Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 11.08.2016, 19:44   #1
timercp
 
IRCBot Virut  wohl auf einem meiner Computer, informierte mich die T-Com - Standard

IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com



Hallo zusammen,

habe nun den zweiten Brief von der T Com bekommen, das bei mir wohl ein Virus/Tjojaner am Werk ist.
Nach Rückruf wurde mir der Name IRCBOT VIRUT genannt.
Wie bekomme ich da Ding jetzt wieder weg
Ich habe auch schon eine FRST.txt erstllt.....

VIELEN lieben DANK für Eure HIlfe


FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 11-08-2016 01
durchgeführt von Ck (Administrator) auf CK-PC (11-08-2016 20:28:16)
Gestartet von C:\Users\Ck\Desktop
Geladene Profile: Ck (Verfügbare Profile: Ck)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(AVM GmbH) C:\Program Files\FRITZ!Powerline\PowerlineService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
() C:\Program Files\PC Beschleunigen\PCSUService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
() C:\Windows\System32\PSIService.exe
() C:\Program Files\Cyberlink\Shared files\RichVideo.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgrsx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(cyberlink) C:\Program Files\Cyberlink\Shared files\brs.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CyberLink) C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(CANON INC.) C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
() C:\Program Files\Winamp\winampa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
() C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Dropbox, Inc.) C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6724128 2009-02-03] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-02-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [5351184 2016-07-22] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Babylon Client] => C:\Program Files\Babylon\Babylon-Pro\Babylon.exe [3460760 2012-07-30] (Babylon Ltd.)
HKLM\...\Run: [BDRegion] => C:\Program Files\Cyberlink\Shared Files\brs.exe [75048 2009-03-30] (cyberlink)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1848648 2008-03-17] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-10] (CANON INC.)
HKLM\...\Run: [CLMLServer] => C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe [104936 2008-07-18] (CyberLink)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-09] (Intel Corporation)
HKLM\...\Run: [IJNetworkScanUtility] => C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [128352 2007-11-19] (CANON INC.)
HKLM\...\Run: [SearchSettings] => C:\Program Files\pdfforge Toolbar\SearchSettings.exe
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [37888 2009-07-01] ()
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [AgentMonitor] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe [401280 2014-06-20] ()
HKLM\...\Run: [CloneCDTray] => C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [57344 2006-09-28] (SlySoft, Inc.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Secure Search\vprot.exe [2640408 2014-08-26] ()
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [55824 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [186640 2016-07-20] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [2745544 2016-01-09] (Dominik Reichl)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-07-20] (Logitech, Inc.)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560 2014-01-23] (Samsung Electronics)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [Dropbox Update] => C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-02] (Dropbox, Inc.)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\MountPoints2: {1284c770-c9ed-11e2-9b24-806e6f6e6963} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\LIESMICH.htm
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\MountPoints2: {59f93d6c-02b1-11e3-a5d9-00242178ad0f} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\MountPoints2: {5f1d01bd-90f0-11e3-99cf-00242178ad0f} - K:\DTVP_Launcher.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-06-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2014-08-25]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2009-11-27]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49315;https=127.0.0.1:49315
AutoConfigURL: [.DEFAULT] => http=127.0.0.1:49315;https=127.0.0.1:49315
ProxyServer: [S-1-5-21-1965394401-2103718357-1127923810-1000] => http=127.0.0.1:49315;https=127.0.0.1:49315
AutoConfigURL: [S-1-5-21-1965394401-2103718357-1127923810-1000] => http=127.0.0.1:49315;https=127.0.0.1:49315
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.115.100
Tcpip\..\Interfaces\{50C94D7A-C5DB-415C-8678-3F7462EF05FF}: [DhcpNameServer] 192.168.115.100
Tcpip\..\Interfaces\{E5D46DBA-07F2-4849-956E-461E87395D8B}: [DhcpNameServer] 192.168.115.100

Internet Explorer:
==================
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
URLSearchHook: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000 - (Kein Name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll Keine Datei
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_28&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0F0FzyzzyE0FyByByCyE0EtAzytDtN0D0Tzu0StCyCyDyCtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyCyE0A0CyC0AyEyDtGtAyC0B0BtG0BtC0E0AtGyCzztCzztGzztB0D0DtAyC0EzyyEzzyDzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtDtDzy0A0C0FyBtG0FtD0EzytGyEtB0D0AtG0B0DtByDtGzz0B0A0CtAyB0Dzzzy0AtBtB2QtN0A0LzutBtN1B2Z1V1T1S1NzutBtBtBtC%26cr%3D876104327%26a%3Dwbf_fs_16_28%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_28&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0F0FzyzzyE0FyByByCyE0EtAzytDtN0D0Tzu0StCyCyDyCtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyCyE0A0CyC0AyEyDtGtAyC0B0BtG0BtC0E0AtGyCzztCzztGzztB0D0DtAyC0EzyyEzzyDzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtDtDzy0A0C0FyBtG0FtD0EzytGyEtB0D0AtG0B0DtByDtGzz0B0A0CtAyB0Dzzzy0AtBtB2QtN0A0LzutBtN1B2Z1V1T1S1NzutBtBtBtC%26cr%3D876104327%26a%3Dwbf_fs_16_28%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000 -> DefaultScope {C3E6F08D-366C-4806-81AE-DA013DD94FC8} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_28&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0F0FzyzzyE0FyByByCyE0EtAzytDtN0D0Tzu0StCyCyDyCtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyCyE0A0CyC0AyEyDtGtAyC0B0BtG0BtC0E0AtGyCzztCzztGzztB0D0DtAyC0EzyyEzzyDzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtDtDzy0A0C0FyBtG0FtD0EzytGyEtB0D0AtG0B0DtByDtGzz0B0A0CtAyB0Dzzzy0AtBtB2QtN0A0LzutBtN1B2Z1V1T1S1NzutBtBtBtC%26cr%3D876104327%26a%3Dwbf_fs_16_28%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.max-start.com/?q={searchTerms}&babsrc=SP_ss_mib2&mntrId=CEDA0022437B3CA6&affID=125036&tsp=5031
SearchScopes: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=cedae3900000000000000022437b3ca6&r=562
SearchScopes: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={618C921F-D468-475C-AA8E-47010B06B932}&mid=c78b2ac09d2e57d5c4b70b3084df8c77-5a73515d7d286b81fdb6302665c66b7a8f5e2d07&lang=de&ds=AVG&pr=fr&d=2012-06-07 12:50:30&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000 -> {C3E6F08D-366C-4806-81AE-DA013DD94FC8} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_28&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0F0FzyzzyE0FyByByCyE0EtAzytDtN0D0Tzu0StCyCyDyCtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyCyE0A0CyC0AyEyDtGtAyC0B0BtG0BtC0E0AtGyCzztCzztGzztB0D0DtAyC0EzyyEzzyDzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtDtDzy0A0C0FyBtG0FtD0EzytGyEtB0D0AtG0B0DtByDtGzz0B0A0CtAyB0Dzzzy0AtBtB2QtN0A0LzutBtN1B2Z1V1T1S1NzutBtBtBtC%26cr%3D876104327%26a%3Dwbf_fs_16_28%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO: QuickStores-Toolbar -> {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} -> C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> Keine Datei
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO: Kein Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Keine Datei
BHO: Babylon IE plugin -> {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} -> C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll [2012-07-30] (Babylon Ltd.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2011-09-20] (Google Inc.)
BHO: Kein Name -> {B922D405-6D13-4A2B-AE89-08A030DA4402} -> Keine Datei
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
BHO: Kein Name -> {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -> C:\Program Files\pdfforge Toolbar\SearchSettings.dll => Keine Datei
BHO: Softonic Helper Object -> {E87806B5-E908-45FD-AF5E-957D83E58E68} -> C:\Program Files\Softonic\Softonic\1.8.21.14\bh\Softonic.dll [2013-06-11] (Softonic.com)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-11-11] (DVDVideoSoft Ltd.)
Toolbar: HKLM - QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
Toolbar: HKLM - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll [2013-04-08] (pdfforge GmbH)
Toolbar: HKLM - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll [2013-06-11] (Softonic.com)
Toolbar: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000 -> Kein Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  Keine Datei
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {5C0E257E-9DFE-4955-AA93-0A9B166BAB50} hxxp://192.168.115.107:5000/surveillance/object/SSObject.cab
DPF: {8214B72E-B0CD-466E-A44D-1D54D926038D} hxxp://kaysercam.dyndns.org/AVC_AX_724.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {FD3BEB0C-AB43-4253-9146-C371D48FBE0D} hxxp://kaysercam.dyndns.org/web.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  Keine Datei
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll [2014-08-11] (AVG Secure Search)

FireFox:
========
FF ProfilePath: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Yahoo! Powered
FF SelectedSearchEngine: Yahoo! Powered
FF Homepage: Google
FF Keyword.URL: user_pref("keyword.URL", true);
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2009-03-19] (Adobe Systems, Inc.)
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll [Keine Datei]
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2013-07-22] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-20] (Google)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-02] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin: JFGuide -> C:\Program Files\NetSurveillance\CMS\npGuide.dll [2016-01-12] ()
FF Plugin: JFWeb -> C:\Program Files\NetSurveillance\CMS\npWebPlugin.dll [2014-09-11] ()
FF Plugin HKU\S-1-5-21-1965394401-2103718357-1127923810-1000: runtop.com/RTPlayer -> C:\Program Files\VVVIPCamera\npRTPlayer.dll [2015-09-08] (RunTop)
FF Plugin HKU\S-1-5-21-1965394401-2103718357-1127923810-1000: webnp/nsstPlugin -> C:\Users\Ck\AppData\Roaming\WebPlugin\npnsstPlugin.dll [2015-08-08] (webnp)
FF user.js: detected! => C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\user.js [2013-12-06]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npEModelPlugin.dll [2009-12-09] (Dassault Systèmes SolidWorks Corp.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-02-06] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-04-13] (Apple Inc.)
FF SearchPlugin: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\avg-secure-search.xml [2014-08-29]
FF SearchPlugin: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\conduit.xml [2012-05-08]
FF SearchPlugin: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\footiefox.xml [2009-12-31]
FF SearchPlugin: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\searchgol.xml [2013-10-10]
FF SearchPlugin: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\softonic.xml [2013-12-06]
FF SearchPlugin: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\yahoo! powered.xml [2016-07-14]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2014-08-26]
FF Extension: FootieFox - C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\extensions\{9fb7d178-155a-4318-9173-1a8eaaea7fe4}.xpi [2016-04-05]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2013-05-31] [ist nicht signiert]
FF Extension: AniWeather - C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2016-04-27]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-12-14] [ist nicht signiert]
FF Extension: QuickStores-Toolbar - C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de [2013-05-31] [ist nicht signiert]
FF Extension: Search Settings Plugin - C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com [2013-05-31] [ist nicht signiert]
FF Extension: pdfforge Toolbar Plugin - C:\Program Files\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402} [2013-05-31] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files\Babylon\Babylon-Pro\Utils\ocr@babylon.com
FF Extension: Babylon Translation Activation - C:\Program Files\Babylon\Babylon-Pro\Utils\ocr@babylon.com [2013-05-31] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-05-31] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-09-02] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => nicht gefunden
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799 [2014-08-26] [ist nicht signiert]
FF HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [ist nicht signiert]
FF HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff => nicht gefunden
FF HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] - C:\Program Files\BullGuard Ltd\BullGuard\antispam\tbspamfilter => nicht gefunden
FF HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Thunderbird\Extensions: [{380AE6CB-09B9-4373-B360-D01C2462A6E7}] - C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin => nicht gefunden

Chrome: 
=======
CHR Profile: C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (Search-Gol Toolbar) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\aipfmkinhleccnodemkoofnnofpbbpac [2013-12-24] [UpdateUrl: hxxp://img.delta-search.com/ext/chrome/update/update-delta.xml] <==== ACHTUNG
CHR Extension: (YouTube) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-13]
CHR Extension: (Google Search) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-13]
CHR Extension: (Babylon Translator) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb [2013-12-24] [UpdateUrl: hxxp://img.babylon.com/ext/chrome/update/update.xml] <==== ACHTUNG
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-12-24]
CHR Extension: (RealDownloader) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-12-24]
CHR Extension: (Wajam) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp [2014-01-13]
CHR Extension: (Google Wallet) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-13]
CHR Extension: (Gmail) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-13]
CHR HKLM\...\Chrome\Extension: [aipfmkinhleccnodemkoofnnofpbbpac] - C:\Users\Ck\AppData\Roaming\BabSolution\CR\searchgol.crx [2013-06-12]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonChrome.crx <nicht gefunden>
CHR HKLM\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files\Softonic\Softonic\1.8.21.14\Softonic.crx [2013-06-11]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [637944 2016-07-22] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [4093696 2016-07-22] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [906512 2016-07-20] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [594904 2016-07-22] (AVG Technologies CZ, s.r.o.)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [255904 2012-11-28] (AVM Berlin)
R2 AVMPowerlineService; C:\Program Files\FRITZ!Powerline\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [Datei ist nicht signiert]
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [122272 2012-11-28] (AVM Berlin)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64112 2014-01-16] (CyberGhost S.R.L)
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2014-01-23] (Teruten) [Datei ist nicht signiert]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-05-18] (Hewlett-Packard Company) [Datei ist nicht signiert]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [155488 2013-06-10] (AVM Berlin)
R2 PCSUService; C:\Program Files\PC Beschleunigen\PCSUService.exe [206336 2011-07-20] () [Datei ist nicht signiert]
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [247152 2009-02-25] ()
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [254264 2016-07-14] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [632832 2011-03-21] (Nokia) [Datei ist nicht signiert]
S3 SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2010-02-24] (SolidWorks) [Datei ist nicht signiert]
R2 vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
S3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [134912 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [255744 2016-06-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [201472 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [212736 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [191744 2016-06-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [47360 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [217344 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-11] (AVG Technologies)
R0 Avgunivx; C:\Windows\System32\DRIVERS\avgunivx.sys [65280 2016-06-01] (AVG Technologies CZ, s.r.o.)
S3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2012-07-30] (Phoenix Technologies) [Datei ist nicht signiert]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-12-06] (Disc Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [34760 2007-02-16] (SlySoft, Inc.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [25160 2007-08-07] (Elaborate Bytes AG)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2014-01-23] () [Datei ist nicht signiert]
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28560 2009-06-17] (Logitech, Inc.)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-14] (Ralink Technology Corp.)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [334712 2011-07-05] (AVM Berlin)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2009-05-29] (Duplex Secure Ltd.)
S3 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [Datei ist nicht signiert]
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\HomeCinema\PowerDVD9\000.fcl [87536 2009-03-30] (CyberLink Corp.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-11 20:29 - 2016-08-11 20:29 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Ck\Downloads\tdsskiller.exe
2016-08-11 20:28 - 2016-08-11 20:28 - 00035844 _____ C:\Users\Ck\Desktop\FRST.txt
2016-08-11 20:28 - 2016-08-11 20:28 - 00000000 ____D C:\FRST
2016-08-11 20:26 - 2016-08-11 20:26 - 01744384 _____ (Farbar) C:\Users\Ck\Desktop\FRST.exe
2016-08-07 21:49 - 2016-08-07 21:49 - 06870919 _____ C:\Users\Ck\Downloads\General_HZXM_IPC_HI3516C_53H20L_S38_V4.02.R11.20150812_ALL.bin
2016-08-07 21:49 - 2016-08-07 21:49 - 04183898 _____ () C:\Users\Ck\Downloads\General_DeviceManage_V2.5.1.0.R.20141023(1).exe
2016-08-07 17:57 - 2016-08-07 17:57 - 00000000 ____D C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-04 13:43 - 2016-08-04 13:44 - 00144201 _____ C:\Users\Ck\Downloads\ResetConfig(1).zip
2016-08-04 11:53 - 2016-08-04 11:53 - 00067181 _____ C:\Users\Ck\Downloads\Mitteilung_777964016_vom_30.07.2016_20160804115330.pdf
2016-08-04 11:52 - 2016-08-04 11:52 - 00077226 _____ C:\Users\Ck\Downloads\Kontoauszug_777964016__Nr.0072016_vom_30.07.2016_20160804115248.pdf
2016-08-02 23:23 - 2016-06-25 22:01 - 00037096 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-08-02 23:23 - 2016-06-25 21:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 01004544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-08-02 23:23 - 2016-06-25 21:42 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-08-02 23:23 - 2016-06-25 21:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-08-02 23:23 - 2016-06-25 21:41 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-08-02 23:23 - 2016-06-22 15:06 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 01288192 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-08-02 23:23 - 2016-06-14 16:57 - 02398208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-02 23:23 - 2016-06-11 06:48 - 00346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-02 23:23 - 2016-06-10 21:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-08-02 23:23 - 2016-06-10 21:09 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-08-02 23:23 - 2016-06-10 20:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-08-02 23:23 - 2016-06-10 20:53 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-02 23:23 - 2016-06-10 20:53 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-08-02 23:23 - 2016-06-10 20:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-08-02 23:23 - 2016-06-10 20:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-08-02 23:23 - 2016-06-10 20:47 - 02287104 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-02 23:23 - 2016-06-10 20:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-08-02 23:23 - 2016-06-10 20:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-08-02 23:23 - 2016-06-10 20:42 - 20348928 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-02 23:23 - 2016-06-10 20:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-02 23:23 - 2016-06-10 20:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-02 23:23 - 2016-06-10 20:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-08-02 23:23 - 2016-06-10 20:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-08-02 23:23 - 2016-06-10 20:41 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-08-02 23:23 - 2016-06-10 20:35 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-08-02 23:23 - 2016-06-10 20:32 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-08-02 23:23 - 2016-06-10 20:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-08-02 23:23 - 2016-06-10 20:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-08-02 23:23 - 2016-06-10 20:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-08-02 23:23 - 2016-06-10 20:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-08-02 23:23 - 2016-06-10 20:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-08-02 23:23 - 2016-06-10 20:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-08-02 23:23 - 2016-06-10 20:14 - 04608000 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-02 23:23 - 2016-06-10 20:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-08-02 23:23 - 2016-06-10 20:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-02 23:23 - 2016-06-10 20:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-02 23:23 - 2016-06-10 20:09 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-02 23:23 - 2016-06-10 20:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-08-02 23:23 - 2016-06-10 19:58 - 13806080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-02 23:23 - 2016-06-10 19:45 - 02392576 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-02 23:23 - 2016-06-10 19:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-02 23:23 - 2016-06-10 19:41 - 01315840 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-23 09:35 - 2016-07-23 09:43 - 00000000 ____D C:\Users\Ck\Desktop\vom S Rechner
2016-07-18 17:35 - 2016-07-18 17:35 - 00052681 _____ C:\Users\Ck\Downloads\Rechnung_200000333.pdf
2016-07-18 17:34 - 2016-07-18 17:34 - 00265746 _____ C:\Users\Ck\Downloads\TGFSQ-5Z6ULWVDJE.pdf
2016-07-18 17:34 - 2016-07-18 17:34 - 00265729 _____ C:\Users\Ck\Downloads\LCHCZ-AYPQQ4RHZB.pdf
2016-07-18 17:34 - 2016-07-18 17:34 - 00265690 _____ C:\Users\Ck\Downloads\ECQXA-Y9TE9BPJHX.pdf
2016-07-18 17:34 - 2016-07-18 17:34 - 00265679 _____ C:\Users\Ck\Downloads\XUSQZ-BSM9NG5HWX.pdf
2016-07-14 21:28 - 2016-07-14 21:28 - 01065040 _____ C:\Users\Ck\Downloads\FRITZ.Box Fon WLAN 7390 84.06.51_14.07.16_2128.export
2016-07-14 21:09 - 2016-07-14 21:09 - 01061298 _____ C:\Users\Ck\Downloads\FRITZ.Box Fon WLAN 7390 84.06.30_14.07.16_2108.export
2016-07-14 21:05 - 2016-07-14 21:05 - 00000000 ____D C:\Users\Ck\Downloads\german
2016-07-14 20:58 - 2016-07-14 20:58 - 00000000 ____D C:\ProgramData\ByteFence
2016-07-14 20:48 - 2016-08-11 20:24 - 00000000 ____D C:\Program Files\ByteFence
2016-07-14 20:48 - 2016-07-17 10:59 - 00000000 ____D C:\Users\Ck\AppData\Local\{BD3A8B66-9992-E7DE-F40A-C236D0623EAE}
2016-07-14 20:48 - 2016-07-14 20:49 - 00000000 ____D C:\Users\Ck\AppData\Local\Setup1274699
2016-07-14 20:48 - 2016-07-14 20:48 - 00000000 ____D C:\Users\Ck\AppData\Roaming\{BD678BDC-9835-E6AA-F303-C1782FD13C46}
2016-07-14 20:48 - 2016-07-14 20:48 - 00000000 ____D C:\Users\Ck\AppData\Local\sesi
2016-07-14 19:13 - 2016-07-14 19:13 - 00313366 _____ C:\Users\Ck\Downloads\WindowsUpdateDiagnostic.diagcab
2016-07-14 19:09 - 2016-07-14 19:09 - 00073525 _____ C:\Users\Ck\Downloads\Kontoauszug_777964016__Nr.0062016_vom_30.06.2016_20160714070945.pdf
2016-07-14 19:09 - 2016-07-14 19:09 - 00066709 _____ C:\Users\Ck\Downloads\KundenmitteilungRechnungsabschluss_777964016_vom_30.06.2016_20160714070940.pdf
2016-07-14 19:05 - 2016-07-14 19:05 - 03838492 _____ (LIGHTNING UK!) C:\Users\Ck\Downloads\SetupImgBurn_2.5.8.0.exe
2016-07-14 17:10 - 2016-07-14 17:27 - 1940455424 _____ C:\Users\Ck\Downloads\ct_2016_12.iso
2016-07-13 21:19 - 2016-05-12 17:18 - 00606720 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-07-13 21:19 - 2016-05-12 17:18 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-07-13 21:19 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-07-13 21:19 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-07-13 21:19 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-07-13 21:19 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-07-13 21:19 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-07-13 21:19 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-07-13 21:19 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-07-13 21:18 - 2016-05-12 17:22 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-07-13 21:18 - 2016-05-12 17:22 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-07-13 21:18 - 2016-05-12 17:18 - 01062400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-07-13 21:18 - 2016-05-12 17:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-07-13 21:18 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-07-13 21:18 - 2016-05-12 16:52 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-07-13 21:18 - 2016-05-12 16:52 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-07-13 21:18 - 2016-05-12 16:52 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-07-13 21:18 - 2016-05-12 16:52 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-07-13 21:18 - 2016-05-12 16:52 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-07-13 21:18 - 2016-05-12 16:52 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-07-13 21:18 - 2016-05-12 16:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-07-13 21:18 - 2016-05-12 16:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-07-13 21:18 - 2016-05-12 16:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-07-13 21:18 - 2016-05-12 15:04 - 00370784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-07-13 21:18 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-07-13 21:18 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-07-13 21:18 - 2016-04-14 17:38 - 00105192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-07-13 21:18 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-07-13 21:18 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-07-13 21:18 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-07-13 21:18 - 2016-04-14 17:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-07-13 21:18 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-07-13 21:18 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-07-13 21:17 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-07-13 21:17 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-07-13 21:17 - 2016-05-13 23:49 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-07-13 21:17 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-07-13 21:17 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-07-13 21:17 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-07-13 21:17 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-07-13 21:17 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-07-13 21:17 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-07-13 21:17 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-07-13 21:17 - 2016-05-11 16:52 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-07-13 21:17 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-07-13 21:11 - 2016-05-18 18:10 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-11 20:25 - 2014-02-14 17:28 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-11 20:24 - 2010-12-05 13:36 - 00000000 ____D C:\ProgramData\MFAData
2016-08-11 20:23 - 2013-08-27 22:54 - 00000000 ___RD C:\Users\Ck\Dropbox
2016-08-11 20:21 - 2013-12-24 16:34 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-11 20:20 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-10 17:56 - 2013-05-31 14:28 - 00019696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-10 17:56 - 2013-05-31 14:28 - 00019696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-10 17:55 - 2015-07-02 12:04 - 00001212 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000UA.job
2016-08-07 22:57 - 2013-12-24 16:34 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-07 21:50 - 2016-03-30 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Device Manager
2016-08-07 21:50 - 2014-10-24 12:20 - 00028088 _____ C:\Program Files\Device Manager Setup Log.txt
2016-08-07 21:50 - 2014-10-24 12:20 - 00001921 _____ C:\Users\Ck\Desktop\DeviceManage.lnk
2016-08-07 21:50 - 2014-10-24 12:20 - 00000000 ____D C:\Program Files\Device Manager
2016-08-07 18:25 - 2015-03-10 11:41 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2016-08-07 17:58 - 2013-08-27 22:51 - 00000000 ____D C:\Users\Ck\AppData\Roaming\Dropbox
2016-08-04 16:55 - 2015-07-02 12:04 - 00001160 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000Core.job
2016-08-04 13:17 - 2015-07-25 13:18 - 00000000 ____D C:\Windows\rescache
2016-08-02 23:58 - 2009-07-14 06:33 - 00462680 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-02 23:56 - 2014-12-17 07:19 - 00000000 ____D C:\Windows\system32\appraiser
2016-08-02 23:56 - 2009-07-14 10:56 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-02 23:43 - 2013-05-31 15:45 - 01601228 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-02 23:43 - 2009-07-14 10:47 - 00702602 _____ C:\Windows\system32\perfh007.dat
2016-08-02 23:43 - 2009-07-14 10:47 - 00150242 _____ C:\Windows\system32\perfc007.dat
2016-08-02 23:43 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-08-02 23:36 - 2013-07-13 10:16 - 00000000 ____D C:\Windows\system32\MRT
2016-08-02 23:28 - 2013-06-12 08:33 - 141983760 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-02 21:47 - 2015-11-09 09:23 - 00000910 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-08-02 21:47 - 2014-04-01 08:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-08-02 21:40 - 2015-12-03 21:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-23 17:25 - 2009-07-18 19:43 - 00000000 ____D C:\Users\Ck\AppData\Roaming\Winamp
2016-07-23 10:37 - 2009-05-29 15:19 - 00000868 _____ C:\Windows\Tasks\Google Software Updater.job
2016-07-20 16:27 - 2009-09-30 22:04 - 00000000 ____D C:\Users\Ck\AppData\Roaming\vlc
2016-07-15 16:13 - 2009-07-14 06:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-07-14 21:27 - 2016-04-22 12:04 - 00000000 ____D C:\Users\Ck\Desktop\The.Gift.German.DL.AC3.Dubbed.720p.BluRay.x264-PsO
2016-07-14 21:24 - 2016-04-22 12:07 - 00000000 ____D C:\Users\Ck\Desktop\The.Revenant.-.Der.Rueckkehrer.DVDScr.LD.German.x264-PsO
2016-07-14 20:51 - 2016-03-11 17:20 - 00000000 ____D C:\Users\Ck\Downloads\LUPUSEC
2016-07-14 19:15 - 2013-01-27 16:28 - 00000000 ____D C:\Users\Ck\AppData\Local\ElevatedDiagnostics
2016-07-13 22:26 - 2009-03-25 19:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-07-13 21:38 - 2010-06-13 08:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-07-12 18:25 - 2013-12-24 21:54 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-07-12 18:25 - 2013-12-24 21:54 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-07-12 18:25 - 2009-03-27 14:36 - 00000000 ____D C:\Windows\system32\Macromed

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-10-24 12:20 - 2016-08-07 21:50 - 0028088 _____ () C:\Program Files\Device Manager Setup Log.txt
2014-05-17 08:51 - 2014-06-23 07:14 - 0000000 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2009-07-21 21:13 - 2013-12-06 10:54 - 0000192 _____ () C:\Users\Ck\AppData\Roaming\default.rss
2013-12-24 21:53 - 2014-06-17 19:16 - 0000942 _____ () C:\Users\Ck\AppData\Local\cookies.ini
2013-12-22 15:07 - 2016-06-15 17:46 - 0012800 _____ () C:\Users\Ck\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-04 08:02 - 2014-02-04 08:02 - 0000085 ___SH () C:\ProgramData\.zreglib

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Ck\CAPITEST.exe


Einige Dateien in TEMP:
====================
C:\Users\Ck\AppData\Local\Temp\avg-ab4dcb36-a3b8-453e-95d0-3f1420a65049.exe
C:\Users\Ck\AppData\Local\Temp\avg-bf27893e-44c6-483e-af63-2236c14e051a.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_081845444654.exe
C:\Users\Ck\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfipkzx.dll
C:\Users\Ck\AppData\Local\Temp\sp_setpoint.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-08-07 19:24

==================== Ende vom FRST.txt ============================
         
--- --- ---

Alt 11.08.2016, 19:45   #2
timercp
 
IRCBot Virut  wohl auf einem meiner Computer, informierte mich die T-Com - Standard

IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com



FRST Additions Logfile:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 11-08-2016 01
durchgeführt von Ck (2016-08-11 20:29:24)
Gestartet von C:\Users\Ck\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2013-05-31 13:55:44)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1965394401-2103718357-1127923810-500 - Administrator - Disabled)
Ck (S-1-5-21-1965394401-2103718357-1127923810-1000 - Administrator - Enabled) => C:\Users\Ck
Gast (S-1-5-21-1965394401-2103718357-1127923810-501 - Limited - Disabled)
Sonos (S-1-5-21-1965394401-2103718357-1127923810-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4Free Video Converter 2 (HKLM\...\{7061301A-0D44-432F-859D-AF705DA2C81F}_is1) (Version:  - 4Free Studio)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG (Version: 16.91.7690 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4633 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.91.7690 - AVG Technologies)
AVG Security Toolbar (HKLM\...\AVG Secure Search) (Version: 18.1.9.799 - AVG Technologies)
AVM FRITZ!fax für FRITZ!Box (HKLM\...\FRITZ! 2.0) (Version:  - AVM Berlin)
AVM FRITZ!Fernzugang (HKLM\...\{F2B03BB1-D679-4FFF-951D-3058A669A823}) (Version: 1.3.1 - AVM Berlin)
Babylon (HKLM\...\Babylon) (Version:  - Babylon)
Brother P-touch Editor 5.0 (HKLM\...\InstallShield_{DF9A6075-9308-4572-8932-A4316243C4D9}) (Version: 5.0.032 - Brother Industries, Ltd.)
Brother P-touch Editor 5.0 (Version: 5.0.032 - Brother Industries, Ltd.) Hidden
ByteFence Anti-Malware (HKLM\...\ByteFence) (Version: 2.3.0.23 - Byte Technologies LLC) <==== ACHTUNG
Canon IJ Network Scan Utility (HKLM\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version:  - )
CANON IMAGE GATEWAY Registrierungsanleitung (HKLM\...\DV CIG Guide) (Version: 1.0.0.2 - )
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.4.0.8 - )
Canon Internet Library for ZoomBrowser EX (HKLM\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.0.3 - )
Canon MP Navigator EX 2.0 (HKLM\...\MP Navigator EX 2.0) (Version:  - )
Canon MP620 series Benutzerregistrierung (HKLM\...\Canon MP620 series Benutzerregistrierung) (Version:  - )
Canon MP620 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series) (Version:  - )
Canon RAW Image Task for ZoomBrowser EX (HKLM\...\RAW Image Task) (Version: 0.9.3.9 - )
Canon Utilities CameraWindow (HKLM\...\CameraWindowLauncher) (Version: 7.0.0.8 - )
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.4.1.15 - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 6.4.0.5 - )
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.7.1.9 - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.0.1.248 - )
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.0.0.19 - )
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5118 - CDBurnerXP)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
CDex - Open Source Digital Audio CD Extractor (HKLM\...\CDex) (Version: 1.79.0.2015 - Georgy Berdyshev)
Choice Guard (Version: 1.2.87.0 - Microsoft Corporation) Hidden
CloneCD (HKLM\...\CloneCD) (Version:  - SlySoft)
CMS (HKLM\...\CMS1.0.0.32) (Version: 1.0.0.32 - wapa)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel MediaOne (HKLM\...\{A062A15F-9CAC-4B88-98DF-87628A0BD721}) (Version: 2.100.0000 - Corel Corporation)
CorelDRAW Essential Edition 3 (HKLM\...\_{ADDBE07D-95B8-4789-9C76-187FFF9624B4}) (Version:  - Corel Corporation)
CorelDRAW Essential Edition 3 (Version: 3.0 - Corel Corporation) Hidden
Cuttermaran 1.67 (HKLM\...\{5D5E101E-6E25-4497-944E-373D9DB20A07}) (Version: 1.6.7 - toarnold)
CyberGhost 5 (HKLM\...\CyberGhost VPN 5_is1) (Version:  - CyberGhost S.R.L.)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1616 - CyberLink Corp.)
CyberLink MediaShow (HKLM\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.2609 - CyberLink Corp.)
CyberLink PhotoNow (HKLM\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.5615 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.2806 - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2718 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1531 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.0.5611 - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1412 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DE (Version: 3.0 - Corel Corporation) Hidden
Device Manager (HKLM\...\Device Manager) (Version:  - )
DriverAgent by eSupport.com (HKLM\...\DriverAgent.exe) (Version:  - )
Dropbox (HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Dropbox) (Version: 7.4.30 - Dropbox, Inc.)
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version:  - DVD Shrink)
Eraser 5.8.8 (HKLM\...\{B80CC46C-5839-4A48-B051-3CACF23A2718}_is1) (Version: Eraser 5.8.8 - The Eraser Project)
Extended Asian Language font pack for Adobe Reader XI (HKLM\...\{AC76BA86-7AD7-2530-0000-A00000000049}) (Version: 11.0.09 - Adobe Systems Incorporated)
FileZilla Client 3.2.7.1 (HKLM\...\FileZilla Client) (Version: 3.2.7.1 - )
FMW 1 (Version: 1.112.3 - AVG Technologies) Hidden
Free HD Converter V 1.4 (HKLM\...\Free HD Converter_is1) (Version: 1.4.0.0 - Koyote Soft)
Free PDF to Word Converter 1.5 (HKLM\...\Free PDF to Word Converter_is1) (Version:  - Free-PDF-to-Word.com)
Free YouTube to MP3 Converter version 3.12.50.1111 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1111 - DVDVideoSoft Ltd.)
FRITZ!Powerline (HKLM\...\{F9C9378B-78D5-4CC0-8683-B7915DFEA9C5}) (Version: 01.00.65 - AVM Berlin)
Gigaset M100 Data (HKLM\...\Gigaset M100 Data) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
HDIPCamera V1.0.1.2 (HKLM\...\HDIPCamera_is1) (Version:  - HDIPCamera)
Helium (HKLM\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Help 2 Speak 1.2 (HKLM\...\Help 2 Speak for Windows Mobile Classic & Pro_is1) (Version:  - Arena Games Studios)
ImageMixer 3 SE (HKLM\...\{82C19692-571C-45D2-BAF2-278225787A35}) (Version: 3.00.038 - PIXELA)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
KeePass Password Safe 2.31 (HKLM\...\KeePassPasswordSafe2_is1) (Version: 2.31 - Dominik Reichl)
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
LightScribe System Software (HKLM\...\{DD6C316A-FE75-4FBB-9D22-4C1920232B72}) (Version: 1.18.5.1 - LightScribe)
Logitech Harmony Remote Software 7 (HKLM\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech SetPoint (HKLM\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
MCE Software Encoder 1.1 (HKLM\...\{7655E113-C306-11D9-A373-0050BAE317E1}) (Version: 1.1.0.1918 - CyberLink Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 de) (HKLM\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Thunderbird (2.0.0.23) (HKLM\...\Mozilla Thunderbird (2.0.0.23)) (Version: 2.0.0.23 (de) - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\MyFreeCodec) (Version:  - )
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.1 - F.J. Wechselberger)
NetSurveillance (HKLM\...\NetSurveillance) (Version:  - )
Notepad++ (HKLM\...\Notepad++) (Version: 5.3.1 - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{DD1865F0-AD73-40FB-B23E-1822E02396FF}) (Version: 9.09.0203 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PC Beschleunigen - Vollständige Deinstallation (HKLM\...\PCSU-SL_is1) (Version: 2.1.5 - Speedchecker Limited) <==== ACHTUNG
PC Connectivity Solution (HKLM\...\{4B28C077-9958-45F1-8BB4-CBF90A69AD4E}) (Version: 11.4.15.0 - Nokia)
PC Inspector File Recovery (HKLM\...\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}) (Version: 4.0 - )
PCSpeedUp Application (HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\3121358167.PC Speed Up - Clean, optimize and get a faster PC now!) (Version:  - PC Speed Up - Clean, optimize and get a faster PC now!) <==== ACHTUNG
PDF Architect (HKLM\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
pdfforge Toolbar v1.0 (HKLM\...\{B8B0FC8B-E69B-4215-AF1A-4BDFF20D794B}) (Version: 1.00.0000 - GreenTree Applications, Inc.) <==== ACHTUNG
PDVR (HKLM\...\PDVR168.5.5.26) (Version: 168.5.5.26 - Wapa)
QuickStores-Toolbar 1.0.0 (HKLM\...\QuickStores-Toolbar_is1) (Version: 1.0.0 - AB-Tools.com) <==== ACHTUNG
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Ravensburger tiptoi (HKLM\...\Ravensburger tiptoi) (Version:  - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5783 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.0.0.11011_16 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.0.0.11011_16 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
Search-Gol Chrome Toolbar (HKLM\...\Search-Gol Chrome Toolbar) (Version:  - Search-Gol) <==== ACHTUNG
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Softonic toolbar  on IE and Chrome (HKLM\...\Softonic) (Version: 1.8.21.14 - Softonic) <==== ACHTUNG
SolidWorks eDrawings 2010 (HKLM\...\{059D6814-73F9-480B-B0B2-D6428F1C1F99}) (Version: 10.2.122 - Dassault Systèmes SolidWorks Corp.)
Sonos Controller (HKLM\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 31.3.22220 - Sonos, Inc.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Synology Assistant (remove only) (HKLM\...\Synology Assistant) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.24951 - TeamViewer)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update Manager (Version: 4.60 - Corel Corporation) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VTech Download Agent Library (Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (HKLM\...\VTechDownloadManager) (Version:  - VTech)
Wajam (HKLM\...\WaIntEnhance) (Version: 2.23.2.8 (i2.6) - WaIntEnhance) <==== ACHTUNG
WebPlugin 1.0.3.39 (HKLM\...\WebPlugin) (Version: 1.0.3.39 - My company, Inc.)
Winamp (HKLM\...\Winamp) (Version: 5.56  - Nullsoft, Inc)
Windows 7 Upgrade Advisor (HKLM\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
Wireshark 1.8.5 (32-bit) (HKLM\...\Wireshark) (Version: 1.8.5 - The Wireshark developer community, hxxp://www.wireshark.org)
WISO Steuer-Sparbuch 2011 (HKLM\...\{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}) (Version: 18.00.6928 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2012 (HKLM\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2013 (HKLM\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM\...\{85B13DC2-AB8D-45E9-B0AB-ABE72EC66DD7}) (Version: 21.00.8480 - Buhl Data Service GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{9a1ff289-f2d3-55c6-993d-c7a95c923a04}\InprocServer32 -> C:\Program Files\VVVIPCamera\npRTPlayer.dll (RunTop)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{d3005645-a2c0-5fcf-b52e-40d1c93b6b46}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\WebPlugin\npnsstPlugin.dll (webnp)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02AE60CC-4705-41A6-91E6-50ABF7D83302} - System32\Tasks\{268125EB-A08A-470F-B017-A0AF0455DCBC} => pcalua.exe -a C:\Users\Ck\Downloads\Active(1).exe -d C:\Users\Ck\Downloads
Task: {127E8E32-2CF0-4CF0-950F-C0B8EA35A50B} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2016-06-20] (Byte Technologies LLC) <==== ACHTUNG
Task: {25198102-EC51-45EB-9E96-3F1A00598D7E} - System32\Tasks\{E442D925-062B-4048-92DD-81B6E5D4EBC7} => pcalua.exe -a C:\Users\Ck\Downloads\XDA-HTC\MyMobile123_06152008.exe -d C:\Users\Ck\Downloads\XDA-HTC
Task: {2A93CF91-7D23-4C00-AC9F-80B34E45359D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000UA => C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-02] (Dropbox, Inc.)
Task: {2D771066-A4F3-46BF-8CA3-9CAFDA14E3C5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {2E8F338E-D82C-4BE0-A37E-D30BC60BE7CD} - System32\Tasks\{DA74A66F-ED8F-4CB5-818F-EA45C9EEAD30} => pcalua.exe -a L:\Mail\portable_thunderbird_2.0.0.6_win_de\portablethunderbird.exe -d L:\Mail\portable_thunderbird_2.0.0.6_win_de
Task: {39704CCB-91C6-4FCE-ADB3-55BFC4B12B7E} - System32\Tasks\{25DFB1E6-A77D-4292-9046-FBC6E033A8D1} => pcalua.exe -a C:\Users\Ck\Desktop\cms_en_hbw_setup.exe -d C:\Users\Ck\Desktop
Task: {4F8E0ADA-3D61-42EB-990F-9E3DCA4192F7} - System32\Tasks\1215avUpdateInfo => C:\ProgramData\Avg_Update_1215av\1215av_AVG-Secure-Search-Update.exe [2015-11-22] ()
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {628D65C8-3315-4964-8E2E-A3333ECCF05F} - System32\Tasks\{1CC5E591-F6A7-4E18-8935-6150C7ADBBD3} => pcalua.exe -a "C:\Program Files\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {66813AAB-BC6C-4DF1-AD7C-1FA047F5CFBC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {6A8C4CC9-938F-4B6F-BF0F-DCD924790CEE} - System32\Tasks\{71F44B15-7CB1-4B86-BD60-D6CD264CF120} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.259/de/privacy
Task: {71CB78DC-3465-4B72-A2C5-F2347E83C5C7} - System32\Tasks\{69EF8CEA-F288-4F17-9417-BBF04DE439FB} => pcalua.exe -a C:\Users\Ck\Downloads\General_DeviceManage_V2.5.1.0.R.20141023.exe -d C:\Users\Ck\Downloads
Task: {720D1503-4901-4D3A-AE34-C2A846495526} - System32\Tasks\{D210CFB3-7484-4E0D-A07E-00A804913C1F} => pcalua.exe -a C:\Users\Ck\Downloads\XDA-HTC\RUU_Topaz_S_HTC_GER_2.16.407.1_Radio_Sign_Topaz_61.44tc.25.32_4.49.25.17_Ship.exe -d C:\Users\Ck\Downloads\XDA-HTC
Task: {786C056D-F7DD-4F91-A4C8-592D795E66B2} - System32\Tasks\{FDBDBBE2-3B9F-4E39-B60C-9A5E520FB6BE} => pcalua.exe -a C:\Users\Ck\AppData\Local\Temp\sp_setpoint.exe -d "C:\Program Files\Logitech\SetPoint"
Task: {7882BC03-0A35-4B7C-8824-612F8992586E} - System32\Tasks\{4930B6A3-896D-4B89-B490-928D2E8409F2} => pcalua.exe -a E:\setup.exe -d E:\
Task: {83A6087A-B895-43E6-8B49-141E3604079B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {8B570972-C515-4AA6-AA33-FD3720281B78} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {8F3C77A0-80DE-4FF6-AB16-9BEED1651B92} - System32\Tasks\{FBD2B4DA-3B72-4A59-A46D-20A920C322A0} => pcalua.exe -a C:\Users\Ck\Downloads\dotnetfx3setup.exe -d "C:\Program Files\Mozilla Firefox"
Task: {A1819EA4-5CA1-40C3-AD8F-82CE890AEEDB} - System32\Tasks\{226C3DB4-BC58-406E-843A-7343C8C18171} => pcalua.exe -a "C:\Users\Ck\Downloads\XDA-HTC\_HTC Touch Diamond2_RUU_Topaz_S_Vodafone_DE_2.16.162.1_Radio_Sign_Topaz_61.44tc.25.32_4.49.25.17_Ship.exe" -d C:\Users\Ck\Downloads\XDA-HTC
Task: {A3A35131-2635-4486-AB91-A5DD9BDD36F4} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec [Argument = /StartRecording]
Task: {AFD815CF-6434-41A1-8ADE-2B62CF9B1F7C} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-20] (Google) <==== ACHTUNG
Task: {B58C017E-761D-451C-AB1A-D1879E73B069} - System32\Tasks\{4BD28B09-9A1B-4A69-BA90-67C98CB290E5} => pcalua.exe -a "C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UQLUDLP2\NewActive.exe" -d C:\Users\Ck\Desktop
Task: {B6D39B96-0714-4D74-BB26-3C28909655BF} - System32\Tasks\{723229ED-F780-4C7B-98CB-3F4C06D62E95} => pcalua.exe -a C:\Users\Ck\Desktop\Kamera\cms-2012.3.201\CMS-2012.3.20\CMS.exe -d C:\Users\Ck\Desktop\Kamera\cms-2012.3.201\CMS-2012.3.20
Task: {B7EDDC49-2A82-4201-99A1-2F0C4F4A7561} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1965394401-2103718357-1127923810-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {BD00CA6F-0897-4711-813F-89264B56E755} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {BEB85EF8-764D-4908-AAD9-0B659819E7FE} - System32\Tasks\{0E8F34EC-4494-4A2C-AFF3-11CA2F5B4C90} => pcalua.exe -a "C:\Users\Ck\Documents\Bedienungsanleitungen\Neuer Ordner\talk&amp;surf_6_0\instmsia.exe" -d "C:\Users\Ck\Documents\Bedienungsanleitungen\Neuer Ordner\talk&amp;surf_6_0"
Task: {C03989FD-EAF4-41A9-AF33-707D79307A78} - System32\Tasks\{7AF1BA91-2A03-4427-9720-C576FE3DD4F8} => pcalua.exe -a "C:\Program Files\DAEMON Tools Lite\uninst.exe" -d "C:\Program Files\DAEMON Tools Lite"
Task: {C146D4B7-1BE2-41D1-B2C5-C5A514E2BCF7} - System32\Tasks\{AE2FEAEC-AF5B-49E4-AEE0-D09143669355} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.259/de/abandoninstall?page=tsBing
Task: {C542AE38-6F6C-4C03-BF32-23C131C96C9B} - System32\Tasks\FCBfan => C:\Users\Ck\AppData\Roaming\FCBfan\fcbfan.exe <==== ACHTUNG
Task: {C7C4EE56-B8AA-4351-81BD-0A6D455AC43B} - System32\Tasks\{6A6AB472-58DE-4906-B2C1-C452BD9DBA22} => pcalua.exe -a C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_146_Plugin.exe -c -maintain plugin
Task: {D89A30EF-DA26-4944-B61D-4241FE07E0D6} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1965394401-2103718357-1127923810-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {E29110D1-140F-4436-88B5-AE82F41F7645} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {E8232C5C-94D3-4837-90DC-746D038E2DF3} - System32\Tasks\{34D13FC3-38F9-492B-B933-0F652EB35694} => pcalua.exe -a C:\Users\Ck\Downloads\Active.exe -d C:\Users\Ck\Downloads
Task: {F2E8B3A8-A3BD-41F4-BA6E-7ADCA98B02F4} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-04-10] (Oracle Corporation)
Task: {F440BE00-829C-40EF-8625-F7DDE569FEE2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000Core => C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-02] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\1215avUpdateInfo.job => C:\ProgramData\Avg_Update_1215av\1215av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000Core.job => C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000UA.job => C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe <==== ACHTUNG
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-08-24 17:51 - 2011-07-20 13:37 - 00206336 _____ () C:\Program Files\PC Beschleunigen\PCSUService.exe
2007-06-05 13:20 - 2007-06-05 13:20 - 00177704 _____ () C:\Windows\system32\PSIService.exe
2009-04-22 16:09 - 2009-02-25 09:13 - 00247152 _____ () C:\Program Files\Cyberlink\Shared files\RichVideo.exe
2016-07-14 20:58 - 2016-07-14 20:58 - 00254264 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
2014-08-11 13:05 - 2014-08-11 13:04 - 00159768 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2014-08-11 13:05 - 2014-08-11 13:04 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2016-07-14 20:58 - 2016-07-14 20:58 - 00564024 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
2009-08-23 19:58 - 2009-08-23 19:58 - 00094208 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2009-05-29 21:58 - 2008-09-16 20:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2008-08-27 16:32 - 2008-08-27 16:32 - 00619816 _____ () C:\Program Files\HomeCinema\Power2Go\CLMediaLibrary.dll
2008-06-09 09:55 - 2008-06-09 09:55 - 00013096 _____ () C:\Program Files\HomeCinema\Power2Go\CLMLSvcPS.dll
2009-07-01 18:37 - 2009-07-01 18:37 - 00037888 _____ () C:\Program Files\Winamp\winampa.exe
2014-07-04 10:22 - 2014-06-20 08:42 - 00401280 _____ () C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
2014-07-04 10:22 - 2014-03-04 13:20 - 00117760 _____ () C:\Program Files\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2014-07-04 10:22 - 2014-04-22 04:14 - 00065536 _____ () C:\Program Files\VTech\DownloadManager\System\QHttpServer.dll
2014-07-04 10:22 - 2014-05-06 07:39 - 00861184 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\platforms\qwindows.dll
2014-07-04 10:22 - 2014-05-06 07:38 - 00021504 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qgif.dll
2014-07-04 10:22 - 2014-05-06 07:38 - 00020992 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qico.dll
2014-07-04 10:22 - 2014-05-06 07:38 - 00204800 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qjpeg.dll
2014-07-04 10:22 - 2014-05-06 12:44 - 00218112 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qmng.dll
2014-07-04 10:22 - 2014-05-06 07:58 - 00015872 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qsvg.dll
2014-07-04 10:22 - 2014-05-06 12:44 - 00015360 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qtga.dll
2014-07-04 10:22 - 2014-05-06 12:44 - 00307712 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qtiff.dll
2014-07-04 10:22 - 2014-05-06 12:44 - 00014848 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qwbmp.dll
2014-07-04 10:22 - 2014-05-06 08:31 - 00015872 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\sensors\qtsensors_dummy.dll
2014-07-04 10:22 - 2014-05-06 07:38 - 00036352 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\bearer\qgenericbearer.dll
2014-07-04 10:22 - 2014-05-06 07:38 - 00038912 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\bearer\qnativewifibearer.dll
2014-05-17 08:50 - 2014-08-26 05:43 - 02640408 _____ () C:\Program Files\AVG Secure Search\vprot.exe
2016-04-07 18:15 - 2016-04-07 18:15 - 40500224 _____ () C:\Program Files\AVG\UiDll\2171\libcef.dll
2016-08-02 23:47 - 2016-08-02 23:47 - 00182272 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Commonc65c5a95#\97fe9e5d3c179b88a47a355e3d497461\Kies.Common.DeviceServiceLib.Interface.ni.dll
2016-08-02 23:47 - 2016-08-02 23:47 - 15017472 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\2b03fce391135d2616e3ca1f41e4d3f9\Kies.Theme.ni.dll
2016-08-02 23:47 - 2016-08-02 23:47 - 01899520 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\ed992385c10d33321704bbba68a32c66\Kies.UI.ni.dll
2016-08-02 23:47 - 2016-08-02 23:47 - 00079360 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\2904a13c0bdf6fab78e97ed5e5349855\Kies.MVVM.ni.dll
2016-08-02 23:47 - 2016-08-02 23:47 - 00233984 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\2ae6e946b06d8ca8c1f09e28006ac538\ASF_cSharpAPI.ni.dll
2014-08-25 06:39 - 2009-07-20 12:27 - 00017936 _____ () C:\Program Files\Logitech\SetPoint\khalwrapper.dll
2016-07-12 17:48 - 2016-06-30 04:25 - 00035792 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-08-07 17:57 - 2016-06-30 04:25 - 00145864 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-08-07 17:57 - 2016-06-30 04:26 - 00019408 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-08-07 17:57 - 2016-06-30 04:25 - 00116688 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-07-12 17:48 - 2016-06-30 04:25 - 00100296 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-06-25 09:52 - 2016-06-30 04:25 - 00018888 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\select.pyd
2016-06-25 09:52 - 2016-08-01 23:27 - 00019760 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-06-25 09:52 - 2016-06-30 04:25 - 00694224 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-08-07 17:57 - 2016-08-01 23:26 - 00020816 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-07-12 17:48 - 2016-06-30 04:26 - 00123856 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-08-07 17:57 - 2016-08-01 23:26 - 01682760 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-08-07 17:57 - 2016-08-01 23:26 - 00020808 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00021312 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00052024 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00038696 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-06-25 09:52 - 2016-06-30 04:27 - 00105928 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-08-07 17:57 - 2016-06-30 04:25 - 00392144 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-08-07 17:57 - 2016-06-30 04:27 - 00020936 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00024528 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00114640 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-06-25 09:52 - 2016-08-01 23:27 - 00381752 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00124880 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00025424 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-06-25 09:52 - 2016-06-30 04:27 - 00024016 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00175560 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00030160 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00043472 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00048592 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00026456 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00057808 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00024016 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-08-07 17:57 - 2016-08-01 23:26 - 00246592 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00028616 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-07-12 17:48 - 2016-08-01 23:27 - 00020800 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-07-12 17:48 - 2016-08-01 23:27 - 00019776 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-07-12 17:48 - 2016-08-01 23:27 - 00020800 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-07-12 17:48 - 2016-06-30 04:25 - 00144848 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-08-07 17:57 - 2016-06-30 04:26 - 00241104 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2016-08-07 17:57 - 2016-08-01 23:26 - 00020280 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-07-12 17:48 - 2016-08-01 23:27 - 00023376 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00350152 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-07-12 17:48 - 2016-08-01 23:27 - 00022352 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00024392 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-08-07 17:57 - 2016-06-30 04:28 - 00036296 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\librsync.dll
2016-08-07 17:57 - 2016-08-01 23:27 - 00084280 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-08-07 17:57 - 2016-08-01 23:27 - 01826096 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-06-25 09:52 - 2016-06-30 04:26 - 00083912 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\sip.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 03929392 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 01972016 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00531248 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00132912 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00224056 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00207672 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00020288 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00060880 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00024904 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00546096 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00357680 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00042808 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-05-25 14:38 - 2016-05-25 14:38 - 00106776 _____ () C:\Program Files\ByteFence\x86\lz4_x86.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\dyndns.org -> hxxp://fruechtemtz.dyndns.org
IE trusted site: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\no-ip.org -> hxxp://teufelsbox.no-ip.org

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2006-11-02 12:23 - 2016-08-11 20:20 - 00001961 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

