAD116D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E38B4B12-C687-46EF-90CE-B32EFC133E97}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Wiederherstellungspunkte =========================

24-03-2016 19:05:02 Windows Update
31-03-2016 19:09:40 Geplanter Prüfpunkt
02-04-2016 18:51:05 JRT Pre-Junkware Removal
03-04-2016 09:43:53 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/03/2016 12:32:06 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (04/03/2016 12:32:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (04/03/2016 12:32:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (04/03/2016 12:30:45 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (04/03/2016 12:28:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/03/2016 12:25:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/03/2016 12:19:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/03/2016 09:45:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/03/2016 09:17:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/02/2016 07:07:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (04/03/2016 12:34:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (04/03/2016 12:34:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Robert\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (04/03/2016 12:34:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (04/03/2016 12:34:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Robert\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (04/03/2016 12:34:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (04/03/2016 12:34:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Robert\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (04/03/2016 12:33:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (04/03/2016 12:33:39 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Robert\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (04/03/2016 12:33:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (04/03/2016 12:33:38 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Robert\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


CodeIntegrity:
===================================
  Date: 2014-05-16 16:43:36.097
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-16 16:43:36.052
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 8173.21 MB
Verfügbarer physikalischer RAM: 5111.71 MB
Summe virtueller Speicher: 16344.63 MB
Verfügbarer virtueller Speicher: 12673.94 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:68.26 GB) (Free:12.77 GB) NTFS
Drive d: () (Fixed) (Total:43.43 GB) (Free:18.81 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 53E941DB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=68.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=43.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
Frage:
Probleme gibt es aktuell keine mehr!

Vielen Dank für eure Hilfe!

Gruß
Fritz

Alt 04.04.2016, 15:12   #10
M-K-D-B
/// TB-Ausbilder
 
Wörter im Internet werden zu Links - Standard

Wörter im Internet werden zu Links



Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.





Cleanup:
Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.
Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.





Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:
Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.




Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

   
 

Microsoft Security Essentials (MSE) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE entschieden hast, brauchst du nicht extra MSE zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.




Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.




Optional:
Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.
NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .




Abschließend noch ein paar grundsätzliche Bemerkungen:
  • Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
  • Lade keine Software von Chip, Softonic oder SourceForge. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
  • Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.




Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Alt 04.04.2016, 17:43   #11
Fritz83
 
Wörter im Internet werden zu Links - Standard

Wörter im Internet werden zu Links



Hat alles wunderbar funktioniert und läuft vollkommen problemlos!
Vielen Dank! (siehe http://www.trojaner-board.de/177508-...-d-b-x-te.html

Gruß
Fritz

Alt 04.04.2016, 20:47   #12
M-K-D-B
/// TB-Ausbilder
 
Wörter im Internet werden zu Links - Standard

Wörter im Internet werden zu Links



Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.

Antwort

Themen zu Wörter im Internet werden zu Links
aktuelle, browser, desktop, einzelne, fenster, firefox, forum, fritz, hallo zusammen, heute, internet, kleines, laden, link, links, posten, programm, recovery, scan, seite, tab, tool, version, werbung, zusammen



Ähnliche Themen: Wörter im Internet werden zu Links


  1. Wörter plötzlich Links (unterstrichen, grüner Pfeil)
    Plagegeister aller Art und deren Bekämpfung - 03.04.2016 (7)
  2. Wörter im Internet werden zu Links (blau unterstrichen und mit grünen Pfeilen versehen)
    Plagegeister aller Art und deren Bekämpfung - 18.08.2015 (12)
  3. Im Internet werden Wörter blau markiert + Hyperlinks / Viel Werbung
    Log-Analyse und Auswertung - 07.03.2015 (30)
  4. Internet - Wörter werden blau / braun markiert - Werbung
    Log-Analyse und Auswertung - 28.02.2015 (13)
  5. Fenster öffnen sich und wörter werden blau unterstrichen (links)
    Plagegeister aller Art und deren Bekämpfung - 31.12.2014 (13)
  6. Blauer trojaner er unterstreicht mir blaue wörter manche mit links
    Log-Analyse und Auswertung - 25.07.2014 (11)
  7. Firefox erstellt lästige links auf verschiedene Wörter.
    Plagegeister aller Art und deren Bekämpfung - 14.03.2014 (10)
  8. Wörter werden plötzlich zu links, sind grün und doppelt unterstrichen
    Plagegeister aller Art und deren Bekämpfung - 17.01.2014 (9)
  9. rvzr-a.akamaihd.net und blau unterstichene Wörter als Werbe-Links
    Plagegeister aller Art und deren Bekämpfung - 29.11.2013 (8)
  10. Mozilla Firefox: überall Werbung, unterstrichene Wörter mit Links, Weiterleitung zu Links
    Plagegeister aller Art und deren Bekämpfung - 23.10.2013 (11)
  11. blaue, unterstrichene Wörter im Chrome mit Links auf komische Seiten
    Log-Analyse und Auswertung - 17.10.2013 (1)
  12. TubeSaver - wie entfernen? Im Browser sind plötzlich Werbung + unterstrichende Wörter mit Pop-Ups und Links
    Log-Analyse und Auswertung - 28.08.2013 (10)
  13. Internet langsam, Google-Links werden umgeleitet
    Plagegeister aller Art und deren Bekämpfung - 20.09.2012 (25)
  14. Links bei Google werden umgeleitet und Internet scheint allgemein langsamer/stockend
    Log-Analyse und Auswertung - 20.11.2010 (9)
  15. links werden umgeleitet und werbe-links öffnen sich von allein (firefox)
    Log-Analyse und Auswertung - 08.04.2010 (18)
  16. firefox: links werden umgeleitet und werbe-links öffnen sich von allein
    Log-Analyse und Auswertung - 30.03.2010 (11)
  17. Probleme: Internet ist langsam geworden, Google links werden falsch geöfnet.
    Log-Analyse und Auswertung - 05.10.2008 (22)

Zum Thema Wörter im Internet werden zu Links - Hallo zusammen, Seit heute werden unregelmäßg einzelne Wörter eines Textes auf dem aktuell genutzten Tab im Firefox Browser (aktuelle Version: 42) zu Links, welche bei Mouse-over ein kleines Fenster mit - Wörter im Internet werden zu Links...
Archiv
Du betrachtest: Wörter im Internet werden zu Links auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.