Da befinden sich 5 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.115.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{7ADE6780-8950-4568-AE42-156E26523817}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{21A2A72D-C72E-48F1-81DA-6DA6C22D8159}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{75A3EED0-6127-4849-9403-C0FB7996B247}] => (Allow) LPort=26675
FirewallRules: [{599FEA04-953A-40D2-9E33-8850A8AF5D82}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{317049B1-7474-4657-B639-180C2192B20D}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{46B83F69-94C7-495B-9F1D-B3E1A3403443}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{8E7DEC09-287A-4881-85A3-701E56D7F9E3}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{8522B942-7D77-4A85-9775-B0B13002DCD8}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [UDP Query User{85A74167-4A6B-43C0-B5CB-13278338AB69}E:\dvr v8.97\dvr\encode.exe] => (Allow) E:\dvr v8.97\dvr\encode.exe
FirewallRules: [TCP Query User{603E47FC-65E5-4244-9184-64B737B7A60A}E:\dvr v8.97\dvr\encode.exe] => (Allow) E:\dvr v8.97\dvr\encode.exe
FirewallRules: [UDP Query User{1D4156AD-EAC5-4103-9C53-228167735AA1}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{D5B3DD8A-548D-4477-9EAA-95262B1AA269}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{CA0F2C7F-986E-4C53-A52C-3EBD9267074A}C:\program files\pdvr\pdvr.exe] => (Allow) C:\program files\pdvr\pdvr.exe
FirewallRules: [TCP Query User{080598C6-ED4E-45F5-9FB7-677AB378C334}C:\program files\pdvr\pdvr.exe] => (Allow) C:\program files\pdvr\pdvr.exe
FirewallRules: [{72E75FBE-C146-4E5E-83F3-D28D0B210D50}] => (Allow) C:\Program Files\PURE Flow Server\twonkymediaserver.exe
FirewallRules: [{5A21343C-6687-4048-A8B2-2A7E87911F08}] => (Allow) C:\Program Files\PURE Flow Server\twonkymediaserver.exe
FirewallRules: [{B9B6546E-DBF0-40E0-A25E-07EB2C1A5449}] => (Allow) C:\Program Files\PURE Flow Server\twonkymediaserverwatchdog.exe
FirewallRules: [{4A7DDA3D-40C0-4FC6-81DD-0FEB9B07AF3F}] => (Allow) C:\Program Files\PURE Flow Server\twonkymediaserverwatchdog.exe
FirewallRules: [UDP Query User{3D8D522F-6C42-4FA2-A127-66DA0B637A2E}C:\program files\fritz!\frifax32.exe] => (Block) C:\program files\fritz!\frifax32.exe
FirewallRules: [TCP Query User{5DF8515A-676D-40BB-8352-3989E2D9E6E3}C:\program files\fritz!\frifax32.exe] => (Block) C:\program files\fritz!\frifax32.exe
FirewallRules: [{7360A445-A3CB-445A-A7DA-AB308364F275}] => (Allow) C:\Program Files\FRITZ!\igd_finder.exe
FirewallRules: [{AFA72526-5207-437D-9A9C-243B050D89D9}] => (Allow) C:\Program Files\FRITZ!\igd_finder.exe
FirewallRules: [UDP Query User{454A84A6-26BB-48AE-8E31-E67A875CD1CB}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [TCP Query User{8D5C2EC7-24D9-4ADA-A8A7-9DB1C572FCDD}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [UDP Query User{C1014B50-AF56-488F-903D-C92996D9CAD8}C:\users\ck\desktop\fritz.box_wlan_7390_84.04.84.recover-image.exe] => (Allow) C:\users\ck\desktop\fritz.box_wlan_7390_84.04.84.recover-image.exe
FirewallRules: [TCP Query User{31086841-A3ED-4164-B74E-3BC4A5745CE4}C:\users\ck\desktop\fritz.box_wlan_7390_84.04.84.recover-image.exe] => (Allow) C:\users\ck\desktop\fritz.box_wlan_7390_84.04.84.recover-image.exe
FirewallRules: [UDP Query User{28311615-6F20-478D-9805-E6AF9BA990B0}C:\users\ck\capitest.exe] => (Allow) C:\users\ck\capitest.exe
FirewallRules: [TCP Query User{C75E9A32-9B92-4135-9745-B1D7A517A62B}C:\users\ck\capitest.exe] => (Allow) C:\users\ck\capitest.exe
FirewallRules: [UDP Query User{7AAAAC3B-2EF3-4FC7-9E9F-4930BBCF0C4F}C:\program files\fritz!\frifax32.exe] => (Allow) C:\program files\fritz!\frifax32.exe
FirewallRules: [TCP Query User{3571DEE7-180D-460A-B99D-6598A17DDAA7}C:\program files\fritz!\frifax32.exe] => (Allow) C:\program files\fritz!\frifax32.exe
FirewallRules: [UDP Query User{0EA37256-1A6C-43AA-9B79-ED34D9AD86D6}C:\users\ck\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\ck\appdata\local\temp\_istmp1.dir\_ins5576._mp
FirewallRules: [TCP Query User{A2EE00DF-DA65-45C4-BD89-17ACE5BAF15E}C:\users\ck\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\ck\appdata\local\temp\_istmp1.dir\_ins5576._mp
FirewallRules: [UDP Query User{B5770EFC-5DD2-4FE2-98F0-71C0E0E5B583}C:\users\ck\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe] => (Allow) C:\users\ck\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe
FirewallRules: [TCP Query User{BF6008EA-FC83-4EAB-9024-C5F59AE5D3DD}C:\users\ck\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe] => (Allow) C:\users\ck\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe
FirewallRules: [UDP Query User{2708DB09-F52E-425B-BBD9-BFD51ACF273F}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [TCP Query User{798FA436-9103-436C-98B7-5B310751EF00}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [{94A1B95C-8BD9-49D7-9E59-975A0700D048}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [{5615D64E-F202-46C2-9C3F-1A5DE2EE756D}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [{3E6A057A-F868-4CC8-AE7F-B2DE4C7C267E}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{5A6A03BC-8AC5-482B-8A81-9DD1191C935A}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{F5D27E35-B63D-4456-B9EB-D364DB20C0E4}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{173BEF30-E791-4D07-BC0A-67B9E67DFF01}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{996748D8-A0A1-4DB6-B683-81E91CEA7370}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{0EC9DE4F-B1C3-4EBC-AE09-DC4EC7A1F21A}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [UDP Query User{878E3AB6-44C1-46E6-B568-F0117D8374B2}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{C6110339-8D5E-4F2D-BFE4-414D3F8DE6B0}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{E20F74A9-6056-4999-B500-7AAB54F89043}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [{C524683F-328A-467C-ACB5-A130E4568F30}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [UDP Query User{CA5855DA-53D5-4697-B811-A24FFDD4012D}C:\program files\synology\assistant\dsassistant.exe] => (Allow) C:\program files\synology\assistant\dsassistant.exe
FirewallRules: [TCP Query User{9DE8B423-B3A5-4F29-B155-DF31DE15D8E7}C:\program files\synology\assistant\dsassistant.exe] => (Allow) C:\program files\synology\assistant\dsassistant.exe
FirewallRules: [UDP Query User{238B0185-2155-471B-9425-DE106D3BDFC4}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{3B17293C-4C00-4881-9180-000B36F690C8}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{67031F9B-7197-41CC-B5E5-071B3E3AAAB8}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{0D69F73B-7BF1-40FC-BF4E-F263DD772249}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [{5D1A37DB-9536-4516-ABF4-F30B2C542D16}] => (Allow) LPort=26675
FirewallRules: [{7BC04F0B-A432-405C-9781-CF5D493E1D7B}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{8F6029F4-FD1F-40EF-9014-EEE098FA3215}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [UDP Query User{64B44A5C-73C4-4356-A671-7F09E17784AD}C:\program files\intuwave\shared\mrouterruntime\mrouterruntime.exe] => (Allow) C:\program files\intuwave\shared\mrouterruntime\mrouterruntime.exe
FirewallRules: [TCP Query User{2C362057-AA33-4E24-BED8-64DE3F9B91D4}C:\program files\intuwave\shared\mrouterruntime\mrouterruntime.exe] => (Allow) C:\program files\intuwave\shared\mrouterruntime\mrouterruntime.exe
FirewallRules: [{840ED993-7ABA-41B1-A0D3-496FC341389F}] => (Allow) LPort=26675
FirewallRules: [{8A6221CD-694D-4BE2-AF91-CF07C8389BBA}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{D892051C-056C-4FB3-9222-BAB0D91D525E}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{5C5D76A8-3840-4349-97B5-C5C189D9C722}] => (Allow) C:\Program Files\HomeCinema\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{02B1A3A3-E6F9-4601-A3B3-B8CEE05BE901}] => (Allow) C:\Program Files\HomeCinema\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{C6EB1591-5865-4589-89C2-E3915E42F284}] => (Allow) C:\Program Files\HomeCinema\PowerDirector\PDR.EXE
FirewallRules: [{44E3F3DA-D2F3-46F4-954A-4CD56F505E7E}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{56696065-60CE-4100-BBC1-68EBE5C1C3B0}] => (Allow) svchost.exe
FirewallRules: [{BDA30BF2-C41B-43AB-98ED-F5E0CEBCFB9F}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5B46585A-C0E7-4CCB-82FE-0B402D6E2D8A}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [TCP Query User{F041C875-D884-4721-88AE-EAEEB1AE6C37}E:\powerline utility\powerline scan\powerline scan.exe] => (Allow) E:\powerline utility\powerline scan\powerline scan.exe
FirewallRules: [UDP Query User{B0849B15-63AC-4D25-908D-BF27778AD19D}E:\powerline utility\powerline scan\powerline scan.exe] => (Allow) E:\powerline utility\powerline scan\powerline scan.exe
FirewallRules: [TCP Query User{CA8DB31F-C3F4-4B5D-9314-9AAF36C30AF4}C:\program files\pdvr\pdvr.exe] => (Allow) C:\program files\pdvr\pdvr.exe
FirewallRules: [UDP Query User{9A981ECF-A2C7-42D8-AD98-09669E5D306C}C:\program files\pdvr\pdvr.exe] => (Allow) C:\program files\pdvr\pdvr.exe
FirewallRules: [{0B5987A1-65A8-45A2-83B6-E4C32043AB48}] => (Allow) C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{2CCEA8DE-6165-4F72-81D8-C074E23BD01F}] => (Allow) C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{896B5766-6732-4338-B6F9-BFC31E6AD5A2}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{28B899BC-5A1B-43C4-A8B2-136E72F6AD86}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{577AC29F-7498-49BC-B51A-700BD45B6D16}] => (Allow) C:\Program Files\AVG\AVG2014\avgnsx.exe
FirewallRules: [{1C664FE5-209C-4E59-952F-8AA498DF9D38}] => (Allow) C:\Program Files\AVG\AVG2014\avgnsx.exe
FirewallRules: [{E4955CC9-D470-406C-9197-6A6A0964EB31}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{6F21AB69-04C5-49B6-B62C-BEAB94BBADE8}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe
FirewallRules: [TCP Query User{B14C26DC-59BF-4450-9A8E-517114A1B828}C:\users\ck\downloads\dcce2_150\dcc_e2.exe] => (Allow) C:\users\ck\downloads\dcce2_150\dcc_e2.exe
FirewallRules: [UDP Query User{B0477CBA-6117-4144-A3ED-A1F622840314}C:\users\ck\downloads\dcce2_150\dcc_e2.exe] => (Allow) C:\users\ck\downloads\dcce2_150\dcc_e2.exe
FirewallRules: [{3A51ED74-5852-4624-8D5B-3C7F27B34814}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{347B8B36-BF63-4117-8F74-59201E414E81}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{C0B052A0-EE5E-4F0F-B02C-9B39D690E289}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{4F123978-DDCC-4C7D-8983-C28F0AAC37C3}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{4CDA9912-8BCF-4A9C-8E93-1EB248EC814C}] => (Allow) C:\Users\Ck\AppData\Local\Temp\7zS497B.tmp\SymNRT.exe
FirewallRules: [{6593E86B-F059-4D27-93EE-42E62B37FB37}] => (Allow) C:\Users\Ck\AppData\Local\Temp\7zS497B.tmp\SymNRT.exe
FirewallRules: [{E078E7CD-4300-498A-8962-BB78FC59226D}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{B9DE3BB7-7CF1-4092-B18D-0A1C35594858}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{85F34518-7490-424B-8AB5-4F42419523BE}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{19CA2410-D39C-4F2E-9F64-7420B3FA291C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E26CE404-BD83-450C-960D-BC6FB43934DF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2DA798A6-223B-476D-8F79-813C9F93C735}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{25D52EF8-F436-4E35-8C52-EE52F2573908}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{E1996656-6977-4E9E-ADA7-3E160AECF691}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{443F9370-1E62-48A8-A632-A8C37F37BC2C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3BA3523F-3CCF-4AA2-8796-C02F3B10792C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{07BCA684-9F01-4175-84C5-1EF94BBB8441}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{6A713E75-8990-4BC2-B421-187DD1B01F9B}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [TCP Query User{C153EA66-1D83-49F9-A95E-425139115092}C:\users\ck\appdata\local\temp\rar$ex00.352\powerline scan.exe] => (Block) C:\users\ck\appdata\local\temp\rar$ex00.352\powerline scan.exe
FirewallRules: [UDP Query User{A27F579C-298D-49FE-B298-B60ADDA8BA97}C:\users\ck\appdata\local\temp\rar$ex00.352\powerline scan.exe] => (Block) C:\users\ck\appdata\local\temp\rar$ex00.352\powerline scan.exe
FirewallRules: [TCP Query User{B02F92D4-281E-48DF-AB03-EF43E5EAC785}C:\users\ck\downloads\powerline_scan\powerline scan.exe] => (Block) C:\users\ck\downloads\powerline_scan\powerline scan.exe
FirewallRules: [UDP Query User{AF9BFE9A-4654-4ED8-B114-CFC27FF91AD1}C:\users\ck\downloads\powerline_scan\powerline scan.exe] => (Block) C:\users\ck\downloads\powerline_scan\powerline scan.exe
FirewallRules: [{09F80C0D-913B-4F46-A587-6817106CEBE8}] => (Allow) C:\Program Files\Sonos\Sonos.exe
FirewallRules: [{EFCC012B-F4D9-46E6-993B-9945C0DB520E}] => (Allow) C:\Program Files\Sonos\Sonos.exe
FirewallRules: [TCP Query User{DC10596F-6D4D-416E-942C-2C48DFF69592}C:\program files\device manager\devicemanage.exe] => (Allow) C:\program files\device manager\devicemanage.exe
FirewallRules: [UDP Query User{8C425570-FA19-4772-8083-9F301306B1FE}C:\program files\device manager\devicemanage.exe] => (Allow) C:\program files\device manager\devicemanage.exe
FirewallRules: [{51718A97-F258-4584-AB8B-ACC380823A66}] => (Block) C:\program files\device manager\devicemanage.exe
FirewallRules: [{3D87C3A0-A733-41A7-9E8E-3ABD89667C6B}] => (Block) C:\program files\device manager\devicemanage.exe
FirewallRules: [TCP Query User{DD1F36BE-AAB9-4E09-8DFE-A296265C0A48}E:\lupusipfinder\lupusipfinder.exe] => (Allow) E:\lupusipfinder\lupusipfinder.exe
FirewallRules: [UDP Query User{F7E647C6-B35C-4745-B8D3-B43F8CD93F75}E:\lupusipfinder\lupusipfinder.exe] => (Allow) E:\lupusipfinder\lupusipfinder.exe
FirewallRules: [{6D852816-5AFB-4412-9C7F-9557CE3B9D87}] => (Block) E:\lupusipfinder\lupusipfinder.exe
FirewallRules: [{68A50DFD-454B-42E6-A718-0E8812760048}] => (Block) E:\lupusipfinder\lupusipfinder.exe
FirewallRules: [TCP Query User{3E0A1CB6-3E43-4D11-AE44-FEDDD1706D7F}C:\users\ck\downloads\qd300wifi,qd900wifi,q6320wifi\qd300wifi,qd900wifi,q6320wifi\ip search tool\ipcsearch.exe] => (Block) C:\users\ck\downloads\qd300wifi,qd900wifi,q6320wifi\qd300wifi,qd900wifi,q6320wifi\ip search tool\ipcsearch.exe
FirewallRules: [UDP Query User{84CBC649-C200-4A8A-8825-18526A177F74}C:\users\ck\downloads\qd300wifi,qd900wifi,q6320wifi\qd300wifi,qd900wifi,q6320wifi\ip search tool\ipcsearch.exe] => (Block) C:\users\ck\downloads\qd300wifi,qd900wifi,q6320wifi\qd300wifi,qd900wifi,q6320wifi\ip search tool\ipcsearch.exe
FirewallRules: [{E66B4D10-CEED-4700-99B2-0094DC3352D9}] => (Block) C:\users\ck\downloads\qd300wifi,qd900wifi,q6320wifi\qd300wifi,qd900wifi,q6320wifi\ip search tool\ipcsearch.exe
FirewallRules: [TCP Query User{0BFB32C7-CD29-46DB-8CA2-141F86B9A937}C:\users\ck\downloads\ipcamsearch.exe] => (Allow) C:\users\ck\downloads\ipcamsearch.exe
FirewallRules: [UDP Query User{FE7D0C21-5AB8-472D-B50F-B30045A1368B}C:\users\ck\downloads\ipcamsearch.exe] => (Allow) C:\users\ck\downloads\ipcamsearch.exe
FirewallRules: [{A97A3298-81B9-44EA-A54A-57461C60B58B}] => (Block) C:\users\ck\downloads\ipcamsearch.exe
FirewallRules: [{C42B7E11-A936-4661-87FF-3B6B4FC433CC}] => (Block) C:\users\ck\downloads\ipcamsearch.exe
FirewallRules: [{93FDD038-375F-47C5-B099-210C2CD956D1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{DD93A56E-FB80-4B42-8D67-CC50C40250A4}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{A5BAEC36-35BA-4432-A686-5FB7D4553F92}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{93682502-70C5-4CD6-A523-B95BFC6F4869}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{EAB66A79-D3AF-44CC-9ABC-1086881AC862}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{04262082-E829-41EB-BE46-443E1C0BE11A}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{1B065B1D-3877-457C-830F-507BC3D732BA}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7

==================== Wiederherstellungspunkte =========================

22-07-2016 00:00:06 Geplanter Prüfpunkt
02-08-2016 22:50:21 Geplanter Prüfpunkt
02-08-2016 23:24:25 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 802.11 n/g/b-Drahtlos-LAN-USB-Adapter
Description: 802.11 n/g/b-Drahtlos-LAN-USB-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: AzureWave Technologies, Inc.
Service: netr28u
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: sptd
Description: sptd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: sptd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/11/2016 08:21:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/10/2016 05:55:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/07/2016 05:36:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2016 11:35:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2016 11:59:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2016 11:59:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2016 09:29:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/23/2016 01:08:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ByteFence.exe, Version: 2.3.0.0, Zeitstempel: 0x57683013
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23418, Zeitstempel: 0x5708a7a8
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000c3b03
ID des fehlerhaften Prozesses: 0x1150
Startzeit der fehlerhaften Anwendung: 0xByteFence.exe0
Pfad der fehlerhaften Anwendung: ByteFence.exe1
Pfad des fehlerhaften Moduls: ByteFence.exe2
Berichtskennung: ByteFence.exe3

Error: (07/23/2016 09:34:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2016 06:46:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (08/11/2016 08:21:09 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
sptd

Error: (08/11/2016 08:19:57 PM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.

Error: (08/10/2016 05:54:19 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
sptd

Error: (08/10/2016 05:53:05 PM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.

Error: (08/07/2016 05:35:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
sptd

Error: (08/07/2016 05:34:18 PM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.

Error: (08/04/2016 11:35:26 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
sptd

Error: (08/04/2016 11:33:56 AM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.

Error: (08/02/2016 11:59:34 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
sptd

Error: (08/02/2016 11:57:10 PM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.


CodeIntegrity:
===================================
  Date: 2013-05-31 12:34:57.912
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-31 12:34:57.633
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-31 12:34:57.351
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-31 12:34:57.071
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-31 12:34:56.775
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-31 12:20:23.148
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-31 12:20:22.853
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-31 12:20:22.566
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-31 12:20:22.271
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-31 12:20:21.976
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Prozentuale Nutzung des RAM: 68%
Installierter physikalischer RAM: 3326.18 MB
Verfügbarer physikalischer RAM: 1051.25 MB
Summe virtueller Speicher: 6650.68 MB
Verfügbarer virtueller Speicher: 4483.9 MB

==================== Laufwerke ================================

Drive c: (BOOT) (Fixed) (Total:911.51 GB) (Free:116.45 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:8.84 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F98D6E74)

==================== Ende vom Addition.txt ============================
         
--- --- ---
__________________


Alt 11.08.2016, 19:54   #3
timercp
 
IRCBot Virut  wohl auf einem meiner Computer, informierte mich die T-Com - Standard

IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com



Code:
ATTFilter
20:50:46.0081 0x1bc8  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
20:50:49.0324 0x1bc8  ============================================================
20:50:49.0324 0x1bc8  Current date / time: 2016/08/11 20:50:49.0324
20:50:49.0324 0x1bc8  SystemInfo:
20:50:49.0324 0x1bc8  
20:50:49.0324 0x1bc8  OS Version: 6.1.7601 ServicePack: 1.0
20:50:49.0324 0x1bc8  Product type: Workstation
20:50:49.0324 0x1bc8  ComputerName: CK-PC
20:50:49.0324 0x1bc8  UserName: Ck
20:50:49.0324 0x1bc8  Windows directory: C:\Windows
20:50:49.0324 0x1bc8  System windows directory: C:\Windows
20:50:49.0324 0x1bc8  Processor architecture: Intel x86
20:50:49.0324 0x1bc8  Number of processors: 4
20:50:49.0324 0x1bc8  Page size: 0x1000
20:50:49.0324 0x1bc8  Boot type: Normal boot
20:50:49.0324 0x1bc8  CodeIntegrityOptions = 0x00000000
20:50:49.0324 0x1bc8  ============================================================
20:50:49.0548 0x1bc8  KLMD registered as C:\Windows\system32\drivers\97523810.sys
20:50:49.0548 0x1bc8  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23418, osProperties = 0x0
20:50:50.0039 0x1bc8  System UUID: {3F06C4F9-2B3F-54A5-59EC-8E249973F4E5}
20:50:50.0581 0x1bc8  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:50:50.0592 0x1bc8  ============================================================
20:50:50.0592 0x1bc8  \Device\Harddisk0\DR0:
20:50:50.0592 0x1bc8  MBR partitions:
20:50:50.0592 0x1bc8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x71F04800
20:50:50.0623 0x1bc8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x71F0503F, BlocksNum 0x2800982
20:50:50.0623 0x1bc8  ============================================================
20:50:50.0667 0x1bc8  C: <-> \Device\Harddisk0\DR0\Partition1
20:50:50.0699 0x1bc8  D: <-> \Device\Harddisk0\DR0\Partition2
20:50:50.0699 0x1bc8  ============================================================
20:50:50.0699 0x1bc8  Initialize success
20:50:50.0699 0x1bc8  ============================================================
20:51:29.0724 0x12f4  ============================================================
20:51:29.0724 0x12f4  Scan started
20:51:29.0724 0x12f4  Mode: Manual; SigCheck; TDLFS; 
20:51:29.0724 0x12f4  ============================================================
20:51:29.0724 0x12f4  KSN ping started
20:51:29.0798 0x12f4  KSN ping finished: true
20:51:32.0820 0x12f4  ================ Scan system memory ========================
20:51:32.0820 0x12f4  System memory - ok
20:51:32.0820 0x12f4  ================ Scan services =============================
20:51:33.0040 0x12f4  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:51:33.0167 0x12f4  1394ohci - ok
20:51:33.0211 0x12f4  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:51:33.0230 0x12f4  ACPI - ok
20:51:33.0250 0x12f4  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:51:33.0313 0x12f4  AcpiPmi - ok
20:51:33.0469 0x12f4  [ 68E7DEA59FDEF410BAF29FDB5B7A6EEF, B808FCF0C30B465A1330E47947B84FC722A3B4C46260E261C54B1EED725A288F ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:51:33.0483 0x12f4  AdobeARMservice - ok
20:51:33.0595 0x12f4  [ 32B31B696CB8E8F380831DFEB80A67E4, 8C8F6E16F2FB3E8F10569261B7712BBC931A2924B6C27D561E7F828041C4F3E6 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:51:33.0612 0x12f4  AdobeFlashPlayerUpdateSvc - ok
20:51:33.0681 0x12f4  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
20:51:33.0717 0x12f4  adp94xx - ok
20:51:33.0746 0x12f4  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
20:51:33.0766 0x12f4  adpahci - ok
20:51:33.0784 0x12f4  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
20:51:33.0800 0x12f4  adpu320 - ok
20:51:33.0850 0x12f4  [ 39AEAECE9F42407F176FE130D790BFBE, 19010DF87BDC1884268098CC04B4B15ECB710C94054A57157C0F9B7A795BDB28 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:51:33.0871 0x12f4  AeLookupSvc - ok
20:51:33.0944 0x12f4  [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD             C:\Windows\system32\drivers\afd.sys
20:51:33.0987 0x12f4  AFD - ok
20:51:34.0006 0x12f4  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
20:51:34.0020 0x12f4  agp440 - ok
20:51:34.0084 0x12f4  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
20:51:34.0098 0x12f4  aic78xx - ok
20:51:34.0146 0x12f4  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
20:51:34.0213 0x12f4  ALG - ok
20:51:34.0272 0x12f4  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:51:34.0285 0x12f4  aliide - ok
20:51:34.0303 0x12f4  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
20:51:34.0317 0x12f4  amdagp - ok
20:51:34.0330 0x12f4  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
20:51:34.0343 0x12f4  amdide - ok
20:51:34.0392 0x12f4  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
20:51:34.0451 0x12f4  AmdK8 - ok
20:51:34.0466 0x12f4  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
20:51:34.0507 0x12f4  AmdPPM - ok
20:51:34.0550 0x12f4  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:51:34.0565 0x12f4  amdsata - ok
20:51:34.0586 0x12f4  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
20:51:34.0602 0x12f4  amdsbs - ok
20:51:34.0620 0x12f4  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:51:34.0633 0x12f4  amdxata - ok
20:51:34.0688 0x12f4  [ C7F5CAE0B450BE875EEE0E6DDFA771FE, 4FDDC802C245606C8A9140F8DF3445FDD6F7112A516F68A04EA15CEB92852E67 ] AppID           C:\Windows\system32\drivers\appid.sys
20:51:34.0750 0x12f4  AppID - ok
20:51:34.0765 0x12f4  [ 8333787D8FCA460C0DD70436464A8A8D, 00AE5CE2FB2DF53B5850B561120A29F757A482115E4D8A52D8033502A45B138D ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:51:34.0792 0x12f4  AppIDSvc - ok
20:51:34.0840 0x12f4  [ 5EBE43384E25C3885833D5D8B4C6A143, C935BAEA51A418FBD30B3C9321D51963EF797D28A4DFF6CBB144A673BBA1C687 ] Appinfo         C:\Windows\System32\appinfo.dll
20:51:34.0867 0x12f4  Appinfo - ok
20:51:34.0958 0x12f4  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
20:51:34.0973 0x12f4  arc - ok
20:51:34.0984 0x12f4  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
20:51:34.0999 0x12f4  arcsas - ok
20:51:35.0173 0x12f4  [ 4170FD789CDDE8767972C7C87E6B3400, 36403DF991F451A2A539B7C9BBF1310768701F68AC5EFFA1E5EE0C07A427E5ED ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:51:35.0211 0x12f4  aspnet_state - ok
20:51:35.0276 0x12f4  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:51:35.0334 0x12f4  AsyncMac - ok
20:51:35.0397 0x12f4  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:51:35.0410 0x12f4  atapi - ok
20:51:35.0487 0x12f4  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:51:35.0560 0x12f4  AudioEndpointBuilder - ok
20:51:35.0575 0x12f4  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:51:35.0598 0x12f4  Audiosrv - ok
20:51:35.0840 0x12f4  [ CAF8BC64B176E0538DD8E48843362BCD, 22DB7FBEE6C86E8083F40E4D355E97A123DCC9337E1B48F75A40CD6971576846 ] AvgAMPS         C:\Program Files\AVG\Av\avgamps.exe
20:51:35.0879 0x12f4  AvgAMPS - ok
20:51:35.0968 0x12f4  [ B4FE5254D70F41057C291DB346066EBD, 5F9A55D0E0F124A8F35703D83877F5618684870DDE9AC669BB12111242860452 ] Avgdiskx        C:\Windows\system32\DRIVERS\avgdiskx.sys
20:51:35.0987 0x12f4  Avgdiskx - ok
20:51:36.0149 0x12f4  [ 22DECED310A21212D1EDB8D4D21F3C7B, EC3C584BB6CEA7B7B8F226CCD120E52619824720896E4E06965A4BBC1C1EECBC ] AVGIDSAgent     C:\Program Files\AVG\Av\avgidsagent.exe
20:51:36.0274 0x12f4  AVGIDSAgent - ok
20:51:36.0348 0x12f4  [ C6532F264B429847561172D6FCAF47D5, 660CCCC12D24D53A5C578F25AA30862B6F03490401E1CB53265CC9D5DE51CFE4 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
20:51:36.0370 0x12f4  AVGIDSDriver - ok
20:51:36.0427 0x12f4  [ D7E4BF5EEAD9FD6AE1787B61DFC44D02, 74E198EED4F71E316E74A160799261E6A6E417DC0350D775271F92E9F32275B1 ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
20:51:36.0447 0x12f4  AVGIDSHX - ok
20:51:36.0493 0x12f4  [ B6226F1D3146C8CE136366CEB5DBD256, 929E8A8AB33CDE2A005F5264C1614969BE7A7BF0450D1F0C51CC2E631FA7361B ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
20:51:36.0507 0x12f4  AVGIDSShim - ok
20:51:36.0522 0x12f4  [ 94D54A39739EF82F39A4FB0DB507ED6E, 6DE810BC1B65E7CFC42AE0EF80052AEFD4DD04F14ED76BBF46EDE29ADCC4A1A1 ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
20:51:36.0542 0x12f4  Avgldx86 - ok
20:51:36.0604 0x12f4  [ 4BFCE82C91F94ADE7B806C13AA8304AB, 240B466CE2B10AFF5E0B48BD450261A299484D84C8053EDFFD2ED0F57B5E6057 ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys
20:51:36.0626 0x12f4  Avglogx - ok
20:51:36.0656 0x12f4  [ 674165AFB0870A916688EB7E5F42666C, E46CA51DDC1B0F862BCEDBD409F1CA52506CBE07E2FCBF035DF610917F15AF6B ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
20:51:36.0691 0x12f4  Avgmfx86 - ok
20:51:36.0742 0x12f4  [ C4204EC9C5FDF51121EF0BD41F11E5C4, 3138D1B28A1B09C19FDCB5033F36F529D0B47B8C031CF70A43C0174BBBB6522E ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
20:51:36.0758 0x12f4  Avgrkx86 - ok
20:51:36.0892 0x12f4  [ 538191D31E96EE5EE30A00EFCCFC222A, E3DD5473257DE824E6602D13C3CC659A531715F73B6F353A3DC0206D291DEEA6 ] avgsvc          C:\Program Files\AVG\Framework\Common\avgsvcx.exe
20:51:36.0929 0x12f4  avgsvc - ok
20:51:36.0984 0x12f4  [ AFA94FA2E24B2AD948E639DC7508337A, FCE03381DFA6CDF3E9B6AEC58ADF6BDA9792233A07CA0C040E8954CC8E6E0B97 ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
20:51:37.0018 0x12f4  Avgtdix - ok
20:51:37.0061 0x12f4  [ D15D2E9F5567075740B88F16F01810D6, 09086182352B0901D886B1F588F141DFC1E68CF0CA62BA399F841E1C96DFDFEF ] avgtp           C:\Windows\system32\drivers\avgtpx86.sys
20:51:37.0074 0x12f4  avgtp - ok
20:51:37.0116 0x12f4  [ F575E50DC611A7D27D635A95B7E5B0FA, 634D5DD30058E3067B8CE26EB4FDC3D9DA869FEA64C747EFFAF80636E02DC1F0 ] Avgunivx        C:\Windows\system32\DRIVERS\avgunivx.sys
20:51:37.0146 0x12f4  Avgunivx - ok
20:51:37.0211 0x12f4  [ 97E8EA87A5764E7637611D9D7CF24A1E, ACE4FD9FFACF1E799BBA97076EFEBE71D2CDCD6B3A89CC1E31192C825F7DB504 ] avgwd           C:\Program Files\AVG\Av\avgwdsvcx.exe
20:51:37.0244 0x12f4  avgwd - ok
20:51:37.0345 0x12f4  [ 2A37D2DD959166531F7172CD1DE21964, EE4E19F83760C7CA03075315DC291A351D045C132958E28D3801A6D68409C349 ] avmike          C:\Program Files\FRITZ!Fernzugang\avmike.exe
20:51:37.0361 0x12f4  avmike - ok
20:51:37.0423 0x12f4  [ F161CF8F628130B464E6A908723D488C, 95D40B679C132989B6031CC566235033400DA88006CF258F1CEFFB0D105E3B5B ] AVMPowerlineService C:\Program Files\FRITZ!Powerline\PowerlineService.exe
20:51:37.0456 0x12f4  AVMPowerlineService - detected UnsignedFile.Multi.Generic ( 1 )
20:51:37.0498 0x12f4  Detect skipped due to KSN trusted
20:51:37.0498 0x12f4  AVMPowerlineService - ok
20:51:37.0575 0x12f4  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:51:37.0647 0x12f4  AxInstSV - ok
20:51:37.0713 0x12f4  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
20:51:37.0754 0x12f4  b06bdrv - ok
20:51:37.0781 0x12f4  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
20:51:37.0800 0x12f4  b57nd60x - ok
20:51:37.0866 0x12f4  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
20:51:37.0924 0x12f4  BDESVC - ok
20:51:37.0977 0x12f4  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:51:38.0003 0x12f4  Beep - ok
20:51:38.0068 0x12f4  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
20:51:38.0105 0x12f4  BFE - ok
20:51:38.0177 0x12f4  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
20:51:38.0304 0x12f4  BITS - ok
20:51:38.0350 0x12f4  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:51:38.0364 0x12f4  blbdrive - ok
20:51:38.0387 0x12f4  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:51:38.0467 0x12f4  bowser - ok
20:51:38.0480 0x12f4  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:51:38.0535 0x12f4  BrFiltLo - ok
20:51:38.0554 0x12f4  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:51:38.0569 0x12f4  BrFiltUp - ok
20:51:38.0600 0x12f4  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
20:51:38.0625 0x12f4  Browser - ok
20:51:38.0683 0x12f4  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:51:38.0766 0x12f4  Brserid - ok
20:51:38.0783 0x12f4  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:51:38.0817 0x12f4  BrSerWdm - ok
20:51:38.0858 0x12f4  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:51:38.0873 0x12f4  BrUsbMdm - ok
20:51:38.0885 0x12f4  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:51:38.0899 0x12f4  BrUsbSer - ok
20:51:38.0916 0x12f4  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
20:51:38.0932 0x12f4  BTHMODEM - ok
20:51:38.0989 0x12f4  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
20:51:39.0028 0x12f4  bthserv - ok
20:51:39.0087 0x12f4  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:51:39.0138 0x12f4  cdfs - ok
20:51:39.0182 0x12f4  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:51:39.0212 0x12f4  cdrom - ok
20:51:39.0273 0x12f4  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:51:39.0299 0x12f4  CertPropSvc - ok
20:51:39.0362 0x12f4  [ 17DEE799B508DCF61A3B60DBE1CBAABB, 1D821DA08F01A05F95EF24BC4A437EE7B5CF6796DB0A51B0E0602147BE65D245 ] certsrv         C:\Program Files\FRITZ!Fernzugang\certsrv.exe
20:51:39.0374 0x12f4  certsrv - ok
20:51:39.0425 0x12f4  [ 7B4AA3F4435950130BC0D9AC6F32DF36, 72EA4DC369145F00F45CC3D0BD3821DBBF0B46E59CDC7FE5C0E2C829C603BB8F ] CGVPNCliService C:\Program Files\CyberGhost 5\Service.exe
20:51:39.0438 0x12f4  CGVPNCliService - ok
20:51:39.0494 0x12f4  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
20:51:39.0531 0x12f4  circlass - ok
20:51:39.0570 0x12f4  [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS            C:\Windows\system32\CLFS.sys
20:51:39.0590 0x12f4  CLFS - ok
20:51:39.0683 0x12f4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:51:39.0698 0x12f4  clr_optimization_v2.0.50727_32 - ok
20:51:39.0745 0x12f4  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:51:39.0792 0x12f4  clr_optimization_v4.0.30319_32 - ok
20:51:39.0837 0x12f4  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:51:39.0873 0x12f4  CmBatt - ok
20:51:39.0901 0x12f4  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:51:39.0914 0x12f4  cmdide - ok
20:51:39.0967 0x12f4  [ AEC572F808592750F4C0880CFF94EEA5, 51B85CE1779D45A813CD33B527F418992A9494C1F0A190C59EB091A0E683F427 ] CNG             C:\Windows\system32\Drivers\cng.sys
20:51:39.0994 0x12f4  CNG - ok
20:51:40.0006 0x12f4  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:51:40.0019 0x12f4  Compbatt - ok
20:51:40.0030 0x12f4  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
20:51:40.0068 0x12f4  CompositeBus - ok
20:51:40.0093 0x12f4  COMSysApp - ok
20:51:40.0148 0x12f4  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
20:51:40.0161 0x12f4  crcdisk - ok
20:51:40.0213 0x12f4  [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:51:40.0261 0x12f4  CryptSvc - ok
20:51:40.0323 0x12f4  [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:51:40.0378 0x12f4  DcomLaunch - ok
20:51:40.0435 0x12f4  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
20:51:40.0490 0x12f4  defragsvc - ok
20:51:40.0559 0x12f4  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:51:40.0585 0x12f4  DfsC - ok
20:51:40.0624 0x12f4  [ 560B0DCE52DFED6623B27C9BAFA6F236, BB4156BB1CCA64CCDE065870DAE56CD58BF05CEBF7C3B17C7A821FDF02A8B157 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
20:51:40.0638 0x12f4  dg_ssudbus - ok
20:51:40.0716 0x12f4  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:51:40.0769 0x12f4  Dhcp - ok
20:51:40.0858 0x12f4  [ 0A3386E3CF9C5D089D695AC5A35F4C6F, D610071493EB95FCE39E24C457A0B5BBA131193159E43FDC1E8EDABB9C7AB81A ] DiagTrack       C:\Windows\system32\diagtrack.dll
20:51:40.0902 0x12f4  DiagTrack - ok
20:51:40.0955 0x12f4  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
20:51:41.0003 0x12f4  discache - ok
20:51:41.0076 0x12f4  [ B7B470F163002A0D0E381EE45834BF6B, 5B5E204341A6B1689C3F8717C41782B1A077A026F8B19DA3DE08CA44AB1D95B2 ] Disk            C:\Windows\system32\drivers\disk.sys
20:51:41.0089 0x12f4  Disk - ok
20:51:41.0111 0x12f4  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:51:41.0138 0x12f4  Dnscache - ok
20:51:41.0194 0x12f4  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:51:41.0251 0x12f4  dot3svc - ok
20:51:41.0324 0x12f4  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
20:51:41.0379 0x12f4  DPS - ok
20:51:41.0444 0x12f4  [ A3F684B866A7D89AE396276CE7AFD416, 1E4C034B7B106FA403B13842A199D88A33B492A577B58CDDAE0B4706266B9565 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:51:41.0507 0x12f4  drmkaud - ok
20:51:41.0555 0x12f4  [ 651554E483712B708EDE864D0CA1AA73, A016C03D630A2FF7FC44B826DEA890F5AC09DD270588CEAD05F63A5A0AC79249 ] DrvAgent32      C:\Windows\system32\Drivers\DrvAgent32.sys
20:51:41.0560 0x12f4  DrvAgent32 - detected UnsignedFile.Multi.Generic ( 1 )
20:51:41.0600 0x12f4  Detect skipped due to KSN trusted
20:51:41.0600 0x12f4  DrvAgent32 - ok
20:51:41.0659 0x12f4  [ E6B7D1B24E16FB24CE1FEA964E144EBC, 30F81E0A017163A1AB463FE3A13B5CC2905B973E782AEBC1EB63759BF2470658 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:51:41.0677 0x12f4  dtsoftbus01 - ok
20:51:41.0744 0x12f4  [ 4B21D102E49E9D44C478D6766A7FCBE5, 7CEEBCF81EE23876F039ED1222020D6F45FE6B3A5CE3BB93DDA3B8BBEAA15E47 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:51:41.0775 0x12f4  DXGKrnl - ok
20:51:41.0839 0x12f4  [ CF0A6015F437161698C5B2A0A12CF052, C23A777CF5D34C96B16A4A6197DA3F14CC2F8C56421E422BBD46617C941DBBCE ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
20:51:41.0897 0x12f4  e1express - ok
20:51:41.0957 0x12f4  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
20:51:42.0013 0x12f4  EapHost - ok
20:51:42.0158 0x12f4  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
20:51:42.0270 0x12f4  ebdrv - ok
20:51:42.0327 0x12f4  [ ADB8D10E0B612651B6674B1472F84F21, BA6E5804369B4BD4A3C9DC01A8274FB858A3DBBE24D6081DC0EBAF736B4A1F84 ] EFS             C:\Windows\System32\lsass.exe
20:51:42.0365 0x12f4  EFS - ok
20:51:42.0421 0x12f4  [ CE37E3D51912E59C80C6D84337C0B4CD, CE15CFFCF1D099DC6B9423746DDADCAE6BAFFCF037DD9F3FF154A8E69022A861 ] ElbyCDFL        C:\Windows\system32\Drivers\ElbyCDFL.sys
20:51:42.0434 0x12f4  ElbyCDFL - ok
20:51:42.0447 0x12f4  [ AAA8999A169E39FB8B48AE49CD6AC30A, 8137CE22D0D0FC5EA5B174D6AD3506A4949506477B1325DA2CCB76511F4C4F60 ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
20:51:42.0459 0x12f4  ElbyCDIO - ok
20:51:42.0521 0x12f4  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
20:51:42.0545 0x12f4  elxstor - ok
20:51:42.0576 0x12f4  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:51:42.0616 0x12f4  ErrDev - ok
20:51:42.0659 0x12f4  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
20:51:42.0692 0x12f4  EventSystem - ok
20:51:42.0707 0x12f4  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:51:42.0760 0x12f4  exfat - ok
20:51:42.0789 0x12f4  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:51:42.0844 0x12f4  fastfat - ok
20:51:42.0933 0x12f4  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
20:51:42.0969 0x12f4  Fax - ok
20:51:43.0016 0x12f4  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:51:43.0051 0x12f4  fdc - ok
20:51:43.0084 0x12f4  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
20:51:43.0120 0x12f4  fdPHost - ok
20:51:43.0129 0x12f4  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:51:43.0174 0x12f4  FDResPub - ok
20:51:43.0193 0x12f4  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:51:43.0207 0x12f4  FileInfo - ok
20:51:43.0219 0x12f4  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:51:43.0270 0x12f4  Filetrace - ok
20:51:43.0281 0x12f4  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:51:43.0296 0x12f4  flpydisk - ok
20:51:43.0313 0x12f4  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:51:43.0330 0x12f4  FltMgr - ok
20:51:43.0412 0x12f4  [ 23D3F12CA9DEB6EF02DEDC621EC661AC, AA3718715ADFE1666757BCD79D5A8DC591C2C5185802F51A27C119C4C30F360A ] FontCache       C:\Windows\system32\FntCache.dll
20:51:43.0478 0x12f4  FontCache - ok
20:51:43.0584 0x12f4  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:51:43.0597 0x12f4  FontCache3.0.0.0 - ok
20:51:43.0647 0x12f4  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:51:43.0661 0x12f4  FsDepends - ok
20:51:43.0689 0x12f4  [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk     C:\Windows\system32\FsUsbExDisk.SYS
20:51:43.0696 0x12f4  FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
20:51:43.0758 0x12f4  Detect skipped due to KSN trusted
20:51:43.0758 0x12f4  FsUsbExDisk - ok
20:51:43.0777 0x12f4  [ 0796C1E47ADB9825269E64B9DAB4E741, A9E476278428824FAE8B63B2B2CAC683EABD28E5B514925F6379593CB6CAB968 ] FsUsbExService  C:\Windows\system32\FsUsbExService.Exe
20:51:43.0788 0x12f4  FsUsbExService - detected UnsignedFile.Multi.Generic ( 1 )
20:51:43.0829 0x12f4  Detect skipped due to KSN trusted
20:51:43.0829 0x12f4  FsUsbExService - ok
20:51:43.0864 0x12f4  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:51:43.0878 0x12f4  Fs_Rec - ok
20:51:43.0910 0x12f4  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:51:43.0930 0x12f4  fvevol - ok
20:51:43.0985 0x12f4  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
20:51:43.0999 0x12f4  gagp30kx - ok
20:51:44.0063 0x12f4  [ 8DA745095F6B73BB5B8266BF773DA1FA, 3EA614A9B8D4F61704A8754B014C8F6AC60551435BC4D9F2E761955905DA89F3 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:51:44.0149 0x12f4  gpsvc - ok
20:51:44.0306 0x12f4  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:51:44.0320 0x12f4  gupdate - ok
20:51:44.0347 0x12f4  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:51:44.0361 0x12f4  gupdatem - ok
20:51:44.0384 0x12f4  [ 408DDD80EEDE47175F6844817B90213E, 836822885D90DAFFD25A7D7EE363F4DACD41AA4B59095243E2798B137DC55FE3 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:51:44.0400 0x12f4  gusvc - ok
20:51:44.0456 0x12f4  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:51:44.0516 0x12f4  hcw85cir - ok
20:51:44.0550 0x12f4  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:51:44.0568 0x12f4  HDAudBus - ok
20:51:44.0580 0x12f4  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
20:51:44.0614 0x12f4  HidBatt - ok
20:51:44.0643 0x12f4  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
20:51:44.0660 0x12f4  HidBth - ok
20:51:44.0722 0x12f4  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
20:51:44.0739 0x12f4  HidIr - ok
20:51:44.0793 0x12f4  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
20:51:44.0857 0x12f4  hidserv - ok
20:51:44.0940 0x12f4  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:51:44.0988 0x12f4  HidUsb - ok
20:51:45.0041 0x12f4  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:51:45.0082 0x12f4  hkmsvc - ok
20:51:45.0128 0x12f4  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:51:45.0150 0x12f4  HomeGroupListener - ok
20:51:45.0203 0x12f4  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:51:45.0222 0x12f4  HomeGroupProvider - ok
20:51:45.0254 0x12f4  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:51:45.0268 0x12f4  HpSAMD - ok
20:51:45.0331 0x12f4  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:51:45.0404 0x12f4  HTTP - ok
20:51:45.0453 0x12f4  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:51:45.0466 0x12f4  hwpolicy - ok
20:51:45.0484 0x12f4  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:51:45.0520 0x12f4  i8042prt - ok
20:51:45.0580 0x12f4  [ 9BCF5972C941B4B5CB60DED03CB9E300, 96D9410DA54DEC58A440F30F1FD426BDA959A9DF29882EA53EC4FE8F8DF315E9 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
20:51:45.0599 0x12f4  IAANTMON - ok
20:51:45.0655 0x12f4  [ 28AAE599496B4930B3F19026F2083BC4, 7C3531D645E5DA86C62C1CB9256450A19D27A454D89ECF5AE7AF9820B89553E8 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
20:51:45.0671 0x12f4  iaStor - ok
20:51:45.0694 0x12f4  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:51:45.0715 0x12f4  iaStorV - ok
20:51:45.0798 0x12f4  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:51:45.0834 0x12f4  idsvc - ok
20:51:45.0875 0x12f4  IEEtwCollectorService - ok
20:51:45.0928 0x12f4  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
20:51:45.0941 0x12f4  iirsp - ok
20:51:46.0015 0x12f4  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
20:51:46.0062 0x12f4  IKEEXT - ok
20:51:46.0211 0x12f4  [ 2790CC09422B6BEDAE9825AE289E9BB7, 2EE402EBA2915147C8950DEF8D047D98DF752A0B81358F2A09821CE0AB83073C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:51:46.0292 0x12f4  IntcAzAudAddService - ok
20:51:46.0345 0x12f4  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:51:46.0361 0x12f4  intelide - ok
20:51:46.0416 0x12f4  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:51:46.0451 0x12f4  intelppm - ok
20:51:46.0482 0x12f4  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:51:46.0537 0x12f4  IPBusEnum - ok
20:51:46.0569 0x12f4  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:51:46.0619 0x12f4  IpFilterDriver - ok
20:51:46.0663 0x12f4  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:51:46.0694 0x12f4  iphlpsvc - ok
20:51:46.0716 0x12f4  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:51:46.0748 0x12f4  IPMIDRV - ok
20:51:46.0800 0x12f4  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:51:46.0828 0x12f4  IPNAT - ok
20:51:46.0850 0x12f4  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:51:46.0913 0x12f4  IRENUM - ok
20:51:46.0939 0x12f4  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:51:46.0952 0x12f4  isapnp - ok
20:51:47.0005 0x12f4  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:51:47.0023 0x12f4  iScsiPrt - ok
20:51:47.0054 0x12f4  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:51:47.0067 0x12f4  kbdclass - ok
20:51:47.0086 0x12f4  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:51:47.0099 0x12f4  kbdhid - ok
20:51:47.0110 0x12f4  [ ADB8D10E0B612651B6674B1472F84F21, BA6E5804369B4BD4A3C9DC01A8274FB858A3DBBE24D6081DC0EBAF736B4A1F84 ] KeyIso          C:\Windows\system32\lsass.exe
20:51:47.0125 0x12f4  KeyIso - ok
20:51:47.0154 0x12f4  [ B2071121098F35650C62DE7D9CB45E60, EFBAE176530535E6A03DCA4B9AA4BF93E3A7FC5E92E043AA79D05769A6A7E520 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:51:47.0168 0x12f4  KSecDD - ok
20:51:47.0195 0x12f4  [ AA4D0F9EFDE0178F90C0EF3E82A42DB1, 82C3D1C700D8547656EFBD5E62D0939542B956C83D44CD5FB7BE77B06A4B06FF ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:51:47.0212 0x12f4  KSecPkg - ok
20:51:47.0278 0x12f4  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:51:47.0324 0x12f4  KtmRm - ok
20:51:47.0378 0x12f4  [ 0C6E346CDE730CF1356DD69AD6E9BC42, 75FD3E138D18FD602E38E446AA8CD29E8D60A8B64C863E59DA5EC08B717F16CA ] L8042Kbd        C:\Windows\system32\DRIVERS\L8042Kbd.sys
20:51:47.0388 0x12f4  L8042Kbd - ok
20:51:47.0403 0x12f4  [ 8A5993705ADD14352C9A279FA8338334, D1EA18B82DED503B81214A797F4B074D62B73E0C19579B4A7122CE6FBD005C34 ] L8042mou        C:\Windows\system32\DRIVERS\L8042mou.Sys
20:51:47.0414 0x12f4  L8042mou - ok
20:51:47.0476 0x12f4  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:51:47.0516 0x12f4  LanmanServer - ok
20:51:47.0537 0x12f4  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:51:47.0565 0x12f4  LanmanWorkstation - ok
20:51:47.0680 0x12f4  [ 3AF6B73A3AD1FC37C5933441F66CEB91, F83C709C53DF482D123B2F6EEFE65FB1EBFED8C9F29C29C5500702076745C2DA ] LBTServ         C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
20:51:47.0703 0x12f4  LBTServ - ok
20:51:47.0762 0x12f4  [ 7F9C7B28CF1C859E1C42619EEA946DC8, 098082174C549D67B4B2259702018989A39A8641339EE7CB1E7651F9F508A4B9 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
20:51:47.0773 0x12f4  LHidFilt - ok
20:51:47.0802 0x12f4  [ 108333981C841EB0FF198AA5DFCF3D3B, 726B4BEA813F18668A0682D1D427F6E3676A2EA2501EB7E64199B65D23F45FC8 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
20:51:47.0837 0x12f4  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
20:51:47.0878 0x12f4  Detect skipped due to KSN trusted
20:51:47.0878 0x12f4  LightScribeService - ok
20:51:47.0946 0x12f4  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:51:47.0997 0x12f4  lltdio - ok
20:51:48.0047 0x12f4  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:51:48.0104 0x12f4  lltdsvc - ok
20:51:48.0129 0x12f4  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:51:48.0176 0x12f4  lmhosts - ok
20:51:48.0256 0x12f4  [ AB33792A87285344F43B5CE23421BAB0, 79E327764350A6F3F0E25F3295D0C70620EFD5252C0C765446210B67C62568FF ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
20:51:48.0266 0x12f4  LMouFilt - ok
20:51:48.0330 0x12f4  [ 9837E55673818ECD8FEBB47F7F77521A, 75DD22E1CB38BBE796EC6918D03E8106B05B977A53FACEB2AFEB8D4D222F383B ] LMouKE          C:\Windows\system32\DRIVERS\LMouKE.Sys
20:51:48.0341 0x12f4  LMouKE - ok
20:51:48.0365 0x12f4  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
20:51:48.0380 0x12f4  LSI_FC - ok
20:51:48.0441 0x12f4  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
20:51:48.0456 0x12f4  LSI_SAS - ok
20:51:48.0476 0x12f4  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:51:48.0490 0x12f4  LSI_SAS2 - ok
20:51:48.0505 0x12f4  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:51:48.0521 0x12f4  LSI_SCSI - ok
20:51:48.0530 0x12f4  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:51:48.0581 0x12f4  luafv - ok
20:51:48.0632 0x12f4  [ 77030525CD86A93F1AF34FA9B96D33CE, 6EF46B127B0BD0C10E9FAB24EE3D53483124C97BD5BDD322C217BB9255715A0E ] LUsbFilt        C:\Windows\system32\Drivers\LUsbFilt.Sys
20:51:48.0643 0x12f4  LUsbFilt - ok
20:51:48.0719 0x12f4  [ C3ED67C05F3923F9A8FEBA7A996337E1, 0A092A22339A9BFFAAB4A8A7C795480C058C0360C743BDF5D5DE042825F464A7 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
20:51:48.0737 0x12f4  McComponentHostService - ok
20:51:48.0783 0x12f4  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
20:51:48.0798 0x12f4  megasas - ok
20:51:48.0844 0x12f4  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
20:51:48.0862 0x12f4  MegaSR - ok
20:51:48.0960 0x12f4  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
20:51:49.0004 0x12f4  Microsoft Office Groove Audit Service - ok
20:51:49.0039 0x12f4  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
20:51:49.0066 0x12f4  MMCSS - ok
20:51:49.0082 0x12f4  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
20:51:49.0108 0x12f4  Modem - ok
20:51:49.0160 0x12f4  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:51:49.0197 0x12f4  monitor - ok
20:51:49.0241 0x12f4  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:51:49.0254 0x12f4  mouclass - ok
20:51:49.0267 0x12f4  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:51:49.0280 0x12f4  mouhid - ok
20:51:49.0325 0x12f4  [ BAD9C0366134BA181514E9263C8CE606, 7976B2D3DC283ACDBC21C7D197C0E2A650E6555F6569283302766B17D736BDB8 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:51:49.0340 0x12f4  mountmgr - ok
20:51:49.0355 0x12f4  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:51:49.0371 0x12f4  mpio - ok
20:51:49.0391 0x12f4  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:51:49.0416 0x12f4  mpsdrv - ok
20:51:49.0478 0x12f4  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:51:49.0538 0x12f4  MpsSvc - ok
20:51:49.0580 0x12f4  [ 6430A074F6E32176FBEF2DEB110AE952, 0161B3CBCF427F5F9C47EDBA7F6848D9D6EB58B7EF203881E0D288B5ABAEEB98 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:51:49.0611 0x12f4  MRxDAV - ok
20:51:49.0658 0x12f4  [ 89CC31A9E81F840D914ABC2E3BD70F9C, 97E6C5A75E38AEFB31DEF14B154F83ED910D3F12F0C0CB2D044DF6315CA7E27B ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:51:49.0698 0x12f4  mrxsmb - ok
20:51:49.0721 0x12f4  [ 36E6FFBBEC96725A33CEDE538258CCDA, 79BEA07C13B539EC3436ABDF1BDFA21A7A80529E5609DAAAD6A36E3546742A2A ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:51:49.0757 0x12f4  mrxsmb10 - ok
20:51:49.0778 0x12f4  [ 7974D617D78D78689BF3AA7D51EC6AD5, B5F4FDFF713665DE54B3161B15257845305266DC3397EB278E9150F577385576 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:51:49.0817 0x12f4  mrxsmb20 - ok
20:51:49.0851 0x12f4  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:51:49.0864 0x12f4  msahci - ok
20:51:49.0880 0x12f4  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:51:49.0895 0x12f4  msdsm - ok
20:51:49.0946 0x12f4  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
20:51:49.0990 0x12f4  MSDTC - ok
20:51:50.0031 0x12f4  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:51:50.0057 0x12f4  Msfs - ok
20:51:50.0070 0x12f4  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:51:50.0114 0x12f4  mshidkmdf - ok
20:51:50.0148 0x12f4  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:51:50.0161 0x12f4  msisadrv - ok
20:51:50.0219 0x12f4  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:51:50.0247 0x12f4  MSiSCSI - ok
20:51:50.0252 0x12f4  msiserver - ok
20:51:50.0275 0x12f4  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:51:50.0316 0x12f4  MSKSSRV - ok
20:51:50.0336 0x12f4  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:51:50.0361 0x12f4  MSPCLOCK - ok
20:51:50.0410 0x12f4  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:51:50.0435 0x12f4  MSPQM - ok
20:51:50.0449 0x12f4  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:51:50.0467 0x12f4  MsRPC - ok
20:51:50.0488 0x12f4  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
20:51:50.0501 0x12f4  mssmbios - ok
20:51:50.0512 0x12f4  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:51:50.0560 0x12f4  MSTEE - ok
20:51:50.0584 0x12f4  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
20:51:50.0613 0x12f4  MTConfig - ok
20:51:50.0634 0x12f4  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:51:50.0648 0x12f4  Mup - ok
20:51:50.0703 0x12f4  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
20:51:50.0737 0x12f4  napagent - ok
20:51:50.0801 0x12f4  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:51:50.0823 0x12f4  NativeWifiP - ok
20:51:50.0888 0x12f4  [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:51:50.0920 0x12f4  NDIS - ok
20:51:50.0938 0x12f4  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:51:50.0964 0x12f4  NdisCap - ok
20:51:50.0982 0x12f4  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:51:51.0007 0x12f4  NdisTapi - ok
20:51:51.0057 0x12f4  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:51:51.0083 0x12f4  Ndisuio - ok
20:51:51.0136 0x12f4  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:51:51.0187 0x12f4  NdisWan - ok
20:51:51.0220 0x12f4  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:51:51.0246 0x12f4  NDProxy - ok
20:51:51.0295 0x12f4  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:51:51.0321 0x12f4  NetBIOS - ok
20:51:51.0375 0x12f4  [ A00996C9BFEF29A93B9F21DBE1DC502D, A97982CBBC2E240B0CD884ED3ED5D11B207DA8E7BEF73DCEA44E16E1CD84222F ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:51:51.0440 0x12f4  NetBT - ok
20:51:51.0452 0x12f4  [ ADB8D10E0B612651B6674B1472F84F21, BA6E5804369B4BD4A3C9DC01A8274FB858A3DBBE24D6081DC0EBAF736B4A1F84 ] Netlogon        C:\Windows\system32\lsass.exe
20:51:51.0466 0x12f4  Netlogon - ok
20:51:51.0522 0x12f4  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
20:51:51.0581 0x12f4  Netman - ok
20:51:51.0652 0x12f4  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:51:51.0670 0x12f4  NetMsmqActivator - ok
20:51:51.0676 0x12f4  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:51:51.0693 0x12f4  NetPipeActivator - ok
20:51:51.0718 0x12f4  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
20:51:51.0765 0x12f4  netprofm - ok
20:51:51.0833 0x12f4  [ 27EE4B406E2F26F6117A9A420BD4CB65, D4EB07F56A1D1F0DA2197AB80917036A057A543F837CE5B102EE4F4ACA4606A7 ] netr28u         C:\Windows\system32\DRIVERS\netr28u.sys
20:51:51.0865 0x12f4  netr28u - ok
20:51:51.0884 0x12f4  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:51:51.0901 0x12f4  NetTcpActivator - ok
20:51:51.0907 0x12f4  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:51:51.0924 0x12f4  NetTcpPortSharing - ok
20:51:51.0983 0x12f4  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
20:51:51.0997 0x12f4  nfrd960 - ok
20:51:52.0054 0x12f4  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:51:52.0078 0x12f4  NlaSvc - ok
20:51:52.0092 0x12f4  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:51:52.0143 0x12f4  Npfs - ok
20:51:52.0201 0x12f4  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
20:51:52.0227 0x12f4  nsi - ok
20:51:52.0237 0x12f4  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:51:52.0263 0x12f4  nsiproxy - ok
20:51:52.0364 0x12f4  [ 978E7A2E4BF4E8E70D0776EF0D9E97FB, B6C82BB9B3025FD2D37B6AB6FA9C2944F8B3020CD4588BE464CE73A992B7FF00 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:51:52.0410 0x12f4  Ntfs - ok
20:51:52.0461 0x12f4  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
20:51:52.0514 0x12f4  Null - ok
20:51:52.0815 0x12f4  [ 484844C0D892B42ECC5E6B063D072A38, 9687991EE45F8993F1D03D8E2409F74E20C72421CEE26F517B40384A95EF7287 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:51:53.0188 0x12f4  nvlddmkm - ok
20:51:53.0245 0x12f4  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:51:53.0266 0x12f4  nvraid - ok
20:51:53.0303 0x12f4  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:51:53.0320 0x12f4  nvstor - ok
20:51:53.0376 0x12f4  [ 1A78B86DC0903134050A846FC7291FF9, C297CA17553185B349AE609B1192486ED8B41F2608F1FE14A78BCB2F81F7A1BF ] nvsvc           C:\Windows\system32\nvvsvc.exe
20:51:53.0393 0x12f4  nvsvc - ok
20:51:53.0417 0x12f4  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:51:53.0433 0x12f4  nv_agp - ok
20:51:53.0502 0x12f4  [ 1DB56FB91B2F7E5A236CA41018C749B4, A990FDD2349E61411CFE7A858C8AE9F0B5781C0D2B43AB37D2306E66F7CA8DBD ] NWIM            C:\Windows\system32\DRIVERS\avmnwim.sys
20:51:53.0521 0x12f4  NWIM - ok
20:51:53.0569 0x12f4  [ FC09597B87DE886027DDB3E5235B12DE, 91D63F9A49C8C235E640DBB1083E9BC9138354F677FE42A42CAE29524231AFD3 ] nwtsrv          C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
20:51:53.0583 0x12f4  nwtsrv - ok
20:51:53.0737 0x12f4  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:51:53.0759 0x12f4  odserv - ok
20:51:53.0793 0x12f4  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:51:53.0826 0x12f4  ohci1394 - ok
20:51:53.0893 0x12f4  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:51:53.0906 0x12f4  ose - ok
20:51:53.0967 0x12f4  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:51:54.0036 0x12f4  p2pimsvc - ok
20:51:54.0067 0x12f4  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:51:54.0091 0x12f4  p2psvc - ok
20:51:54.0136 0x12f4  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
20:51:54.0152 0x12f4  Parport - ok
20:51:54.0168 0x12f4  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:51:54.0182 0x12f4  partmgr - ok
20:51:54.0195 0x12f4  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
20:51:54.0209 0x12f4  Parvdm - ok
20:51:54.0260 0x12f4  [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:51:54.0285 0x12f4  PcaSvc - ok
20:51:54.0330 0x12f4  [ FD2041E9BA03DB7764B2248F02475079, DECEED110524BF83B4097188BF24BF0DDE1CE838DF7748B0DC807ABE351EB20A ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
20:51:54.0386 0x12f4  pccsmcfd - ok
20:51:54.0413 0x12f4  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
20:51:54.0430 0x12f4  pci - ok
20:51:54.0476 0x12f4  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:51:54.0489 0x12f4  pciide - ok
20:51:54.0541 0x12f4  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
20:51:54.0559 0x12f4  pcmcia - ok
20:51:54.0653 0x12f4  [ 7EB95AA73D657A2DA9D8CFC336F4F48F, 7FCDFC3CBAB60E14FC87117B3C8683EEBD3F4FB9E1487E8BEDC620C2DBB565C8 ] PCSUService     C:\Program Files\PC Beschleunigen\PCSUService.exe
20:51:54.0662 0x12f4  PCSUService - detected UnsignedFile.Multi.Generic ( 1 )
20:51:54.0701 0x12f4  Detect skipped due to KSN trusted
20:51:54.0702 0x12f4  PCSUService - ok
20:51:54.0710 0x12f4  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:51:54.0723 0x12f4  pcw - ok
20:51:54.0853 0x12f4  [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files\PDF Architect\HelperService.exe
20:51:54.0899 0x12f4  PDF Architect Helper Service - ok
20:51:54.0955 0x12f4  [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files\PDF Architect\ConversionService.exe
20:51:54.0985 0x12f4  PDF Architect Service - ok
20:51:55.0056 0x12f4  [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:51:55.0086 0x12f4  PEAUTH - ok
20:51:55.0178 0x12f4  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
20:51:55.0244 0x12f4  pla - ok
20:51:55.0276 0x12f4  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:51:55.0354 0x12f4  PlugPlay - ok
20:51:55.0405 0x12f4  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:51:55.0428 0x12f4  PNRPAutoReg - ok
20:51:55.0450 0x12f4  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:51:55.0470 0x12f4  PNRPsvc - ok
20:51:55.0533 0x12f4  [ A2FEA7E16D8D056D2FF1EE93F9C73FB1, 6BC8C1B37274B50573F3DAC043DBD9B29B93F527290392842CD94910014D0C74 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:51:55.0570 0x12f4  PolicyAgent - ok
20:51:55.0630 0x12f4  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
20:51:55.0659 0x12f4  Power - ok
20:51:55.0715 0x12f4  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:51:55.0744 0x12f4  PptpMiniport - ok
20:51:55.0766 0x12f4  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
20:51:55.0800 0x12f4  Processor - ok
20:51:55.0844 0x12f4  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:51:55.0896 0x12f4  ProfSvc - ok
20:51:55.0918 0x12f4  [ ADB8D10E0B612651B6674B1472F84F21, BA6E5804369B4BD4A3C9DC01A8274FB858A3DBBE24D6081DC0EBAF736B4A1F84 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:51:55.0932 0x12f4  ProtectedStorage - ok
20:51:55.0952 0x12f4  [ F115AF58ABE5605D7D709CBFBD83F418, 4855FCD6E455D6E374CE92E5B37D61E7E6D8A861BA76521E7CC2542621853471 ] ProtexisLicensing C:\Windows\system32\PSIService.exe
20:51:55.0967 0x12f4  ProtexisLicensing - ok
20:51:55.0993 0x12f4  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:51:56.0022 0x12f4  Psched - ok
20:51:56.0122 0x12f4  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
20:51:56.0171 0x12f4  ql2300 - ok
20:51:56.0195 0x12f4  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
20:51:56.0210 0x12f4  ql40xx - ok
20:51:56.0266 0x12f4  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
20:51:56.0290 0x12f4  QWAVE - ok
20:51:56.0303 0x12f4  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:51:56.0342 0x12f4  QWAVEdrv - ok
20:51:56.0369 0x12f4  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:51:56.0395 0x12f4  RasAcd - ok
20:51:56.0447 0x12f4  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:51:56.0495 0x12f4  RasAgileVpn - ok
20:51:56.0524 0x12f4  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
20:51:56.0554 0x12f4  RasAuto - ok
20:51:56.0575 0x12f4  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:51:56.0622 0x12f4  Rasl2tp - ok
20:51:56.0670 0x12f4  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
20:51:56.0703 0x12f4  RasMan - ok
20:51:56.0717 0x12f4  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:51:56.0759 0x12f4  RasPppoe - ok
20:51:56.0806 0x12f4  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:51:56.0849 0x12f4  RasSstp - ok
20:51:56.0894 0x12f4  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:51:56.0940 0x12f4  rdbss - ok
20:51:56.0959 0x12f4  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
20:51:56.0993 0x12f4  rdpbus - ok
20:51:57.0036 0x12f4  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:51:57.0082 0x12f4  RDPCDD - ok
20:51:57.0112 0x12f4  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:51:57.0137 0x12f4  RDPENCDD - ok
20:51:57.0188 0x12f4  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:51:57.0213 0x12f4  RDPREFMP - ok
20:51:57.0312 0x12f4  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:51:57.0343 0x12f4  RdpVideoMiniport - ok
20:51:57.0393 0x12f4  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:51:57.0472 0x12f4  RDPWD - ok
20:51:57.0537 0x12f4  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:51:57.0554 0x12f4  rdyboost - ok
20:51:57.0607 0x12f4  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:51:57.0634 0x12f4  RemoteAccess - ok
20:51:57.0695 0x12f4  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:51:57.0744 0x12f4  RemoteRegistry - ok
20:51:57.0798 0x12f4  [ 7CCAEBCAB6FC1ED0206C07E083E79207, 40BFA1BEDFF093652279494EDD397FC094794B76916C2681D0544D6793314DFE ] RichVideo       C:\Program Files\Cyberlink\Shared files\RichVideo.exe
20:51:57.0814 0x12f4  RichVideo - ok
20:51:57.0897 0x12f4  [ B60F58F175DE20A6739194E85B035178, 6E66D6041AF0B69896E4556F9FF3A3AA70CF4B09FFBE68E14E60313C5E3FFDDB ] rpcapd          C:\Program Files\WinPcap\rpcapd.exe
20:51:57.0910 0x12f4  rpcapd - ok
20:51:57.0932 0x12f4  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:51:57.0960 0x12f4  RpcEptMapper - ok
20:51:58.0015 0x12f4  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
20:51:58.0054 0x12f4  RpcLocator - ok
20:51:58.0098 0x12f4  [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] RpcSs           C:\Windows\system32\rpcss.dll
20:51:58.0121 0x12f4  RpcSs - ok
20:51:58.0182 0x12f4  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:51:58.0230 0x12f4  rspndr - ok
20:51:58.0327 0x12f4  [ CCDDFF7573F8D12831F98435108F03F1, 2FE0A286BC8F331C34775EE886980975DEBA39195C1186190D8E520A389DA040 ] rtop            C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
20:51:58.0345 0x12f4  rtop - ok
20:51:58.0361 0x12f4  [ ADB8D10E0B612651B6674B1472F84F21, BA6E5804369B4BD4A3C9DC01A8274FB858A3DBBE24D6081DC0EBAF736B4A1F84 ] SamSs           C:\Windows\system32\lsass.exe
20:51:58.0375 0x12f4  SamSs - ok
20:51:58.0401 0x12f4  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:51:58.0415 0x12f4  sbp2port - ok
20:51:58.0466 0x12f4  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:51:58.0507 0x12f4  SCardSvr - ok
20:51:58.0555 0x12f4  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:51:58.0580 0x12f4  scfilter - ok
20:51:58.0665 0x12f4  [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule        C:\Windows\system32\schedsvc.dll
20:51:58.0705 0x12f4  Schedule - ok
20:51:58.0756 0x12f4  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:51:58.0784 0x12f4  SCPolicySvc - ok
20:51:58.0832 0x12f4  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:51:58.0859 0x12f4  SDRSVC - ok
20:51:58.0914 0x12f4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:51:58.0928 0x12f4  secdrv - ok
20:51:58.0974 0x12f4  [ 38CBFFED5FC39CDFE6B4014401ED2629, 7BA730E2EDB8387190E45DA2F475BFE42AB3B12319DE088BD8E9F59227EDA4DD ] seclogon        C:\Windows\system32\seclogon.dll
20:51:59.0011 0x12f4  seclogon - ok
20:51:59.0043 0x12f4  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
20:51:59.0073 0x12f4  SENS - ok
20:51:59.0144 0x12f4  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:51:59.0202 0x12f4  SensrSvc - ok
20:51:59.0222 0x12f4  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
20:51:59.0261 0x12f4  Serenum - ok
20:51:59.0300 0x12f4  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
20:51:59.0316 0x12f4  Serial - ok
20:51:59.0331 0x12f4  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
20:51:59.0357 0x12f4  sermouse - ok
20:51:59.0426 0x12f4  [ 12B41D84A4D058ADC60853C365DBFCCA, E53454E065F505DCF55D45AEFCC2F9EC45F2ED71BE64CC7F224E9736578B1AD4 ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
20:51:59.0468 0x12f4  ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
20:51:59.0515 0x12f4  Detect skipped due to KSN trusted
20:51:59.0515 0x12f4  ServiceLayer - ok
20:51:59.0565 0x12f4  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:51:59.0606 0x12f4  SessionEnv - ok
20:51:59.0641 0x12f4  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:51:59.0683 0x12f4  sffdisk - ok
20:51:59.0706 0x12f4  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:51:59.0727 0x12f4  sffp_mmc - ok
20:51:59.0743 0x12f4  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:51:59.0788 0x12f4  sffp_sd - ok
20:51:59.0821 0x12f4  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
20:51:59.0870 0x12f4  sfloppy - ok
20:51:59.0970 0x12f4  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:52:00.0030 0x12f4  SharedAccess - ok
20:52:00.0062 0x12f4  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:52:00.0097 0x12f4  ShellHWDetection - ok
20:52:00.0109 0x12f4  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
20:52:00.0127 0x12f4  sisagp - ok
20:52:00.0187 0x12f4  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:52:00.0201 0x12f4  SiSRaid2 - ok
20:52:00.0233 0x12f4  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
20:52:00.0248 0x12f4  SiSRaid4 - ok
20:52:00.0391 0x12f4  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
20:52:00.0414 0x12f4  SkypeUpdate - ok
20:52:00.0448 0x12f4  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:52:00.0477 0x12f4  Smb - ok
20:52:00.0547 0x12f4  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:52:00.0588 0x12f4  SNMPTRAP - ok
20:52:00.0628 0x12f4  [ 4945020BC094C322571184A6E8056B3A, 9E09257411F7C3631537D0198E0E64CDD1A697D80430F6379139B15A2BA8A6C9 ] SolidWorks Licensing Service C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
20:52:00.0646 0x12f4  SolidWorks Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
20:52:00.0687 0x12f4  Detect skipped due to KSN trusted
20:52:00.0687 0x12f4  SolidWorks Licensing Service - ok
20:52:00.0730 0x12f4  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:52:00.0744 0x12f4  spldr - ok
20:52:00.0763 0x12f4  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
20:52:00.0831 0x12f4  Spooler - ok
20:52:00.0972 0x12f4  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
20:52:01.0106 0x12f4  sppsvc - ok
20:52:01.0148 0x12f4  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:52:01.0201 0x12f4  sppuinotify - ok
20:52:01.0252 0x12f4  [ D15DA1BA189770D93EEA2D7E18F95AF9, 9B0BB676CF0CD1AACE915A624F13939CB152F136E13F58E6156984BD92F6BA2E ] sptd            C:\Windows\system32\Drivers\sptd.sys
20:52:01.0282 0x12f4  sptd - ok
20:52:01.0343 0x12f4  [ 96F6EC5161B177272900847C2AC9808B, 8D4EEB7B28ADDC76E20EEAA6D5FCC217E08563D282B4CAFBDCEC1F9781D7B6BA ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:52:01.0364 0x12f4  srv - ok
20:52:01.0378 0x12f4  [ B6498636ECD025E9B334199347FAB2A1, C564074D74E5ABC7ACB128F9F24352D1A3A385B8AF34897056ECE79637D21AFC ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:52:01.0399 0x12f4  srv2 - ok
20:52:01.0412 0x12f4  [ FA3853686F5287E5DB8F5199E13CF27C, D162E5E2F89242708DFB7DE98E8E0109712B692A7029ED56427A6C8C0C6D478F ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:52:01.0462 0x12f4  srvnet - ok
20:52:01.0531 0x12f4  [ BB6EDB0257860083193CC1581AC7D485, DE2A6AA57C48D4FACF155C2FD876D5F3238A9107F8313FB3D0BF7CE34B0ED559 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
20:52:01.0546 0x12f4  ssadbus - ok
20:52:01.0603 0x12f4  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:52:01.0634 0x12f4  SSDPSRV - ok
20:52:01.0647 0x12f4  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:52:01.0675 0x12f4  SstpSvc - ok
20:52:01.0711 0x12f4  [ 585FDB94DB04AC1C56298D1FD1F1389E, 5CEBAAF3B649E580B3EF2B9B38426D6EE13B244BE1274BA0C0A468EC4CFB680C ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
20:52:01.0727 0x12f4  ssudmdm - ok
20:52:01.0783 0x12f4  [ F92254B0BCFCD10CAAC7BCCC7CB7F467, A44B569F658BED53502C9155947759EE67FABEE306DA2A9ABE87141F99B251A3 ] StarOpen        C:\Windows\system32\drivers\StarOpen.sys
20:52:01.0797 0x12f4  StarOpen - detected UnsignedFile.Multi.Generic ( 1 )
20:52:01.0853 0x12f4  Detect skipped due to KSN trusted
20:52:01.0853 0x12f4  StarOpen - ok
20:52:01.0908 0x12f4  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
20:52:01.0921 0x12f4  stexstor - ok
20:52:01.0977 0x12f4  [ EDB05BD63148796F23EA78506404A538, 8EBF623D3DEB6CCAC75AAFCF8B23271029A28BE29D459088E40FBF109E80AA17 ] StillCam        C:\Windows\system32\drivers\serscan.sys
20:52:02.0032 0x12f4  StillCam - ok
20:52:02.0106 0x12f4  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
20:52:02.0138 0x12f4  StiSvc - ok
20:52:02.0152 0x12f4  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
20:52:02.0165 0x12f4  swenum - ok
20:52:02.0220 0x12f4  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
20:52:02.0275 0x12f4  swprv - ok
20:52:02.0340 0x12f4  [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain         C:\Windows\system32\sysmain.dll
20:52:02.0393 0x12f4  SysMain - ok
20:52:02.0447 0x12f4  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
20:52:02.0490 0x12f4  TabletInputService - ok
20:52:02.0524 0x12f4  [ 432D9D823C4C26B6070C41BAD4404CE4, 741B41F7467D312AF4CC733EA31F647FBCD06985CBB6A14117E8A87A6F7B06F5 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
20:52:02.0539 0x12f4  tap0901 - ok
20:52:02.0602 0x12f4  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:52:02.0634 0x12f4  TapiSrv - ok
20:52:02.0731 0x12f4  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:52:02.0778 0x12f4  Tcpip - ok
20:52:02.0816 0x12f4  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:52:02.0857 0x12f4  TCPIP6 - ok
20:52:02.0881 0x12f4  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:52:02.0921 0x12f4  tcpipreg - ok
20:52:02.0960 0x12f4  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:52:02.0983 0x12f4  TDPIPE - ok
20:52:02.0994 0x12f4  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:52:03.0008 0x12f4  TDTCP - ok
20:52:03.0060 0x12f4  [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:52:03.0075 0x12f4  tdx - ok
20:52:03.0318 0x12f4  [ DF4A7E1E2BA788E28747F1EF49692ED6, 3417C0C713AB086E31CA20D6DCE923FF224093CFF2BAA6F29DCCBD2BEE5EEED6 ] TeamViewer9     C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
20:52:03.0467 0x12f4  TeamViewer9 - ok
20:52:03.0501 0x12f4  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
20:52:03.0515 0x12f4  TermDD - ok
20:52:03.0572 0x12f4  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
20:52:03.0609 0x12f4  TermService - ok
20:52:03.0661 0x12f4  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
20:52:03.0701 0x12f4  Themes - ok
20:52:03.0706 0x12f4  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
20:52:03.0735 0x12f4  THREADORDER - ok
20:52:03.0752 0x12f4  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
20:52:03.0804 0x12f4  TrkWks - ok
20:52:03.0838 0x12f4  [ ED5E4CE36C54F55E7698642E94D32EC7, 07BD324083D1784F8F716C528D530003369E6D87EFC7B79BCAA1767F80DA4FDC ] truecrypt       C:\Windows\system32\drivers\truecrypt.sys
20:52:03.0857 0x12f4  truecrypt - ok
20:52:03.0954 0x12f4  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:52:03.0984 0x12f4  TrustedInstaller - ok
20:52:04.0034 0x12f4  [ B89F89A2308E9569A1022A50F78C5506, 375C4A11F78A1335269657012DC57093C6E1A7B1460094B0C265179409F01554 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:52:04.0061 0x12f4  tssecsrv - ok
20:52:04.0114 0x12f4  [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:52:04.0153 0x12f4  TsUsbFlt - ok
20:52:04.0214 0x12f4  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:52:04.0241 0x12f4  tunnel - ok
20:52:04.0290 0x12f4  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
20:52:04.0304 0x12f4  uagp35 - ok
20:52:04.0323 0x12f4  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:52:04.0356 0x12f4  udfs - ok
20:52:04.0411 0x12f4  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:52:04.0428 0x12f4  UI0Detect - ok
20:52:04.0451 0x12f4  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:52:04.0465 0x12f4  uliagpkx - ok
20:52:04.0498 0x12f4  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\drivers\umbus.sys
20:52:04.0515 0x12f4  umbus - ok
20:52:04.0567 0x12f4  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
20:52:04.0603 0x12f4  UmPass - ok
20:52:04.0632 0x12f4  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
20:52:04.0688 0x12f4  upnphost - ok
20:52:04.0729 0x12f4  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:52:04.0750 0x12f4  usbccgp - ok
20:52:04.0807 0x12f4  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:52:04.0850 0x12f4  usbcir - ok
20:52:04.0903 0x12f4  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
20:52:04.0917 0x12f4  usbehci - ok
20:52:04.0937 0x12f4  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:52:04.0978 0x12f4  usbhub - ok
20:52:05.0007 0x12f4  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:52:05.0020 0x12f4  usbohci - ok
20:52:05.0078 0x12f4  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:52:05.0095 0x12f4  usbprint - ok
20:52:05.0142 0x12f4  [ 144DA53294922A84FFAA3D90B1453745, A8DC6B534E4526E2226CF6C9D53A4B6B251D2F23728E41737063D24024C5266F ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:52:05.0168 0x12f4  USBSTOR - ok
20:52:05.0194 0x12f4  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
20:52:05.0220 0x12f4  usbuhci - ok
20:52:05.0257 0x12f4  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
20:52:05.0306 0x12f4  UxSms - ok
20:52:05.0335 0x12f4  [ ADB8D10E0B612651B6674B1472F84F21, BA6E5804369B4BD4A3C9DC01A8274FB858A3DBBE24D6081DC0EBAF736B4A1F84 ] VaultSvc        C:\Windows\system32\lsass.exe
20:52:05.0349 0x12f4  VaultSvc - ok
20:52:05.0364 0x12f4  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:52:05.0378 0x12f4  vdrvroot - ok
20:52:05.0438 0x12f4  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
20:52:05.0476 0x12f4  vds - ok
20:52:05.0531 0x12f4  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:52:05.0556 0x12f4  vga - ok
20:52:05.0570 0x12f4  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:52:05.0596 0x12f4  VgaSave - ok
20:52:05.0620 0x12f4  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:52:05.0637 0x12f4  vhdmp - ok
20:52:05.0664 0x12f4  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
20:52:05.0679 0x12f4  viaagp - ok
20:52:05.0695 0x12f4  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
20:52:05.0711 0x12f4  ViaC7 - ok
20:52:05.0763 0x12f4  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:52:05.0776 0x12f4  viaide - ok
20:52:05.0790 0x12f4  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:52:05.0804 0x12f4  volmgr - ok
20:52:05.0854 0x12f4  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:52:05.0874 0x12f4  volmgrx - ok
20:52:05.0894 0x12f4  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:52:05.0913 0x12f4  volsnap - ok
20:52:05.0938 0x12f4  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
20:52:05.0955 0x12f4  vsmraid - ok
20:52:06.0025 0x12f4  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
20:52:06.0079 0x12f4  VSS - ok
20:52:06.0208 0x12f4  [ 42E5B5428401F7CB56A5D585DCE46982, 1A2A24D32E1B1408071408BA9ADCE9A84A4E92C7B81469FCF9DC65EB8F0AFF89 ] vToolbarUpdater18.1.9 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
20:52:06.0267 0x12f4  vToolbarUpdater18.1.9 - ok
20:52:06.0284 0x12f4  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:52:06.0319 0x12f4  vwifibus - ok
20:52:06.0360 0x12f4  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:52:06.0397 0x12f4  vwififlt - ok
20:52:06.0423 0x12f4  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
20:52:06.0468 0x12f4  vwifimp - ok
20:52:06.0518 0x12f4  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
20:52:06.0556 0x12f4  W32Time - ok
20:52:06.0571 0x12f4  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
20:52:06.0595 0x12f4  WacomPen - ok
20:52:06.0652 0x12f4  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:52:06.0679 0x12f4  WANARP - ok
20:52:06.0685 0x12f4  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:52:06.0712 0x12f4  Wanarpv6 - ok
20:52:06.0773 0x12f4  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
20:52:06.0832 0x12f4  WatAdminSvc - ok
20:52:06.0915 0x12f4  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
20:52:06.0974 0x12f4  wbengine - ok
20:52:07.0033 0x12f4  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:52:07.0062 0x12f4  WbioSrvc - ok
20:52:07.0117 0x12f4  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:52:07.0144 0x12f4  wcncsvc - ok
20:52:07.0158 0x12f4  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:52:07.0198 0x12f4  WcsPlugInService - ok
20:52:07.0244 0x12f4  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
20:52:07.0260 0x12f4  Wd - ok
20:52:07.0334 0x12f4  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:52:07.0365 0x12f4  Wdf01000 - ok
20:52:07.0423 0x12f4  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:52:07.0458 0x12f4  WdiServiceHost - ok
20:52:07.0465 0x12f4  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:52:07.0482 0x12f4  WdiSystemHost - ok
20:52:07.0528 0x12f4  [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient       C:\Windows\System32\webclnt.dll
20:52:07.0558 0x12f4  WebClient - ok
20:52:07.0611 0x12f4  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:52:07.0667 0x12f4  Wecsvc - ok
20:52:07.0697 0x12f4  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:52:07.0729 0x12f4  wercplsupport - ok
20:52:07.0786 0x12f4  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
20:52:07.0837 0x12f4  WerSvc - ok
20:52:07.0906 0x12f4  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:52:07.0935 0x12f4  WfpLwf - ok
20:52:07.0947 0x12f4  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:52:07.0960 0x12f4  WIMMount - ok
20:52:08.0044 0x12f4  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
20:52:08.0088 0x12f4  WinDefend - ok
20:52:08.0097 0x12f4  WinHttpAutoProxySvc - ok
20:52:08.0195 0x12f4  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:52:08.0248 0x12f4  Winmgmt - ok
20:52:08.0326 0x12f4  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:52:08.0421 0x12f4  WinRM - ok
20:52:08.0467 0x12f4  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
20:52:08.0484 0x12f4  WinUsb - ok
20:52:08.0551 0x12f4  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:52:08.0614 0x12f4  Wlansvc - ok
20:52:08.0647 0x12f4  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:52:08.0663 0x12f4  WmiAcpi - ok
20:52:08.0726 0x12f4  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:52:08.0745 0x12f4  wmiApSrv - ok
20:52:08.0862 0x12f4  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
20:52:08.0913 0x12f4  WMPNetworkSvc - ok
20:52:08.0959 0x12f4  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:52:08.0983 0x12f4  WPCSvc - ok
20:52:09.0027 0x12f4  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:52:09.0053 0x12f4  WPDBusEnum - ok
20:52:09.0194 0x12f4  WPFFontCache_v0400 - ok
20:52:09.0219 0x12f4  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:52:09.0246 0x12f4  ws2ifsl - ok
20:52:09.0277 0x12f4  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
20:52:09.0303 0x12f4  wscsvc - ok
20:52:09.0308 0x12f4  WSearch - ok
20:52:09.0422 0x12f4  [ E51B294DC4A0A944DDE468356CFBB4AC, 0C1B8768C0F8CD7A76E926A068AA994D9FC546A4FBFC8935C93F683A9A052762 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:52:09.0545 0x12f4  wuauserv - ok
20:52:09.0579 0x12f4  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:52:09.0641 0x12f4  WudfPf - ok
20:52:09.0654 0x12f4  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:52:09.0677 0x12f4  WUDFRd - ok
20:52:09.0707 0x12f4  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:52:09.0743 0x12f4  wudfsvc - ok
20:52:09.0793 0x12f4  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:52:09.0852 0x12f4  WwanSvc - ok
20:52:09.0986 0x12f4  [ 556B5CFE8D21B256ADD7F87D7F4B4123, 7D3CC5C0DAC1CC418E9692CCCBBBC61AB0124E0280DA366B2A7F207F61CE9BAD ] {B154377D-700F-42cc-9474-23858FBDF4BD} C:\Program Files\HomeCinema\PowerDVD9\000.fcl
20:52:10.0005 0x12f4  {B154377D-700F-42cc-9474-23858FBDF4BD} - ok
20:52:10.0020 0x12f4  ================ Scan global ===============================
20:52:10.0072 0x12f4  [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
20:52:10.0124 0x12f4  [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
20:52:10.0137 0x12f4  [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
20:52:10.0187 0x12f4  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
20:52:10.0249 0x12f4  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
20:52:10.0257 0x12f4  [ Global ] - ok
20:52:10.0257 0x12f4  ================ Scan MBR ==================================
20:52:10.0265 0x12f4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:52:10.0564 0x12f4  \Device\Harddisk0\DR0 - ok
20:52:10.0565 0x12f4  ================ Scan VBR ==================================
20:52:10.0599 0x12f4  [ E70E158CD5C3F14B8CFF10C6A9D2A44D ] \Device\Harddisk0\DR0\Partition1
20:52:10.0601 0x12f4  \Device\Harddisk0\DR0\Partition1 - ok
20:52:10.0605 0x12f4  [ 4ECE8F6A945C12D80631AFF98A6538AB ] \Device\Harddisk0\DR0\Partition2
20:52:10.0606 0x12f4  \Device\Harddisk0\DR0\Partition2 - ok
20:52:10.0607 0x12f4  ================ Scan generic autorun ======================
20:52:10.0845 0x12f4  [ 60B99580EDAB4D1A82B248AC5FD46C11, 6D9DEC97AD3B3824CB12056D4DC2004199B8E7A32A32D472C5A320AA9EF1D1D9 ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
20:52:11.0051 0x12f4  RtHDVCpl - ok
20:52:11.0123 0x12f4  [ B8CB1F71298716F466D8784BF1B7494A, 074683D1BC8E2F74BEBC5B48A62EFD80325B324EF2522BF7EDF3D06781023ED2 ] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
20:52:11.0181 0x12f4  Skytel - ok
20:52:11.0188 0x12f4  NvCplDaemon - ok
20:52:11.0191 0x12f4  NvMediaCenter - ok
20:52:11.0280 0x12f4  [ 99EC85193F298938639841341323C8A8, 92762D4220726C379D423E75B0084F6DF5A0B42F54835611AC607DD0BE41F7CF ] C:\Program Files\AVG\Av\avuirunnerx.exe
20:52:11.0295 0x12f4  AVG_UI - ok
20:52:11.0481 0x12f4  [ EA1824C3F9A527D43F9BFDA7AD9A6513, 90EB8F7B8C39569D3478DCA83F1F63DDCB756E9D525D38E710B7B50797FC7002 ] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
20:52:11.0579 0x12f4  Babylon Client - ok
20:52:11.0650 0x12f4  [ BFE408D1FB5B8531E1A3FA189E18F931, B2E08C3242F8A99137939A3DCCE6091AEAD76DE0E09068AE4EDCBB382FAF50DE ] C:\Program Files\Cyberlink\Shared Files\brs.exe
20:52:11.0661 0x12f4  BDRegion - ok
20:52:11.0855 0x12f4  [ 22E458A5DC55A961DC22AC8824E8E6B7, 9704A83748D95085C227FBFDA1182E9F53C11252A95E9AB551236A3D57C8EFE3 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
20:52:11.0921 0x12f4  CanonMyPrinter - ok
20:52:11.0995 0x12f4  [ B9CCBA39317F2CE2AE9EC5E94271AD23, C497D5EC8F3DED41AF1FC93CE48D237C54F4C4286E7B633C3ADC2F7D524E8ED8 ] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe
20:52:12.0022 0x12f4  CanonSolutionMenu - ok
20:52:12.0086 0x12f4  [ 74EF10CD035DE51171C98E60E53AE221, C9D17D492469D0B6A485350E53590813E70469FCA68D5DC3E50FA26A368A05DC ] C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe
20:52:12.0098 0x12f4  CLMLServer - ok
20:52:12.0197 0x12f4  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
20:52:12.0234 0x12f4  GrooveMonitor - ok
20:52:12.0321 0x12f4  [ DEFA4CE02AFF4C3BEFD4B764C73A7362, 719099A4BC6FD87D69EA873792CE67DFB3CC04D3DA8A387D4483FEB1D5086990 ] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
20:52:12.0335 0x12f4  IAAnotif - ok
20:52:12.0433 0x12f4  [ CA3BC92AF8FCDB85C06AFB5E70D29BFA, E7FC1E740001A4ACE8F652A74F7F85514D4F352D39F4D0043F914F074A2F55BC ] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
20:52:12.0447 0x12f4  IJNetworkScanUtility - ok
20:52:12.0447 0x12f4  SearchSettings - ok
20:52:12.0546 0x12f4  [ 64A87C2EFBAF1E03500C73E43E6B505A, 6A86A4EE206B9EBDE58C72258855C3449E84C782DCE3A3014FA0BA1810116044 ] C:\Program Files\Winamp\winampa.exe
20:52:12.0562 0x12f4  WinampAgent - detected UnsignedFile.Multi.Generic ( 1 )
20:52:12.0603 0x12f4  Detect skipped due to KSN trusted
20:52:12.0603 0x12f4  WinampAgent - ok
20:52:12.0713 0x12f4  [ 96B3C4E20F02CA16AA1E3E425BFFCC8B, F94A548244071D406BDD6F770D4705B92F5485CA509B699A33472DFE7563BA39 ] C:\Windows\WindowsMobile\wmdc.exe
20:52:12.0744 0x12f4  Windows Mobile Device Center - ok
20:52:12.0852 0x12f4  [ 4E95B1FDDC9E51678BFA2A723EAA94EF, B52F87C61486E9E1321048C50982A85A693CC08E2B1584B497CA9D0D2428BBE8 ] C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
20:52:12.0872 0x12f4  AgentMonitor - ok
20:52:12.0971 0x12f4  [ D7779335B0EBC0A7B9C7D0E1105EA078, 4AA5A4B30BBEEA1B0DEC9BC33E9B07D0924F2C692E16B5CD6318E0451A937F9C ] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
20:52:12.0977 0x12f4  CloneCDTray - detected UnsignedFile.Multi.Generic ( 1 )
20:52:13.0019 0x12f4  Detect skipped due to KSN trusted
20:52:13.0019 0x12f4  CloneCDTray - ok
20:52:13.0189 0x12f4  [ E0A06707C91A18859AEBDD4FCEA734F7, BB0CF2847C8BCF696830BF5157A4AE7AB9AC4CC0978E64955F674BD10B556879 ] C:\Program Files\AVG Secure Search\vprot.exe
20:52:13.0285 0x12f4  vProt - ok
20:52:13.0353 0x12f4  [ E42A642E162B0468B2C4E9D803079C7F, BD5922F06FE7BAF23AD04FF8850E773CCDEFEA9469517DEB1B9954F8A7EE51E5 ] C:\Windows\KHALMNPR.EXE
20:52:13.0385 0x12f4  Kernel and Hardware Abstraction Layer - ok
20:52:13.0440 0x12f4  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:52:13.0457 0x12f4  APSDaemon - ok
20:52:13.0566 0x12f4  [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files\QuickTime\QTTask.exe
20:52:13.0601 0x12f4  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
20:52:13.0655 0x12f4  Detect skipped due to KSN trusted
20:52:13.0655 0x12f4  QuickTime Task - ok
20:52:13.0746 0x12f4  [ DEB8AF374FE115169AEBB55E9D3ADCEB, FC1FC117409BC4136FCFE8C7D676334998CECD06697FEA09978AF1CAD990FF55 ] C:\Program Files\AVG\Framework\Common\avguirnx.exe
20:52:13.0765 0x12f4  AvgUi - ok
20:52:13.0891 0x12f4  [ 81842625465D708AFAF95DBCB2833B67, A4D69205D34DA7C83C47BFA7C959F2703B44A5D4F16C8093B4CF5AAA1CBECC54 ] C:\Program Files\KeePass Password Safe 2\KeePass.exe
20:52:13.0985 0x12f4  KeePass 2 PreLoad - ok
20:52:14.0104 0x12f4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
20:52:14.0218 0x12f4  Sidebar - ok
20:52:14.0279 0x12f4  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
20:52:14.0301 0x12f4  mctadmin - ok
20:52:14.0332 0x12f4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
20:52:14.0371 0x12f4  Sidebar - ok
20:52:14.0379 0x12f4  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
20:52:14.0397 0x12f4  mctadmin - ok
20:52:14.0551 0x12f4  [ 683C9DF0582D8EEFAA90CE1514019BC1, 62C875888029BF32C19656B13C5504016209E4553B0B93FAE21F3930149EE9CA ] C:\Program Files\DAEMON Tools Lite\DTLite.exe
20:52:14.0666 0x12f4  DAEMON Tools Lite - ok
20:52:14.0758 0x12f4  ehTray.exe - ok
20:52:14.0869 0x12f4  [ 760ACD103FFB86AD65DC41CDEB08ABCF, 518DBEA24FB54D54BD17E0940ADD49134525D161A62C2E9D71FD876CE3E97D7B ] C:\Program Files\Samsung\Kies\KiesAirMessage.exe
20:52:14.0890 0x12f4  KiesAirMessage - detected UnsignedFile.Multi.Generic ( 1 )
20:52:14.0941 0x12f4  Detect skipped due to KSN trusted
20:52:14.0941 0x12f4  KiesAirMessage - ok
20:52:14.0965 0x12f4  [ A0251ED3ABBA7ACC84416738C8282ACA, 67240ED2BD24D557003AD7062E314F6CDC63BA95EB99A38AB7606432605DDE84 ] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
20:52:14.0984 0x12f4  KiesTrayAgent - ok
20:52:15.0037 0x12f4  [ F5ED26AB8BDD951BFAC8BBD0D68BA3E9, 418A80F9213A6E830777DE6E8A0F5E5B4BE5B36F4767B056827682EC7F3C8BBF ] C:\Program Files\Samsung\Kies\Kies.exe
20:52:15.0089 0x12f4  KiesPreload - ok
20:52:15.0359 0x12f4  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe
20:52:15.0374 0x12f4  Dropbox Update - ok
20:52:15.0375 0x12f4  Waiting for KSN requests completion. In queue: 122
20:52:16.0416 0x12f4  AV detected via SS2: AVG AntiVirus Free Edition, C:\Program Files\AVG\Av\avgwsc.exe ( 16.101.0.7752 ), 0x41000 ( enabled : updated )
20:52:16.0423 0x12f4  Win FW state via NFP2: enabled ( trusted )
20:52:16.0523 0x12f4  ============================================================
20:52:16.0523 0x12f4  Scan finished
20:52:16.0523 0x12f4  ============================================================
20:52:16.0534 0x0a34  Detected object count: 0
20:52:16.0534 0x0a34  Actual detected object count: 0
         
__________________

Alt 12.08.2016, 12:09   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
IRCBot Virut  wohl auf einem meiner Computer, informierte mich die T-Com - Standard

IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com



Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 15.08.2016, 22:01   #5
timercp
 
IRCBot Virut  wohl auf einem meiner Computer, informierte mich die T-Com - Standard

IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com



Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.08.15.08
  rootkit: v2016.08.09.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.18376
Ck :: CK-PC [administrator]

15.08.2016 21:29:12
mbar-log-2016-08-15 (21-29-12).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 307928
Time elapsed: 55 minute(s), 38 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Hallo,

mhhh leider keinen treffer... Gibt es weitere Programme für den scan ?
DANKE für die Hilfe....


Alt 16.08.2016, 07:50   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
IRCBot Virut  wohl auf einem meiner Computer, informierte mich die T-Com - Standard

IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com



Was habt ihr alle nur mit "leider"

Du solltest froh sein, dass dein Rechner nicht mit rootkits befallen ist


Die Telekom kann viel behaupten, aber nur weil die das tut heißt das nicht, dass diese Behauptung auch immer zutreffend ist.


Bitte AVG deinstallieren. Das Teil können wir einfach nicht mehr guten Gewissens empfehlen. => http://www.trojaner-board.de/171261-...zer-daten.html und Antivirensoftware: Schutz für Ihre Dateien, aber auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Auch andere Freewareanbieter wie Avira, Avast oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel.

Gib Bescheid wenn AVG weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________
--> IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com

Alt 17.08.2016, 19:58   #7
timercp
 
IRCBot Virut  wohl auf einem meiner Computer, informierte mich die T-Com - Standard

IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com



Hallo cosinus,

DANKE erst einmal für Deine Hilfe.
Ja mit dem "leider" ist so ne Sache.... Ist aber schon OK denke Du weißt wie es gemeint ist.

So AVG is runter... Ich habe ja auch noch andere pc am laufen... und dann noch die Android Smartphones und Tablets. Laut Telekom kommt das alles in frage.

Vielen DAnk noch einmal für die weitere Hilfe

Alt 17.08.2016, 20:03   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
IRCBot Virut  wohl auf einem meiner Computer, informierte mich die T-Com - Standard

IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com



Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.08.2016, 21:34   #9
timercp
 
IRCBot Virut  wohl auf einem meiner Computer, informierte mich die T-Com - Standard

IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com



Code:
ATTFilter
# AdwCleaner v6.000 - Bericht erstellt am 17/08/2016 um 22:02:23
# Aktualisiert am 12/08/2016 von ToolsLib
# Datenbank : 2016-08-17.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X86)
# Benutzername : Ck - CK-PC
# Gestartet von : C:\Users\Ck\Desktop\AdwCleaner_6.000.exe
# Modus: Löschen
# Unterstützung : https://toolslib.net/forum



***** [ Dienste ] *****

[-] Dienst gelöscht: pcsuservice
[-] Dienst gelöscht: rtop
[!] Dienst nicht gelöscht: PCSUService
[-] Dienst gelöscht: DrvAgent32


***** [ Ordner ] *****

[-] Ordner gelöscht: C:\ProgramData\Avg_Update_0116av
[-] Ordner gelöscht: C:\ProgramData\Avg_Update_0316av
[-] Ordner gelöscht: C:\ProgramData\Avg_Update_1215av
[-] Ordner gelöscht: C:\Users\Ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\aipfmkinhleccnodemkoofnnofpbbpac
[-] Ordner gelöscht: C:\Users\Ck\AppData\Local\Babylon
[-] Ordner gelöscht: C:\Users\Ck\AppData\Local\DownloadManager
[-] Ordner gelöscht: C:\Users\Ck\AppData\Local\eSupport.com
[-] Ordner gelöscht: C:\Users\Ck\AppData\Local\OpenCandy
[-] Ordner gelöscht: C:\Users\Ck\AppData\LocalLow\Search Settings
[-] Ordner gelöscht: C:\Users\Ck\AppData\LocalLow\Softonic
[-] Ordner gelöscht: C:\Users\Ck\AppData\Roaming\BabSolution
[-] Ordner gelöscht: C:\Users\Ck\AppData\Roaming\Babylon
[-] Ordner gelöscht: C:\Users\Ck\AppData\Roaming\dvdvideosoftiehelpers
[-] Ordner gelöscht: C:\Users\Ck\AppData\Roaming\OpenCandy
[-] Ordner gelöscht: C:\Users\Ck\AppData\Roaming\QuickStoresToolbar
[-] Ordner gelöscht: C:\Users\Ck\AppData\Roaming\StPrsSW
[-] Ordner gelöscht: C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
[-] Ordner gelöscht: C:\ProgramData\AVG Security Toolbar
[-] Ordner gelöscht: C:\ProgramData\Babylon
[-] Ordner gelöscht: C:\ProgramData\ByteFence
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\AVG Security Toolbar
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\Babylon
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\ByteFence
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Ordner gelöscht: C:\Program Files\Babylon
[-] Ordner gelöscht: C:\Program Files\ByteFence
[-] Ordner gelöscht: C:\Program Files\myfree codec
[-] Ordner gelöscht: C:\Program Files\Softonic
[-] Ordner gelöscht: C:\Program Files\Wajam
[-] Ordner gelöscht: C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
[-] Ordner gelöscht: C:\Users\Ck\AppData\Local\Temp\OCS
[-] Ordner gelöscht: C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search
[-] Ordner gelöscht: C:\Program Files\Mozilla Firefox\Extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[-] Ordner gelöscht: C:\Program Files\Mozilla Firefox\Extensions\quickstores@quickstores.de
[-] Ordner gelöscht: C:\Program Files\Mozilla Firefox\Extensions\search@searchsettings.com
[#] Ordner mit Neustart gelöscht: C:\Program Files\Mozilla Firefox\Extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[#] Ordner mit Neustart gelöscht: C:\Program Files\Mozilla Firefox\Extensions\quickstores@quickstores.de
[#] Ordner mit Neustart gelöscht: C:\Program Files\Mozilla Firefox\Extensions\search@searchsettings.com
[#] Ordner mit Neustart gelöscht: C:\Program Files\Mozilla Firefox\Extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[#] Ordner mit Neustart gelöscht: C:\Program Files\Mozilla Firefox\Extensions\quickstores@quickstores.de
[#] Ordner mit Neustart gelöscht: C:\Program Files\Mozilla Firefox\Extensions\search@searchsettings.com
[#] Ordner mit Neustart gelöscht: C:\Users\Ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\aipfmkinhleccnodemkoofnnofpbbpac
[-] Ordner gelöscht: C:\Users\Ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
[-] Ordner gelöscht: C:\Users\Ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
[-] Ordner gelöscht: C:\Users\Ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp


***** [ Dateien ] *****

[-] Datei gelöscht: C:\Users\Ck\AppData\Roaming\Microsoft\Internet Explorer\QuiCk Launch\Babylon.lnk
[-] Datei gelöscht: C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
[-] Datei gelöscht: C:\END
[-] Datei gelöscht: C:\Windows\system32\drivers\DrvAgent32.sys
[-] Datei gelöscht: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}.xpi
[-] Datei gelöscht: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\avg-secure-search.xml
[-] Datei gelöscht: C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[-] Datei gelöscht: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\Conduit.xml
[-] Datei gelöscht: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\searchgol.xml
[-] Datei gelöscht: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\softonic.xml
[-] Datei gelöscht: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\yahoo! powered.xml
[#] Datei gelöscht: C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[#] Datei gelöscht: C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[-] Datei gelöscht: C:\Users\Ck\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_elchiiiejkobdbblfejjkbphbddgmljf_0.localstorage
[-] Datei gelöscht: C:\Users\Ck\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_elchiiiejkobdbblfejjkbphbddgmljf_0.localstorage-journal
[-] Datei gelöscht: C:\Users\Ck\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jpmbfleldcgkldadpdinhjjopdfpjfjp_0.localstorage


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****

[-] Aufgabe gelöscht: ByteFence


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\.bgl
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\.bof
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\BabyDict
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\BabyGloss
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\BabyOptFile
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\PCSU.Registry
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\PCSU.Registry.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\PCSU.SysUtils
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\PCSU.SysUtils.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Prod.cap
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Search.BrowserWndAPI
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Search.BrowserWndAPI.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Search.PugiObj
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Search.PugiObj.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Softonic.dskBnd
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Softonic.dskBnd.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\SoftonicApp.appCore
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{4277F7CF-0000-46CF-BA49-D624465C4BAB}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{6AC0BB10-C922-45E2-857D-2A368FE749E5}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{63EDCDD3-8AFC-4358-A90F-F7FB8F5C64FF}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{BD5843ED-13C4-4EFF-ACE9-56CEE22BC087}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{6C42038D-817A-472C-8C2A-EF46F1DA576D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{873C7DA8-195D-4D5A-B830-C5E2831901EA}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{5C9A2304-70A5-11D5-AFB0-0050DAC67890}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{3157E247-2784-4028-BF0F-52D6DDC70E1B}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5018CFD2-804D-4C99-9F81-25EAEA2769DE}]
[-] Wert gelöscht: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Wert gelöscht: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\AVG Secure Search
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\APN PIP
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\BABSOLUTION
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Babylon
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\ByteFence
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Conduit
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\eSupport.com
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Myfree Codec
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\PRODUCTSETUP
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Search Settings
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Softonic
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Speedchecker Limited
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\WaIntEnhance
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Wajam
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\WajIEnhance
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\csastats
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Softonic
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Wajam
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\AVG Secure Search
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\APN PIP
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\BABSOLUTION
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Babylon
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\ByteFence
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Conduit
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\eSupport.com
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Myfree Codec
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\PRODUCTSETUP
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Search Settings
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Softonic
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Speedchecker Limited
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\WaIntEnhance
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Wajam
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\WajIEnhance
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\csastats
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Babylon
[-] Schlüssel gelöscht: HKLM\SOFTWARE\ByteFence
[-] Schlüssel gelöscht: HKLM\SOFTWARE\dt soft\daemon tools toolbar
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Myfree Codec
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Search Settings
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Softonic
[-] Schlüssel gelöscht: HKLM\SOFTWARE\WaIntEnhance
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Wajam
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B8B0FC8B-E69B-4215-AF1A-4BDFF20D794B}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Babylon
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ByteFence
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickStores-Toolbar_is1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search-Gol Chrome Toolbar
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WaIntEnhance
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Schlüssel gelöscht: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C3E6F08D-366C-4806-81AE-DA013DD94FC8}
[-] Daten  wiederhergestellt: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C3E6F08D-366C-4806-81AE-DA013DD94FC8}
[-] Daten  wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Daten  wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Babylon Client]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Office\Powerpoint\Addins\babylonofficeaddin.officeaddin
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Office\Word\Addins\babylonofficeaddin.officeaddin
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Babylon.exe
[-] Wert gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[-] Wert gelöscht: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com]
[#] Wert mit Neustart gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com]
[#] Wert mit Neustart gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com]
[#] Wert mit Neustart gelöscht: HKLM\SOFTWARE\Google\Chrome\Extensions\aipfmkinhleccnodemkoofnnofpbbpac []
[#] Wert mit Neustart gelöscht: HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh []
[#] Wert mit Neustart gelöscht: HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb []
[#] Wert mit Neustart gelöscht: HKLM\SOFTWARE\Google\Chrome\Extensions\elchiiiejkobdbblfejjkbphbddgmljf []


***** [ Browser ] *****

[-] Firefox Einstellungen bereinigt: "extensions.Softonic.hmpgUrl" -  "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=cedae3900000000000000022437b3ca6"
[-] Firefox Einstellungen bereinigt: "extensions.Softonic.newTabUrl" -  "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=cedae3900000000000000022437b3ca6"
[-] Firefox Einstellungen bereinigt: "extensions.Softonic.prtnrId" -  "softonic"
[-] Firefox Einstellungen bereinigt: "extensions.Softonic.tlbrSrchUrl" -  "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=cedae3900000000000000022437b3ca6&q="
[-] Firefox Einstellungen bereinigt: "extensions.searchgol.prdct" -  "searchgol"
[-] Firefox Einstellungen bereinigt: "extensions.searchgol.prtnrId" -  "searchgol"
[-] Firefox Einstellungen bereinigt: "extensions.xpiState" -  "{\"app-profile\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"d\":\"C:\\\\Users\\\\Ck\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\6w2vefvb.default\\\\extensions\\\\{20a82645-c095-46ed-80e3-08825760534b}\",\"e\":false,\"v\":\"1.2.1\",\"st\":1370004771312,\"mt\":1271780036000},\"{4176DFF4-4698-11DE-BEEB-45DA55D89593}\":{\"d\":\"C:\\\\Users\\\\Ck\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\6w2vefvb.default\\\\extensions\\\\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi\",\"e\":false,\"v\":\"0.8.50.1-signed.1-signed\",\"st\":1461782681410},\"{9fb7d178-155a-4318-9173-1a8eaaea7fe4}\":{\"d\":\"C:\\\\Users\\\\Ck\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\6w2vefvb.default\\\\extensions\\\\{9fb7d178-155a-4318-9173-1a8eaaea7fe4}.xpi\",\"e\":true,\"v\":\"2.1.30\",\"st\":1459872922998},\"{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\":{\"d\":\"C:\\\\Users\\\\Ck\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\6w2vefvb.default\\\\extensions\\\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi\",\"e\":false,\"v\":\"4.2.1.10\",\"st\":1355503709298}},\"app-system-defaults\":{\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1466006154653},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"e\":true,\"v\":\"1.0.2\",\"st\":1466006154638},\"loop@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\loop@mozilla.org.xpi\",\"e\":true,\"v\":\"1.3.2\",\"st\":1466006154622}},\"winreg-app-user\":{\"{e4f94d1e-2f53-401e-8885-681602c0ddd8}\":{\"d\":\"C:\\\\ProgramData\\\\McAfee Security Scan\\\\Extensions\\\\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi\",\"e\":false,\"v\":\"1.0\",\"st\":1396607774000}},\"app-global\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi\",\"e\":true,\"v\":\"47.0\",\"st\":1466006154669}},\"winreg-app-global\":{\"ocr@babylon.com\":{\"d\":\"C:\\\\Program Files\\\\Babylon\\\\Babylon-Pro\\\\Utils\\\\ocr@babylon.com\",\"e\":false,\"v\":\"1.1\",\"st\":1370003466494,\"mt\":1321283646000},\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"d\":\"c:\\\\Windows\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\Windows Presentation Foundation\\\\DotNetAssistantExtension\",\"e\":false,\"v\":\"0.0.0\",\"st\":1370003989204,\"mt\":1232707720000},\"FFPDFArchitectConverter@pdfarchitect.com\":{\"d\":\"C:\\\\Program Files\\\\PDF Architect\\\\FFPDFArchitectExt\",\"e\":false,\"v\":\"1.0\",\"st\":1378107203556,\"mt\":1365437022000}}}"
[-] Firefox Einstellungen bereinigt: "extensions.searchgol.prtnrId" -  "searchgol"
[-] Firefox Einstellungen bereinigt: "extensions.searchgol.prdct" -  "searchgol"
[-] Firefox Einstellungen bereinigt: "extensions.Softonic.tlbrSrchUrl" -  "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=cedae3900000000000000022437b3ca6&q="
[-] Firefox Einstellungen bereinigt: "extensions.Softonic.prtnrId" -  "softonic"
[-] Firefox Einstellungen bereinigt: "extensions.Softonic.hmpgUrl" -  "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=cedae3900000000000000022437b3ca6"
[-] Firefox Einstellungen bereinigt: "extensions.Softonic.newTabUrl" -  "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=cedae3900000000000000022437b3ca6"
[-] [isearch.avg.com] [Search Provider] Gelöscht:isearch.avg.com
[-] [search.softonic.com] [Search Provider] Gelöscht:search.softonic.com
[-] [searchgol.com] [Search Provider] Gelöscht:searchgol.com


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [32260 Bytes] - [17/08/2016 22:02:23]
C:\AdwCleaner\AdwCleaner[S0].txt - [31393 Bytes] - [17/08/2016 21:58:14]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [32408 Bytes] ##########
         
JRT Logfile:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Home Premium x86 
Ran by Ck (Administrator) on 17.08.2016 at 22:16:56,13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 31 

Successfully deleted: C:\Users\Ck\Appdata\LocalLow\pdfforge (Folder) 
Successfully deleted: C:\Users\Ck\AppData\Roaming\fcbfan (Folder) 
Successfully deleted: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\user.js (File) 
Successfully deleted: C:\Users\Ck\AppData\Roaming\pdfforge (Folder) 
Successfully deleted: C:\Windows\System32\Tasks\1215avUpdateInfo (Task)
Successfully deleted: C:\Windows\System32\Tasks\FCBfan (Task)
Successfully deleted: C:\Windows\Tasks\1215avUpdateInfo.job (Task) 
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4IPK4E9T (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\55E60PQC (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7SOG35PC (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ADM16G3A (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEA5R3WK (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OLL8EZN8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PXQ4GXFR (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q391V2E1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TFGIR19X (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UQLUDLP2 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VIZ2ZKCY (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XYD9DVN1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4IPK4E9T (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\55E60PQC (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7SOG35PC (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ADM16G3A (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DEA5R3WK (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OLL8EZN8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PXQ4GXFR (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q391V2E1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TFGIR19X (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UQLUDLP2 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VIZ2ZKCY (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XYD9DVN1 (Temporary Internet Files Folder) 

Deleted the following from C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\prefs.js
user_pref(browser.search.defaultenginename, AVG Secure Search);
user_pref(browser.search.selectedEngine, AVG Secure Search);
user_pref(extensions.Softonic.admin, false);
user_pref(extensions.Softonic.aflt, OC);
user_pref(extensions.Softonic.appId, {7ABBFE1C-E485-44AA-8F36-353751B4124D});
user_pref(extensions.Softonic.autoRvrt, false);
user_pref(extensions.Softonic.dfltLng, de);
user_pref(extensions.Softonic.dfltSrch, true);
user_pref(extensions.Softonic.dnsErr, true);
user_pref(extensions.Softonic.excTlbr, false);
user_pref(extensions.Softonic.ffxUnstlRst, false);
user_pref(extensions.Softonic.hmpg, true);
user_pref(extensions.Softonic.hmpgUrl, hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=cedae3900000000000000022437b3ca6);
user_pref(extensions.Softonic.id, cedae3900000000000000022437b3ca6);
user_pref(extensions.Softonic.instlDay, 16045);
user_pref(extensions.Softonic.instlRef, MOY00621);
user_pref(extensions.Softonic.newTab, true);
user_pref(extensions.Softonic.newTabUrl, hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=cedae3900000000000000022437b3ca6);
user_pref(extensions.Softonic.prdct, Softonic);
user_pref(extensions.Softonic.prtnrId, softonic);
user_pref(extensions.Softonic.rvrt, false);
user_pref(extensions.Softonic.srchPrvdr, Search the web (Softonic));
user_pref(extensions.Softonic.tlbrId, opencandy2013);
user_pref(extensions.Softonic.tlbrSrchUrl, hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=cedae3900000000000000022437b3ca6&q=);
user_pref(extensions.Softonic.vrsn, 1.8.21.14);
user_pref(extensions.Softonic.vrsnTs, 1.8.21.149:47:02);
user_pref(extensions.Softonic.vrsni, 1.8.21.14);
user_pref(extensions.searchgol.admin, false);
user_pref(extensions.searchgol.aflt, babsst);
user_pref(extensions.searchgol.appId, {4277F7CF-0000-46CF-BA49-D624465C4BAB});
user_pref(extensions.searchgol.autoRvrt, false);
user_pref(extensions.searchgol.dfltLng, de);
user_pref(extensions.searchgol.excTlbr, false);
user_pref(extensions.searchgol.ffxUnstlRst, false);
user_pref(extensions.searchgol.id, cedae3900000000000000022437b3ca6);
user_pref(extensions.searchgol.instlDay, 15988);
user_pref(extensions.searchgol.instlRef, sst);
user_pref(extensions.searchgol.newTab, false);
user_pref(extensions.searchgol.prdct, searchgol);
user_pref(extensions.searchgol.prtnrId, searchgol);
user_pref(extensions.searchgol.rvrt, false);
user_pref(extensions.searchgol.smplGrp, none);
user_pref(extensions.searchgol.tlbrId, base);
user_pref(extensions.searchgol.tlbrSrchUrl, );
user_pref(extensions.searchgol.vrsn, 1.8.16.19);
user_pref(extensions.searchgol.vrsnTs, 1.8.16.1920:12:53);
user_pref(extensions.searchgol.vrsni, 1.8.16.19);



Registry: 6 

Successfully deleted: HKLM\Software\Google\Chrome\Extensions\aipfmkinhleccnodemkoofnnofpbbpac (Registry Key) 
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh (Registry Key) 
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb (Registry Key) 
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\elchiiiejkobdbblfejjkbphbddgmljf (Registry Key) 
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.08.2016 at 22:19:26,69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
--- --- ---

Alt 18.08.2016, 08:52   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
IRCBot Virut  wohl auf einem meiner Computer, informierte mich die T-Com - Standard

IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com



Da war aber einiges...bitte neu starten und adwCleaner wiederholen....um zu sehen, ob der auch "alles" erwischt hat
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 18.08.2016, 19:44   #11
timercp
 
IRCBot Virut  wohl auf einem meiner Computer, informierte mich die T-Com - Standard

IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com



Hallo Cosinus,

was heißt das war einiges... waren das alles Viren ?
Der zweite Durchlauf hat nichts mehr gefunden.

Was soll ich nun tun ?

Vielen DANK für Deine Antwort

Alt 18.08.2016, 20:45   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
IRCBot Virut  wohl auf einem meiner Computer, informierte mich die T-Com - Standard

IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com



Nun was meinte ich wohl, die Aussage bezog sich auf das Log vom adwcleaner


Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 19.08.2016, 18:47   #13
timercp
 
IRCBot Virut  wohl auf einem meiner Computer, informierte mich die T-Com - Standard

IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 19-08-2016
durchgeführt von Ck (Administrator) auf CK-PC (19-08-2016 19:43:08)
Gestartet von C:\Users\Ck\Desktop
Geladene Profile: Ck (Verfügbare Profile: Ck)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(AVM GmbH) C:\Program Files\FRITZ!Powerline\PowerlineService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
() C:\Windows\System32\PSIService.exe
() C:\Program Files\Cyberlink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(cyberlink) C:\Program Files\Cyberlink\Shared files\brs.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CyberLink) C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(CANON INC.) C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
() C:\Program Files\Winamp\winampa.exe
() C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Dropbox, Inc.) C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6724128 2009-02-03] (Realtek Semiconductor)
HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [13687328 2009-03-27] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] => C:\Windows\system32\NvMcTray.dll [92704 2009-03-27] (NVIDIA Corporation)
HKLM\...\Run: [BDRegion] => C:\Program Files\Cyberlink\Shared Files\brs.exe [75048 2009-03-30] (cyberlink)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1848648 2008-03-17] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-10] (CANON INC.)
HKLM\...\Run: [CLMLServer] => C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe [104936 2008-07-18] (CyberLink)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-09] (Intel Corporation)
HKLM\...\Run: [IJNetworkScanUtility] => C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [128352 2007-11-19] (CANON INC.)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [37888 2009-07-01] ()
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [AgentMonitor] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe [401280 2014-06-20] ()
HKLM\...\Run: [CloneCDTray] => C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [57344 2006-09-28] (SlySoft, Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [55824 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [2745544 2016-01-09] (Dominik Reichl)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-07-20] (Logitech, Inc.)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560 2014-01-23] (Samsung Electronics)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [Dropbox Update] => C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-02] (Dropbox, Inc.)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\MountPoints2: {1284c770-c9ed-11e2-9b24-806e6f6e6963} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\LIESMICH.htm
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\MountPoints2: {59f93d6c-02b1-11e3-a5d9-00242178ad0f} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\MountPoints2: {5f1d01bd-90f0-11e3-99cf-00242178ad0f} - K:\DTVP_Launcher.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-06-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2014-08-25]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2009-11-27]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.115.100
Tcpip\..\Interfaces\{50C94D7A-C5DB-415C-8678-3F7462EF05FF}: [DhcpNameServer] 192.168.115.100
Tcpip\..\Interfaces\{E5D46DBA-07F2-4849-956E-461E87395D8B}: [DhcpNameServer] 192.168.115.100

Internet Explorer:
==================
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {5C0E257E-9DFE-4955-AA93-0A9B166BAB50} hxxp://192.168.115.107:5000/surveillance/object/SSObject.cab
DPF: {8214B72E-B0CD-466E-A44D-1D54D926038D} hxxp://kaysercam.dyndns.org/AVC_AX_724.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {FD3BEB0C-AB43-4253-9146-C371D48FBE0D} hxxp://kaysercam.dyndns.org/web.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  Keine Datei
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default
FF NewTab: about:newtab
FF Homepage: www.google.de
FF Keyword.URL: user_pref("keyword.URL", true);
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2009-03-19] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2013-07-22] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-20] (Google)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-02] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin: JFGuide -> C:\Program Files\NetSurveillance\CMS\npGuide.dll [2016-01-12] ()
FF Plugin: JFWeb -> C:\Program Files\NetSurveillance\CMS\npWebPlugin.dll [2014-09-11] ()
FF Plugin HKU\S-1-5-21-1965394401-2103718357-1127923810-1000: runtop.com/RTPlayer -> C:\Program Files\VVVIPCamera\npRTPlayer.dll [2015-09-08] (RunTop)
FF Plugin HKU\S-1-5-21-1965394401-2103718357-1127923810-1000: webnp/nsstPlugin -> C:\Users\Ck\AppData\Roaming\WebPlugin\npnsstPlugin.dll [2015-08-08] (webnp)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npEModelPlugin.dll [2009-12-09] (Dassault Systèmes SolidWorks Corp.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-02-06] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-04-13] (Apple Inc.)
FF SearchPlugin: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\footiefox.xml [2009-12-31]
FF Extension: FootieFox - C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\extensions\{9fb7d178-155a-4318-9173-1a8eaaea7fe4}.xpi [2016-04-05]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2013-05-31] [ist nicht signiert]
FF Extension: AniWeather - C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2016-04-27]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-05-31] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-09-02] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => nicht gefunden
FF HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [ist nicht signiert]
FF HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] - C:\Program Files\BullGuard Ltd\BullGuard\antispam\tbspamfilter => nicht gefunden
FF HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Thunderbird\Extensions: [{380AE6CB-09B9-4373-B360-D01C2462A6E7}] - C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin => nicht gefunden

Chrome: 
=======
CHR Profile: C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (YouTube) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-13]
CHR Extension: (Google Search) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-13]
CHR Extension: (RealDownloader) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-12-24]
CHR Extension: (Google Wallet) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-13]
CHR Extension: (Gmail) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-13]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [255904 2012-11-28] (AVM Berlin)
R2 AVMPowerlineService; C:\Program Files\FRITZ!Powerline\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [Datei ist nicht signiert]
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [122272 2012-11-28] (AVM Berlin)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64112 2014-01-16] (CyberGhost S.R.L)
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2014-01-23] (Teruten) [Datei ist nicht signiert]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-05-18] (Hewlett-Packard Company) [Datei ist nicht signiert]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [155488 2013-06-10] (AVM Berlin)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [247152 2009-02-25] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [632832 2011-03-21] (Nokia) [Datei ist nicht signiert]
S3 SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2010-02-24] (SolidWorks) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
S3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-12-06] (Disc Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [34760 2007-02-16] (SlySoft, Inc.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [25160 2007-08-07] (Elaborate Bytes AG)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2014-01-23] () [Datei ist nicht signiert]
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28560 2009-06-17] (Logitech, Inc.)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-14] (Ralink Technology Corp.)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [334712 2011-07-05] (AVM Berlin)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2009-05-29] (Duplex Secure Ltd.)
S3 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [Datei ist nicht signiert]
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\HomeCinema\PowerDVD9\000.fcl [87536 2009-03-30] (CyberLink Corp.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-19 19:42 - 2016-08-19 19:42 - 00000000 ____D C:\Users\Ck\Desktop\FRST-OlderVersion
2016-08-17 22:19 - 2016-08-17 22:19 - 00008582 _____ C:\Users\Ck\Desktop\JRT.txt
2016-08-17 21:52 - 2016-08-18 19:33 - 00000000 ____D C:\AdwCleaner
2016-08-17 21:13 - 2016-08-17 21:13 - 01610560 _____ (Malwarebytes) C:\Users\Ck\Desktop\JRT.exe
2016-08-17 21:09 - 2016-07-08 17:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-08-17 21:08 - 2016-08-17 21:08 - 03784256 _____ C:\Users\Ck\Desktop\AdwCleaner_6.000.exe
2016-08-15 21:29 - 2016-08-15 21:29 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-15 21:28 - 2016-08-17 20:51 - 00000000 ____D C:\Users\Ck\Desktop\mbar
2016-08-15 21:28 - 2016-08-17 20:51 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-08-15 21:28 - 2016-08-17 18:38 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-15 21:28 - 2016-08-17 18:37 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-08-15 21:27 - 2016-08-15 21:27 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Ck\Desktop\mbar-1.09.3.1001.exe
2016-08-15 20:55 - 2016-08-02 16:08 - 00346312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-15 20:55 - 2016-08-02 08:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-08-15 20:55 - 2016-08-02 08:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-08-15 20:55 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-15 20:55 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-15 20:55 - 2016-08-02 07:51 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-08-15 20:55 - 2016-08-02 07:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-08-15 20:55 - 2016-08-02 07:51 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-08-15 20:55 - 2016-08-02 07:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-08-15 20:55 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-15 20:55 - 2016-08-02 07:45 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-08-15 20:55 - 2016-08-02 07:44 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-08-15 20:55 - 2016-08-02 07:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-15 20:55 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-15 20:55 - 2016-08-02 07:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-08-15 20:55 - 2016-08-02 07:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-08-15 20:55 - 2016-08-02 07:41 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-08-15 20:55 - 2016-08-02 07:36 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-08-15 20:55 - 2016-08-02 07:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-08-15 20:55 - 2016-08-02 07:29 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-08-15 20:55 - 2016-08-02 07:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-08-15 20:55 - 2016-08-02 07:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-08-15 20:55 - 2016-08-02 07:25 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-08-15 20:55 - 2016-08-02 07:24 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-08-15 20:55 - 2016-08-02 07:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-08-15 20:55 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-15 20:55 - 2016-08-02 07:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-08-15 20:55 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-15 20:55 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-15 20:55 - 2016-08-02 07:14 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-08-15 20:55 - 2016-08-02 07:14 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-15 20:55 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-15 20:55 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-15 20:55 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-15 20:55 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-15 20:55 - 2016-07-08 17:22 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-15 20:55 - 2016-07-08 17:22 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-08-15 20:55 - 2016-07-08 17:16 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-08-15 20:55 - 2016-07-08 16:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-08-15 20:55 - 2016-07-08 16:53 - 02399232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-15 20:55 - 2016-07-08 16:51 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-08-15 20:55 - 2016-07-08 16:51 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-08-15 20:55 - 2016-07-08 16:51 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-08-15 20:55 - 2016-07-08 16:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-08-15 20:55 - 2016-07-08 16:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-08-15 20:55 - 2016-07-08 16:50 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-08-11 20:50 - 2016-08-11 20:56 - 00221242 _____ C:\TDSSKiller.3.1.0.11_11.08.2016_20.50.46_log.txt
2016-08-11 20:29 - 2016-08-11 20:32 - 00077766 _____ C:\Users\Ck\Desktop\Addition.txt
2016-08-11 20:29 - 2016-08-11 20:29 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Ck\Desktop\tdsskiller.exe
2016-08-11 20:28 - 2016-08-19 19:43 - 00021905 _____ C:\Users\Ck\Desktop\FRST.txt
2016-08-11 20:28 - 2016-08-19 19:43 - 00000000 ____D C:\FRST
2016-08-11 20:26 - 2016-08-19 19:42 - 01745408 _____ (Farbar) C:\Users\Ck\Desktop\FRST.exe
2016-08-07 21:49 - 2016-08-07 21:49 - 06870919 _____ C:\Users\Ck\Downloads\General_HZXM_IPC_HI3516C_53H20L_S38_V4.02.R11.20150812_ALL.bin
2016-08-07 21:49 - 2016-08-07 21:49 - 04183898 _____ () C:\Users\Ck\Downloads\General_DeviceManage_V2.5.1.0.R.20141023(1).exe
2016-08-07 17:57 - 2016-08-07 17:57 - 00000000 ____D C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-04 13:43 - 2016-08-04 13:44 - 00144201 _____ C:\Users\Ck\Downloads\ResetConfig(1).zip
2016-08-04 11:53 - 2016-08-04 11:53 - 00067181 _____ C:\Users\Ck\Downloads\Mitteilung_777964016_vom_30.07.2016_20160804115330.pdf
2016-08-04 11:52 - 2016-08-04 11:52 - 00077226 _____ C:\Users\Ck\Downloads\Kontoauszug_777964016__Nr.0072016_vom_30.07.2016_20160804115248.pdf
2016-08-02 23:23 - 2016-06-25 22:01 - 00037096 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-08-02 23:23 - 2016-06-25 21:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 01004544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-08-02 23:23 - 2016-06-25 21:42 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-08-02 23:23 - 2016-06-25 21:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-08-02 23:23 - 2016-06-25 21:41 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-08-02 23:23 - 2016-06-22 15:06 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 01288192 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-23 09:35 - 2016-07-23 09:43 - 00000000 ____D C:\Users\Ck\Desktop\vom S Rechner

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-19 19:25 - 2014-02-14 17:28 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-19 18:57 - 2013-12-24 16:34 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-19 18:55 - 2015-07-02 12:04 - 00001212 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000UA.job
2016-08-19 16:55 - 2015-07-02 12:04 - 00001160 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000Core.job
2016-08-19 16:47 - 2013-05-31 14:28 - 00019696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-19 16:47 - 2013-05-31 14:28 - 00019696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-19 10:37 - 2009-05-29 15:19 - 00000868 _____ C:\Windows\Tasks\Google Software Updater.job
2016-08-18 21:57 - 2013-12-24 16:34 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-18 20:46 - 2013-05-31 15:45 - 01627884 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-18 20:46 - 2009-07-14 10:47 - 00702602 _____ C:\Windows\system32\perfh007.dat
2016-08-18 20:46 - 2009-07-14 10:47 - 00150242 _____ C:\Windows\system32\perfc007.dat
2016-08-18 20:46 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-08-18 19:31 - 2013-08-27 22:54 - 00000000 ___RD C:\Users\Ck\Dropbox
2016-08-18 18:11 - 2015-07-25 13:18 - 00000000 ____D C:\Windows\rescache
2016-08-18 17:34 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-17 22:02 - 2013-05-31 15:55 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-08-17 21:50 - 2009-07-14 06:33 - 00462680 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-17 21:23 - 2013-07-13 10:16 - 00000000 ____D C:\Windows\system32\MRT
2016-08-17 21:15 - 2013-06-12 08:33 - 144884648 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-17 20:22 - 2013-01-27 16:28 - 00000000 ____D C:\Users\Ck\AppData\Local\ElevatedDiagnostics
2016-08-17 18:34 - 2015-07-02 11:13 - 00000000 ____D C:\Users\Ck\AppData\Local\Avg
2016-08-17 18:34 - 2010-12-05 13:36 - 00000000 ____D C:\ProgramData\MFAData
2016-08-17 18:14 - 2015-11-03 18:04 - 00000000 ____D C:\Users\Ck\AppData\Local\AvgSetupLog
2016-08-17 18:14 - 2013-07-29 19:22 - 00000000 ____D C:\ProgramData\AVG
2016-08-17 18:14 - 2010-12-05 14:05 - 00000000 ____D C:\Program Files\AVG
2016-08-15 21:03 - 2013-12-24 16:34 - 00002137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-07 21:50 - 2016-03-30 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Device Manager
2016-08-07 21:50 - 2014-10-24 12:20 - 00028088 _____ C:\Program Files\Device Manager Setup Log.txt
2016-08-07 21:50 - 2014-10-24 12:20 - 00001921 _____ C:\Users\Ck\Desktop\DeviceManage.lnk
2016-08-07 21:50 - 2014-10-24 12:20 - 00000000 ____D C:\Program Files\Device Manager
2016-08-07 18:25 - 2015-03-10 11:41 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2016-08-07 17:58 - 2013-08-27 22:51 - 00000000 ____D C:\Users\Ck\AppData\Roaming\Dropbox
2016-08-02 23:56 - 2014-12-17 07:19 - 00000000 ____D C:\Windows\system32\appraiser
2016-08-02 23:56 - 2009-07-14 10:56 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-02 21:40 - 2015-12-03 21:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-26 14:24 - 2009-10-02 17:47 - 00406184 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-23 17:25 - 2009-07-18 19:43 - 00000000 ____D C:\Users\Ck\AppData\Roaming\Winamp
2016-07-20 16:27 - 2009-09-30 22:04 - 00000000 ____D C:\Users\Ck\AppData\Roaming\vlc

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-10-24 12:20 - 2016-08-07 21:50 - 0028088 _____ () C:\Program Files\Device Manager Setup Log.txt
2014-05-17 08:51 - 2014-06-23 07:14 - 0000000 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2009-07-21 21:13 - 2013-12-06 10:54 - 0000192 _____ () C:\Users\Ck\AppData\Roaming\default.rss
2013-12-24 21:53 - 2014-06-17 19:16 - 0000942 _____ () C:\Users\Ck\AppData\Local\cookies.ini
2013-12-22 15:07 - 2016-06-15 17:46 - 0012800 _____ () C:\Users\Ck\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-04 08:02 - 2014-02-04 08:02 - 0000085 ___SH () C:\ProgramData\.zreglib

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Ck\CAPITEST.exe


Einige Dateien in TEMP:
====================
C:\Users\Ck\AppData\Local\Temp\avg-ab4dcb36-a3b8-453e-95d0-3f1420a65049.exe
C:\Users\Ck\AppData\Local\Temp\avg-bf27893e-44c6-483e-af63-2236c14e051a.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_08130619252.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_08156097866.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_081642210183.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_081744902659.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_081845444654.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_081907132559.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_08544418719.exe
C:\Users\Ck\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfipkzx.dll
C:\Users\Ck\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Ck\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Ck\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\Ck\AppData\Local\Temp\NEventMessages.dll
C:\Users\Ck\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Ck\AppData\Local\Temp\oi_{8E29BDD6-B734-427A-9492-304AB40FB8F2}.exe
C:\Users\Ck\AppData\Local\Temp\sp_setpoint.exe
C:\Users\Ck\AppData\Local\Temp\stubhelper.dll
C:\Users\Ck\AppData\Local\Temp\uninst1.exe
C:\Users\Ck\AppData\Local\Temp\UNINSTALL.EXE


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-08-17 20:15

==================== Ende vom FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 19-08-2016
durchgeführt von Ck (19-08-2016 19:43:38)
Gestartet von C:\Users\Ck\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2013-05-31 13:55:44)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1965394401-2103718357-1127923810-500 - Administrator - Disabled)
Ck (S-1-5-21-1965394401-2103718357-1127923810-1000 - Administrator - Enabled) => C:\Users\Ck
Gast (S-1-5-21-1965394401-2103718357-1127923810-501 - Limited - Disabled)
Sonos (S-1-5-21-1965394401-2103718357-1127923810-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4Free Video Converter 2 (HKLM\...\{7061301A-0D44-432F-859D-AF705DA2C81F}_is1) (Version:  - 4Free Studio)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVM FRITZ!fax für FRITZ!Box (HKLM\...\FRITZ! 2.0) (Version:  - AVM Berlin)
AVM FRITZ!Fernzugang (HKLM\...\{F2B03BB1-D679-4FFF-951D-3058A669A823}) (Version: 1.3.1 - AVM Berlin)
Brother P-touch Editor 5.0 (HKLM\...\InstallShield_{DF9A6075-9308-4572-8932-A4316243C4D9}) (Version: 5.0.032 - Brother Industries, Ltd.)
Brother P-touch Editor 5.0 (Version: 5.0.032 - Brother Industries, Ltd.) Hidden
Canon IJ Network Scan Utility (HKLM\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version:  - )
CANON IMAGE GATEWAY Registrierungsanleitung (HKLM\...\DV CIG Guide) (Version: 1.0.0.2 - )
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.4.0.8 - )
Canon Internet Library for ZoomBrowser EX (HKLM\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.0.3 - )
Canon MP Navigator EX 2.0 (HKLM\...\MP Navigator EX 2.0) (Version:  - )
Canon MP620 series Benutzerregistrierung (HKLM\...\Canon MP620 series Benutzerregistrierung) (Version:  - )
Canon MP620 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series) (Version:  - )
Canon RAW Image Task for ZoomBrowser EX (HKLM\...\RAW Image Task) (Version: 0.9.3.9 - )
Canon Utilities CameraWindow (HKLM\...\CameraWindowLauncher) (Version: 7.0.0.8 - )
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.4.1.15 - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 6.4.0.5 - )
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.7.1.9 - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.0.1.248 - )
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.0.0.19 - )
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5118 - CDBurnerXP)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
CDex - Open Source Digital Audio CD Extractor (HKLM\...\CDex) (Version: 1.79.0.2015 - Georgy Berdyshev)
Choice Guard (Version: 1.2.87.0 - Microsoft Corporation) Hidden
CloneCD (HKLM\...\CloneCD) (Version:  - SlySoft)
CMS (HKLM\...\CMS1.0.0.32) (Version: 1.0.0.32 - wapa)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel MediaOne (HKLM\...\{A062A15F-9CAC-4B88-98DF-87628A0BD721}) (Version: 2.100.0000 - Corel Corporation)
CorelDRAW Essential Edition 3 (HKLM\...\_{ADDBE07D-95B8-4789-9C76-187FFF9624B4}) (Version:  - Corel Corporation)
CorelDRAW Essential Edition 3 (Version: 3.0 - Corel Corporation) Hidden
Cuttermaran 1.67 (HKLM\...\{5D5E101E-6E25-4497-944E-373D9DB20A07}) (Version: 1.6.7 - toarnold)
CyberGhost 5 (HKLM\...\CyberGhost VPN 5_is1) (Version:  - CyberGhost S.R.L.)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1616 - CyberLink Corp.)
CyberLink MediaShow (HKLM\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.2609 - CyberLink Corp.)
CyberLink PhotoNow (HKLM\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.5615 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.2806 - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2718 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1531 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.0.5611 - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1412 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DE (Version: 3.0 - Corel Corporation) Hidden
Device Manager (HKLM\...\Device Manager) (Version:  - )
DriverAgent by eSupport.com (HKLM\...\DriverAgent.exe) (Version:  - )
Dropbox (HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Dropbox) (Version: 7.4.30 - Dropbox, Inc.)
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version:  - DVD Shrink)
Eraser 5.8.8 (HKLM\...\{B80CC46C-5839-4A48-B051-3CACF23A2718}_is1) (Version: Eraser 5.8.8 - The Eraser Project)
Extended Asian Language font pack for Adobe Reader XI (HKLM\...\{AC76BA86-7AD7-2530-0000-A00000000049}) (Version: 11.0.09 - Adobe Systems Incorporated)
FileZilla Client 3.2.7.1 (HKLM\...\FileZilla Client) (Version: 3.2.7.1 - )
Free HD Converter V 1.4 (HKLM\...\Free HD Converter_is1) (Version: 1.4.0.0 - Koyote Soft)
Free PDF to Word Converter 1.5 (HKLM\...\Free PDF to Word Converter_is1) (Version:  - Free-PDF-to-Word.com)
Free YouTube to MP3 Converter version 3.12.50.1111 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1111 - DVDVideoSoft Ltd.)
FRITZ!Powerline (HKLM\...\{F9C9378B-78D5-4CC0-8683-B7915DFEA9C5}) (Version: 01.00.65 - AVM Berlin)
Gigaset M100 Data (HKLM\...\Gigaset M100 Data) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
HDIPCamera V1.0.1.2 (HKLM\...\HDIPCamera_is1) (Version:  - HDIPCamera)
Helium (HKLM\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Help 2 Speak 1.2 (HKLM\...\Help 2 Speak for Windows Mobile Classic & Pro_is1) (Version:  - Arena Games Studios)
ImageMixer 3 SE (HKLM\...\{82C19692-571C-45D2-BAF2-278225787A35}) (Version: 3.00.038 - PIXELA)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
KeePass Password Safe 2.31 (HKLM\...\KeePassPasswordSafe2_is1) (Version: 2.31 - Dominik Reichl)
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
LightScribe System Software (HKLM\...\{DD6C316A-FE75-4FBB-9D22-4C1920232B72}) (Version: 1.18.5.1 - LightScribe)
Logitech Harmony Remote Software 7 (HKLM\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech SetPoint (HKLM\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
MCE Software Encoder 1.1 (HKLM\...\{7655E113-C306-11D9-A373-0050BAE317E1}) (Version: 1.1.0.1918 - CyberLink Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 de) (HKLM\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Thunderbird (2.0.0.23) (HKLM\...\Mozilla Thunderbird (2.0.0.23)) (Version: 2.0.0.23 (de) - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.1 - F.J. Wechselberger)
NetSurveillance (HKLM\...\NetSurveillance) (Version:  - )
Notepad++ (HKLM\...\Notepad++) (Version: 5.3.1 - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{DD1865F0-AD73-40FB-B23E-1822E02396FF}) (Version: 9.09.0203 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PC Connectivity Solution (HKLM\...\{4B28C077-9958-45F1-8BB4-CBF90A69AD4E}) (Version: 11.4.15.0 - Nokia)
PC Inspector File Recovery (HKLM\...\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}) (Version: 4.0 - )
PCSpeedUp Application (HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\3121358167.www.pcspeedup.com) (Version:  - www.pcspeedup.com) <==== ACHTUNG
PDF Architect (HKLM\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
PDVR (HKLM\...\PDVR168.5.5.26) (Version: 168.5.5.26 - Wapa)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Ravensburger tiptoi (HKLM\...\Ravensburger tiptoi) (Version:  - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5783 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.0.0.11011_16 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.0.0.11011_16 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SolidWorks eDrawings 2010 (HKLM\...\{059D6814-73F9-480B-B0B2-D6428F1C1F99}) (Version: 10.2.122 - Dassault Systèmes SolidWorks Corp.)
Sonos Controller (HKLM\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 31.3.22220 - Sonos, Inc.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Synology Assistant (remove only) (HKLM\...\Synology Assistant) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.24951 - TeamViewer)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update Manager (Version: 4.60 - Corel Corporation) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VTech Download Agent Library (Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (HKLM\...\VTechDownloadManager) (Version:  - VTech)
WebPlugin 1.0.3.39 (HKLM\...\WebPlugin) (Version: 1.0.3.39 - My company, Inc.)
Winamp (HKLM\...\Winamp) (Version: 5.56  - Nullsoft, Inc)
Windows 7 Upgrade Advisor (HKLM\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
Wireshark 1.8.5 (32-bit) (HKLM\...\Wireshark) (Version: 1.8.5 - The Wireshark developer community, hxxp://www.wireshark.org)
WISO Steuer-Sparbuch 2011 (HKLM\...\{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}) (Version: 18.00.6928 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2012 (HKLM\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2013 (HKLM\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM\...\{85B13DC2-AB8D-45E9-B0AB-ABE72EC66DD7}) (Version: 21.00.8480 - Buhl Data Service GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{9a1ff289-f2d3-55c6-993d-c7a95c923a04}\InprocServer32 -> C:\Program Files\VVVIPCamera\npRTPlayer.dll (RunTop)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{d3005645-a2c0-5fcf-b52e-40d1c93b6b46}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\WebPlugin\npnsstPlugin.dll (webnp)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Ck\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02AE60CC-4705-41A6-91E6-50ABF7D83302} - System32\Tasks\{268125EB-A08A-470F-B017-A0AF0455DCBC} => pcalua.exe -a C:\Users\Ck\Downloads\Active(1).exe -d C:\Users\Ck\Downloads
Task: {25198102-EC51-45EB-9E96-3F1A00598D7E} - System32\Tasks\{E442D925-062B-4048-92DD-81B6E5D4EBC7} => pcalua.exe -a C:\Users\Ck\Downloads\XDA-HTC\MyMobile123_06152008.exe -d C:\Users\Ck\Downloads\XDA-HTC
Task: {2A93CF91-7D23-4C00-AC9F-80B34E45359D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000UA => C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-02] (Dropbox, Inc.)
Task: {2D771066-A4F3-46BF-8CA3-9CAFDA14E3C5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {2E8F338E-D82C-4BE0-A37E-D30BC60BE7CD} - System32\Tasks\{DA74A66F-ED8F-4CB5-818F-EA45C9EEAD30} => pcalua.exe -a L:\Mail\portable_thunderbird_2.0.0.6_win_de\portablethunderbird.exe -d L:\Mail\portable_thunderbird_2.0.0.6_win_de
Task: {39704CCB-91C6-4FCE-ADB3-55BFC4B12B7E} - System32\Tasks\{25DFB1E6-A77D-4292-9046-FBC6E033A8D1} => pcalua.exe -a C:\Users\Ck\Desktop\cms_en_hbw_setup.exe -d C:\Users\Ck\Desktop
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {628D65C8-3315-4964-8E2E-A3333ECCF05F} - System32\Tasks\{1CC5E591-F6A7-4E18-8935-6150C7ADBBD3} => pcalua.exe -a "C:\Program Files\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {66813AAB-BC6C-4DF1-AD7C-1FA047F5CFBC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {6A8C4CC9-938F-4B6F-BF0F-DCD924790CEE} - System32\Tasks\{71F44B15-7CB1-4B86-BD60-D6CD264CF120} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.259/de/privacy
Task: {71CB78DC-3465-4B72-A2C5-F2347E83C5C7} - System32\Tasks\{69EF8CEA-F288-4F17-9417-BBF04DE439FB} => pcalua.exe -a C:\Users\Ck\Downloads\General_DeviceManage_V2.5.1.0.R.20141023.exe -d C:\Users\Ck\Downloads
Task: {720D1503-4901-4D3A-AE34-C2A846495526} - System32\Tasks\{D210CFB3-7484-4E0D-A07E-00A804913C1F} => pcalua.exe -a C:\Users\Ck\Downloads\XDA-HTC\RUU_Topaz_S_HTC_GER_2.16.407.1_Radio_Sign_Topaz_61.44tc.25.32_4.49.25.17_Ship.exe -d C:\Users\Ck\Downloads\XDA-HTC
Task: {786C056D-F7DD-4F91-A4C8-592D795E66B2} - System32\Tasks\{FDBDBBE2-3B9F-4E39-B60C-9A5E520FB6BE} => pcalua.exe -a C:\Users\Ck\AppData\Local\Temp\sp_setpoint.exe -d "C:\Program Files\Logitech\SetPoint" <==== ACHTUNG
Task: {7882BC03-0A35-4B7C-8824-612F8992586E} - System32\Tasks\{4930B6A3-896D-4B89-B490-928D2E8409F2} => pcalua.exe -a E:\setup.exe -d E:\
Task: {83A6087A-B895-43E6-8B49-141E3604079B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {8B570972-C515-4AA6-AA33-FD3720281B78} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {8F3C77A0-80DE-4FF6-AB16-9BEED1651B92} - System32\Tasks\{FBD2B4DA-3B72-4A59-A46D-20A920C322A0} => pcalua.exe -a C:\Users\Ck\Downloads\dotnetfx3setup.exe -d "C:\Program Files\Mozilla Firefox"
Task: {A1819EA4-5CA1-40C3-AD8F-82CE890AEEDB} - System32\Tasks\{226C3DB4-BC58-406E-843A-7343C8C18171} => pcalua.exe -a "C:\Users\Ck\Downloads\XDA-HTC\_HTC Touch Diamond2_RUU_Topaz_S_Vodafone_DE_2.16.162.1_Radio_Sign_Topaz_61.44tc.25.32_4.49.25.17_Ship.exe" -d C:\Users\Ck\Downloads\XDA-HTC
Task: {A3A35131-2635-4486-AB91-A5DD9BDD36F4} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {AFD815CF-6434-41A1-8ADE-2B62CF9B1F7C} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-20] (Google) <==== ACHTUNG
Task: {B58C017E-761D-451C-AB1A-D1879E73B069} - System32\Tasks\{4BD28B09-9A1B-4A69-BA90-67C98CB290E5} => pcalua.exe -a "C:\Users\Ck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UQLUDLP2\NewActive.exe" -d C:\Users\Ck\Desktop
Task: {B6D39B96-0714-4D74-BB26-3C28909655BF} - System32\Tasks\{723229ED-F780-4C7B-98CB-3F4C06D62E95} => pcalua.exe -a C:\Users\Ck\Desktop\Kamera\cms-2012.3.201\CMS-2012.3.20\CMS.exe -d C:\Users\Ck\Desktop\Kamera\cms-2012.3.201\CMS-2012.3.20
Task: {B7EDDC49-2A82-4201-99A1-2F0C4F4A7561} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1965394401-2103718357-1127923810-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {BD00CA6F-0897-4711-813F-89264B56E755} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {BEB85EF8-764D-4908-AAD9-0B659819E7FE} - System32\Tasks\{0E8F34EC-4494-4A2C-AFF3-11CA2F5B4C90} => pcalua.exe -a "C:\Users\Ck\Documents\Bedienungsanleitungen\Neuer Ordner\talk&amp;surf_6_0\instmsia.exe" -d "C:\Users\Ck\Documents\Bedienungsanleitungen\Neuer Ordner\talk&amp;surf_6_0"
Task: {C03989FD-EAF4-41A9-AF33-707D79307A78} - System32\Tasks\{7AF1BA91-2A03-4427-9720-C576FE3DD4F8} => pcalua.exe -a "C:\Program Files\DAEMON Tools Lite\uninst.exe" -d "C:\Program Files\DAEMON Tools Lite"
Task: {C146D4B7-1BE2-41D1-B2C5-C5A514E2BCF7} - System32\Tasks\{AE2FEAEC-AF5B-49E4-AEE0-D09143669355} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.259/de/abandoninstall?page=tsBing
Task: {C7C4EE56-B8AA-4351-81BD-0A6D455AC43B} - System32\Tasks\{6A6AB472-58DE-4906-B2C1-C452BD9DBA22} => pcalua.exe -a C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_146_Plugin.exe -c -maintain plugin
Task: {D89A30EF-DA26-4944-B61D-4241FE07E0D6} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1965394401-2103718357-1127923810-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {E29110D1-140F-4436-88B5-AE82F41F7645} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {E8232C5C-94D3-4837-90DC-746D038E2DF3} - System32\Tasks\{34D13FC3-38F9-492B-B933-0F652EB35694} => pcalua.exe -a C:\Users\Ck\Downloads\Active.exe -d C:\Users\Ck\Downloads
Task: {F2E8B3A8-A3BD-41F4-BA6E-7ADCA98B02F4} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-04-10] (Oracle Corporation)
Task: {F440BE00-829C-40EF-8625-F7DDE569FEE2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000Core => C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-02] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe <==== ACHTUNG
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000Core.job => C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000UA.job => C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe <==== ACHTUNG
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2007-06-05 13:20 - 2007-06-05 13:20 - 00177704 _____ () C:\Windows\system32\PSIService.exe
2009-04-22 16:09 - 2009-02-25 09:13 - 00247152 _____ () C:\Program Files\Cyberlink\Shared files\RichVideo.exe
2009-08-23 19:58 - 2009-08-23 19:58 - 00094208 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2009-05-29 21:58 - 2008-09-16 20:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2008-08-27 16:32 - 2008-08-27 16:32 - 00619816 _____ () C:\Program Files\HomeCinema\Power2Go\CLMediaLibrary.dll
2008-06-09 09:55 - 2008-06-09 09:55 - 00013096 _____ () C:\Program Files\HomeCinema\Power2Go\CLMLSvcPS.dll
2009-07-01 18:37 - 2009-07-01 18:37 - 00037888 _____ () C:\Program Files\Winamp\winampa.exe
2014-07-04 10:22 - 2014-06-20 08:42 - 00401280 _____ () C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
2014-07-04 10:22 - 2014-03-04 13:20 - 00117760 _____ () C:\Program Files\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2014-07-04 10:22 - 2014-04-22 04:14 - 00065536 _____ () C:\Program Files\VTech\DownloadManager\System\QHttpServer.dll
2014-07-04 10:22 - 2014-05-06 07:39 - 00861184 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\platforms\qwindows.dll
2014-07-04 10:22 - 2014-05-06 07:38 - 00021504 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qgif.dll
2014-07-04 10:22 - 2014-05-06 07:38 - 00020992 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qico.dll
2014-07-04 10:22 - 2014-05-06 07:38 - 00204800 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qjpeg.dll
2014-07-04 10:22 - 2014-05-06 12:44 - 00218112 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qmng.dll
2014-07-04 10:22 - 2014-05-06 07:58 - 00015872 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qsvg.dll
2014-07-04 10:22 - 2014-05-06 12:44 - 00015360 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qtga.dll
2014-07-04 10:22 - 2014-05-06 12:44 - 00307712 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qtiff.dll
2014-07-04 10:22 - 2014-05-06 12:44 - 00014848 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qwbmp.dll
2014-07-04 10:22 - 2014-05-06 08:31 - 00015872 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\sensors\qtsensors_dummy.dll
2014-07-04 10:22 - 2014-05-06 07:38 - 00036352 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\bearer\qgenericbearer.dll
2014-07-04 10:22 - 2014-05-06 07:38 - 00038912 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\bearer\qnativewifibearer.dll
2016-08-02 23:47 - 2016-08-02 23:47 - 00182272 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Commonc65c5a95#\97fe9e5d3c179b88a47a355e3d497461\Kies.Common.DeviceServiceLib.Interface.ni.dll
2016-08-02 23:47 - 2016-08-02 23:47 - 15017472 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\2b03fce391135d2616e3ca1f41e4d3f9\Kies.Theme.ni.dll
2016-08-02 23:47 - 2016-08-02 23:47 - 01899520 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\ed992385c10d33321704bbba68a32c66\Kies.UI.ni.dll
2016-08-02 23:47 - 2016-08-02 23:47 - 00079360 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\2904a13c0bdf6fab78e97ed5e5349855\Kies.MVVM.ni.dll
2016-08-02 23:47 - 2016-08-02 23:47 - 00233984 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\2ae6e946b06d8ca8c1f09e28006ac538\ASF_cSharpAPI.ni.dll
2014-08-25 06:39 - 2009-07-20 12:27 - 00017936 _____ () C:\Program Files\Logitech\SetPoint\khalwrapper.dll
2016-07-12 17:48 - 2016-06-30 04:25 - 00035792 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-08-07 17:57 - 2016-06-30 04:25 - 00145864 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-08-07 17:57 - 2016-06-30 04:26 - 00019408 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-08-07 17:57 - 2016-06-30 04:25 - 00116688 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-07-12 17:48 - 2016-06-30 04:25 - 00100296 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-06-25 09:52 - 2016-06-30 04:25 - 00018888 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\select.pyd
2016-06-25 09:52 - 2016-08-01 23:27 - 00019760 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-06-25 09:52 - 2016-06-30 04:25 - 00694224 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-08-07 17:57 - 2016-08-01 23:26 - 00020816 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-07-12 17:48 - 2016-06-30 04:26 - 00123856 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-08-07 17:57 - 2016-08-01 23:26 - 01682760 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-08-07 17:57 - 2016-08-01 23:26 - 00020808 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00021312 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00052024 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00038696 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-06-25 09:52 - 2016-06-30 04:27 - 00105928 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-08-07 17:57 - 2016-06-30 04:25 - 00392144 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-08-07 17:57 - 2016-06-30 04:27 - 00020936 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00024528 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00114640 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-06-25 09:52 - 2016-08-01 23:27 - 00381752 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00124880 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00025424 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-06-25 09:52 - 2016-06-30 04:27 - 00024016 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00175560 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00030160 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00043472 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00048592 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00026456 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00057808 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00024016 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-08-07 17:57 - 2016-08-01 23:26 - 00246592 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00028616 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-07-12 17:48 - 2016-08-01 23:27 - 00020800 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-07-12 17:48 - 2016-08-01 23:27 - 00019776 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-07-12 17:48 - 2016-08-01 23:27 - 00020800 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-07-12 17:48 - 2016-06-30 04:25 - 00144848 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-08-07 17:57 - 2016-06-30 04:26 - 00241104 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2016-08-07 17:57 - 2016-08-01 23:26 - 00020280 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-07-12 17:48 - 2016-08-01 23:27 - 00023376 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00350152 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-07-12 17:48 - 2016-08-01 23:27 - 00022352 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00024392 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-08-07 17:57 - 2016-06-30 04:28 - 00036296 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\librsync.dll
2016-08-07 17:57 - 2016-08-01 23:27 - 00084280 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-08-07 17:57 - 2016-08-01 23:27 - 01826096 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-06-25 09:52 - 2016-06-30 04:26 - 00083912 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\sip.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 03929392 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 01972016 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00531248 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00132912 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00224056 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00207672 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00020288 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd
2016-07-12 17:48 - 2016-06-30 04:27 - 00060880 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00024904 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00546096 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00357680 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00168248 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-08-07 17:57 - 2016-08-01 23:27 - 00042808 _____ () C:\Users\Ck\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\dyndns.org -> hxxp://fruechtemtz.dyndns.org
IE trusted site: HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\no-ip.org -> hxxp://teufelsbox.no-ip.org

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2006-11-02 12:23 - 2016-08-17 21:50 - 00001961 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

Da befinden sich 5 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.115.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{7ADE6780-8950-4568-AE42-156E26523817}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{21A2A72D-C72E-48F1-81DA-6DA6C22D8159}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{75A3EED0-6127-4849-9403-C0FB7996B247}] => (Allow) LPort=26675
FirewallRules: [{599FEA04-953A-40D2-9E33-8850A8AF5D82}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{317049B1-7474-4657-B639-180C2192B20D}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{46B83F69-94C7-495B-9F1D-B3E1A3403443}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{8E7DEC09-287A-4881-85A3-701E56D7F9E3}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{8522B942-7D77-4A85-9775-B0B13002DCD8}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [UDP Query User{85A74167-4A6B-43C0-B5CB-13278338AB69}E:\dvr v8.97\dvr\encode.exe] => (Allow) E:\dvr v8.97\dvr\encode.exe
FirewallRules: [TCP Query User{603E47FC-65E5-4244-9184-64B737B7A60A}E:\dvr v8.97\dvr\encode.exe] => (Allow) E:\dvr v8.97\dvr\encode.exe
FirewallRules: [UDP Query User{1D4156AD-EAC5-4103-9C53-228167735AA1}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{D5B3DD8A-548D-4477-9EAA-95262B1AA269}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{CA0F2C7F-986E-4C53-A52C-3EBD9267074A}C:\program files\pdvr\pdvr.exe] => (Allow) C:\program files\pdvr\pdvr.exe
FirewallRules: [TCP Query User{080598C6-ED4E-45F5-9FB7-677AB378C334}C:\program files\pdvr\pdvr.exe] => (Allow) C:\program files\pdvr\pdvr.exe
FirewallRules: [{72E75FBE-C146-4E5E-83F3-D28D0B210D50}] => (Allow) C:\Program Files\PURE Flow Server\twonkymediaserver.exe
FirewallRules: [{5A21343C-6687-4048-A8B2-2A7E87911F08}] => (Allow) C:\Program Files\PURE Flow Server\twonkymediaserver.exe
FirewallRules: [{B9B6546E-DBF0-40E0-A25E-07EB2C1A5449}] => (Allow) C:\Program Files\PURE Flow Server\twonkymediaserverwatchdog.exe
FirewallRules: [{4A7DDA3D-40C0-4FC6-81DD-0FEB9B07AF3F}] => (Allow) C:\Program Files\PURE Flow Server\twonkymediaserverwatchdog.exe
FirewallRules: [UDP Query User{3D8D522F-6C42-4FA2-A127-66DA0B637A2E}C:\program files\fritz!\frifax32.exe] => (Block) C:\program files\fritz!\frifax32.exe
FirewallRules: [TCP Query User{5DF8515A-676D-40BB-8352-3989E2D9E6E3}C:\program files\fritz!\frifax32.exe] => (Block) C:\program files\fritz!\frifax32.exe
FirewallRules: [{7360A445-A3CB-445A-A7DA-AB308364F275}] => (Allow) C:\Program Files\FRITZ!\igd_finder.exe
FirewallRules: [{AFA72526-5207-437D-9A9C-243B050D89D9}] => (Allow) C:\Program Files\FRITZ!\igd_finder.exe
FirewallRules: [UDP Query User{454A84A6-26BB-48AE-8E31-E67A875CD1CB}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [TCP Query User{8D5C2EC7-24D9-4ADA-A8A7-9DB1C572FCDD}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [UDP Query User{C1014B50-AF56-488F-903D-C92996D9CAD8}C:\users\ck\desktop\fritz.box_wlan_7390_84.04.84.recover-image.exe] => (Allow) C:\users\ck\desktop\fritz.box_wlan_7390_84.04.84.recover-image.exe
FirewallRules: [TCP Query User{31086841-A3ED-4164-B74E-3BC4A5745CE4}C:\users\ck\desktop\fritz.box_wlan_7390_84.04.84.recover-image.exe] => (Allow) C:\users\ck\desktop\fritz.box_wlan_7390_84.04.84.recover-image.exe
FirewallRules: [UDP Query User{28311615-6F20-478D-9805-E6AF9BA990B0}C:\users\ck\capitest.exe] => (Allow) C:\users\ck\capitest.exe
FirewallRules: [TCP Query User{C75E9A32-9B92-4135-9745-B1D7A517A62B}C:\users\ck\capitest.exe] => (Allow) C:\users\ck\capitest.exe
FirewallRules: [UDP Query User{7AAAAC3B-2EF3-4FC7-9E9F-4930BBCF0C4F}C:\program files\fritz!\frifax32.exe] => (Allow) C:\program files\fritz!\frifax32.exe
FirewallRules: [TCP Query User{3571DEE7-180D-460A-B99D-6598A17DDAA7}C:\program files\fritz!\frifax32.exe] => (Allow) C:\program files\fritz!\frifax32.exe
FirewallRules: [UDP Query User{0EA37256-1A6C-43AA-9B79-ED34D9AD86D6}C:\users\ck\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\ck\appdata\local\temp\_istmp1.dir\_ins5576._mp
FirewallRules: [TCP Query User{A2EE00DF-DA65-45C4-BD89-17ACE5BAF15E}C:\users\ck\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\ck\appdata\local\temp\_istmp1.dir\_ins5576._mp
FirewallRules: [UDP Query User{B5770EFC-5DD2-4FE2-98F0-71C0E0E5B583}C:\users\ck\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe] => (Allow) C:\users\ck\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe
FirewallRules: [TCP Query User{BF6008EA-FC83-4EAB-9024-C5F59AE5D3DD}C:\users\ck\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe] => (Allow) C:\users\ck\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe
FirewallRules: [UDP Query User{2708DB09-F52E-425B-BBD9-BFD51ACF273F}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [TCP Query User{798FA436-9103-436C-98B7-5B310751EF00}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [{94A1B95C-8BD9-49D7-9E59-975A0700D048}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [{5615D64E-F202-46C2-9C3F-1A5DE2EE756D}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [{3E6A057A-F868-4CC8-AE7F-B2DE4C7C267E}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{5A6A03BC-8AC5-482B-8A81-9DD1191C935A}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{F5D27E35-B63D-4456-B9EB-D364DB20C0E4}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{173BEF30-E791-4D07-BC0A-67B9E67DFF01}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{996748D8-A0A1-4DB6-B683-81E91CEA7370}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{0EC9DE4F-B1C3-4EBC-AE09-DC4EC7A1F21A}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [UDP Query User{878E3AB6-44C1-46E6-B568-F0117D8374B2}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{C6110339-8D5E-4F2D-BFE4-414D3F8DE6B0}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{E20F74A9-6056-4999-B500-7AAB54F89043}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [{C524683F-328A-467C-ACB5-A130E4568F30}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [UDP Query User{CA5855DA-53D5-4697-B811-A24FFDD4012D}C:\program files\synology\assistant\dsassistant.exe] => (Allow) C:\program files\synology\assistant\dsassistant.exe
FirewallRules: [TCP Query User{9DE8B423-B3A5-4F29-B155-DF31DE15D8E7}C:\program files\synology\assistant\dsassistant.exe] => (Allow) C:\program files\synology\assistant\dsassistant.exe
FirewallRules: [UDP Query User{238B0185-2155-471B-9425-DE106D3BDFC4}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{3B17293C-4C00-4881-9180-000B36F690C8}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{67031F9B-7197-41CC-B5E5-071B3E3AAAB8}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{0D69F73B-7BF1-40FC-BF4E-F263DD772249}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [{5D1A37DB-9536-4516-ABF4-F30B2C542D16}] => (Allow) LPort=26675
FirewallRules: [{7BC04F0B-A432-405C-9781-CF5D493E1D7B}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{8F6029F4-FD1F-40EF-9014-EEE098FA3215}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [UDP Query User{64B44A5C-73C4-4356-A671-7F09E17784AD}C:\program files\intuwave\shared\mrouterruntime\mrouterruntime.exe] => (Allow) C:\program files\intuwave\shared\mrouterruntime\mrouterruntime.exe
FirewallRules: [TCP Query User{2C362057-AA33-4E24-BED8-64DE3F9B91D4}C:\program files\intuwave\shared\mrouterruntime\mrouterruntime.exe] => (Allow) C:\program files\intuwave\shared\mrouterruntime\mrouterruntime.exe
FirewallRules: [{840ED993-7ABA-41B1-A0D3-496FC341389F}] => (Allow) LPort=26675
FirewallRules: [{8A6221CD-694D-4BE2-AF91-CF07C8389BBA}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{D892051C-056C-4FB3-9222-BAB0D91D525E}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{5C5D76A8-3840-4349-97B5-C5C189D9C722}] => (Allow) C:\Program Files\HomeCinema\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{02B1A3A3-E6F9-4601-A3B3-B8CEE05BE901}] => (Allow) C:\Program Files\HomeCinema\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{C6EB1591-5865-4589-89C2-E3915E42F284}] => (Allow) C:\Program Files\HomeCinema\PowerDirector\PDR.EXE
FirewallRules: [{44E3F3DA-D2F3-46F4-954A-4CD56F505E7E}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{56696065-60CE-4100-BBC1-68EBE5C1C3B0}] => (Allow) svchost.exe
FirewallRules: [{BDA30BF2-C41B-43AB-98ED-F5E0CEBCFB9F}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5B46585A-C0E7-4CCB-82FE-0B402D6E2D8A}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [TCP Query User{F041C875-D884-4721-88AE-EAEEB1AE6C37}E:\powerline utility\powerline scan\powerline scan.exe] => (Allow) E:\powerline utility\powerline scan\powerline scan.exe
FirewallRules: [UDP Query User{B0849B15-63AC-4D25-908D-BF27778AD19D}E:\powerline utility\powerline scan\powerline scan.exe] => (Allow) E:\powerline utility\powerline scan\powerline scan.exe
FirewallRules: [TCP Query User{CA8DB31F-C3F4-4B5D-9314-9AAF36C30AF4}C:\program files\pdvr\pdvr.exe] => (Allow) C:\program files\pdvr\pdvr.exe
FirewallRules: [UDP Query User{9A981ECF-A2C7-42D8-AD98-09669E5D306C}C:\program files\pdvr\pdvr.exe] => (Allow) C:\program files\pdvr\pdvr.exe
FirewallRules: [{0B5987A1-65A8-45A2-83B6-E4C32043AB48}] => (Allow) C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{2CCEA8DE-6165-4F72-81D8-C074E23BD01F}] => (Allow) C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{896B5766-6732-4338-B6F9-BFC31E6AD5A2}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{28B899BC-5A1B-43C4-A8B2-136E72F6AD86}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{577AC29F-7498-49BC-B51A-700BD45B6D16}] => (Allow) C:\Program Files\AVG\AVG2014\avgnsx.exe
FirewallRules: [{1C664FE5-209C-4E59-952F-8AA498DF9D38}] => (Allow) C:\Program Files\AVG\AVG2014\avgnsx.exe
FirewallRules: [{E4955CC9-D470-406C-9197-6A6A0964EB31}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{6F21AB69-04C5-49B6-B62C-BEAB94BBADE8}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe
FirewallRules: [TCP Query User{B14C26DC-59BF-4450-9A8E-517114A1B828}C:\users\ck\downloads\dcce2_150\dcc_e2.exe] => (Allow) C:\users\ck\downloads\dcce2_150\dcc_e2.exe
FirewallRules: [UDP Query User{B0477CBA-6117-4144-A3ED-A1F622840314}C:\users\ck\downloads\dcce2_150\dcc_e2.exe] => (Allow) C:\users\ck\downloads\dcce2_150\dcc_e2.exe
FirewallRules: [{3A51ED74-5852-4624-8D5B-3C7F27B34814}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{347B8B36-BF63-4117-8F74-59201E414E81}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{C0B052A0-EE5E-4F0F-B02C-9B39D690E289}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{4F123978-DDCC-4C7D-8983-C28F0AAC37C3}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{4CDA9912-8BCF-4A9C-8E93-1EB248EC814C}] => (Allow) C:\Users\Ck\AppData\Local\Temp\7zS497B.tmp\SymNRT.exe
FirewallRules: [{6593E86B-F059-4D27-93EE-42E62B37FB37}] => (Allow) C:\Users\Ck\AppData\Local\Temp\7zS497B.tmp\SymNRT.exe
FirewallRules: [{E078E7CD-4300-498A-8962-BB78FC59226D}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{B9DE3BB7-7CF1-4092-B18D-0A1C35594858}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{85F34518-7490-424B-8AB5-4F42419523BE}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{19CA2410-D39C-4F2E-9F64-7420B3FA291C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E26CE404-BD83-450C-960D-BC6FB43934DF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2DA798A6-223B-476D-8F79-813C9F93C735}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{25D52EF8-F436-4E35-8C52-EE52F2573908}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{E1996656-6977-4E9E-ADA7-3E160AECF691}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{443F9370-1E62-48A8-A632-A8C37F37BC2C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3BA3523F-3CCF-4AA2-8796-C02F3B10792C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{07BCA684-9F01-4175-84C5-1EF94BBB8441}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{6A713E75-8990-4BC2-B421-187DD1B01F9B}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [TCP Query User{C153EA66-1D83-49F9-A95E-425139115092}C:\users\ck\appdata\local\temp\rar$ex00.352\powerline scan.exe] => (Block) C:\users\ck\appdata\local\temp\rar$ex00.352\powerline scan.exe
FirewallRules: [UDP Query User{A27F579C-298D-49FE-B298-B60ADDA8BA97}C:\users\ck\appdata\local\temp\rar$ex00.352\powerline scan.exe] => (Block) C:\users\ck\appdata\local\temp\rar$ex00.352\powerline scan.exe
FirewallRules: [TCP Query User{B02F92D4-281E-48DF-AB03-EF43E5EAC785}C:\users\ck\downloads\powerline_scan\powerline scan.exe] => (Block) C:\users\ck\downloads\powerline_scan\powerline scan.exe
FirewallRules: [UDP Query User{AF9BFE9A-4654-4ED8-B114-CFC27FF91AD1}C:\users\ck\downloads\powerline_scan\powerline scan.exe] => (Block) C:\users\ck\downloads\powerline_scan\powerline scan.exe
FirewallRules: [{09F80C0D-913B-4F46-A587-6817106CEBE8}] => (Allow) C:\Program Files\Sonos\Sonos.exe
FirewallRules: [{EFCC012B-F4D9-46E6-993B-9945C0DB520E}] => (Allow) C:\Program Files\Sonos\Sonos.exe
FirewallRules: [TCP Query User{DC10596F-6D4D-416E-942C-2C48DFF69592}C:\program files\device manager\devicemanage.exe] => (Allow) C:\program files\device manager\devicemanage.exe
FirewallRules: [UDP Query User{8C425570-FA19-4772-8083-9F301306B1FE}C:\program files\device manager\devicemanage.exe] => (Allow) C:\program files\device manager\devicemanage.exe
FirewallRules: [{51718A97-F258-4584-AB8B-ACC380823A66}] => (Block) C:\program files\device manager\devicemanage.exe
FirewallRules: [{3D87C3A0-A733-41A7-9E8E-3ABD89667C6B}] => (Block) C:\program files\device manager\devicemanage.exe
FirewallRules: [TCP Query User{DD1F36BE-AAB9-4E09-8DFE-A296265C0A48}E:\lupusipfinder\lupusipfinder.exe] => (Allow) E:\lupusipfinder\lupusipfinder.exe
FirewallRules: [UDP Query User{F7E647C6-B35C-4745-B8D3-B43F8CD93F75}E:\lupusipfinder\lupusipfinder.exe] => (Allow) E:\lupusipfinder\lupusipfinder.exe
FirewallRules: [{6D852816-5AFB-4412-9C7F-9557CE3B9D87}] => (Block) E:\lupusipfinder\lupusipfinder.exe
FirewallRules: [{68A50DFD-454B-42E6-A718-0E8812760048}] => (Block) E:\lupusipfinder\lupusipfinder.exe
FirewallRules: [TCP Query User{3E0A1CB6-3E43-4D11-AE44-FEDDD1706D7F}C:\users\ck\downloads\qd300wifi,qd900wifi,q6320wifi\qd300wifi,qd900wifi,q6320wifi\ip search tool\ipcsearch.exe] => (Block) C:\users\ck\downloads\qd300wifi,qd900wifi,q6320wifi\qd300wifi,qd900wifi,q6320wifi\ip search tool\ipcsearch.exe
FirewallRules: [UDP Query User{84CBC649-C200-4A8A-8825-18526A177F74}C:\users\ck\downloads\qd300wifi,qd900wifi,q6320wifi\qd300wifi,qd900wifi,q6320wifi\ip search tool\ipcsearch.exe] => (Block) C:\users\ck\downloads\qd300wifi,qd900wifi,q6320wifi\qd300wifi,qd900wifi,q6320wifi\ip search tool\ipcsearch.exe
FirewallRules: [{E66B4D10-CEED-4700-99B2-0094DC3352D9}] => (Block) C:\users\ck\downloads\qd300wifi,qd900wifi,q6320wifi\qd300wifi,qd900wifi,q6320wifi\ip search tool\ipcsearch.exe
FirewallRules: [TCP Query User{0BFB32C7-CD29-46DB-8CA2-141F86B9A937}C:\users\ck\downloads\ipcamsearch.exe] => (Allow) C:\users\ck\downloads\ipcamsearch.exe
FirewallRules: [UDP Query User{FE7D0C21-5AB8-472D-B50F-B30045A1368B}C:\users\ck\downloads\ipcamsearch.exe] => (Allow) C:\users\ck\downloads\ipcamsearch.exe
FirewallRules: [{A97A3298-81B9-44EA-A54A-57461C60B58B}] => (Block) C:\users\ck\downloads\ipcamsearch.exe
FirewallRules: [{C42B7E11-A936-4661-87FF-3B6B4FC433CC}] => (Block) C:\users\ck\downloads\ipcamsearch.exe
FirewallRules: [{75AA3BEB-790A-4FA6-8D9A-32FCCBCF4870}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7

==================== Wiederherstellungspunkte =========================

02-08-2016 23:24:25 Windows Update
15-08-2016 22:57:34 Geplanter Prüfpunkt
17-08-2016 21:10:54 Windows Update
17-08-2016 22:17:04 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: sptd
Description: sptd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: sptd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: 802.11 n/g/b-Drahtlos-LAN-USB-Adapter
Description: 802.11 n/g/b-Drahtlos-LAN-USB-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: AzureWave Technologies, Inc.
Service: netr28u
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/18/2016 05:36:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2016 10:08:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2016 10:01:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2016 09:50:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2016 06:36:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2016 05:55:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/15/2016 08:43:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2016 09:01:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2016 08:21:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/10/2016 05:55:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (08/18/2016 05:34:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
sptd

Error: (08/18/2016 05:34:09 PM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.

Error: (08/17/2016 10:06:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
sptd

Error: (08/17/2016 10:06:17 PM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.

Error: (08/17/2016 10:01:35 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056 = Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (08/17/2016 10:01:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/17/2016 10:01:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/17/2016 10:01:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CyberGhost VPN 5 Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/17/2016 10:01:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "TeamViewer 9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/17/2016 10:01:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ByteFence Security Real-time Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2013-05-31 12:34:57.912
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-31 12:34:57.633
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-31 12:34:57.351
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-31 12:34:57.071
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-31 12:34:56.775
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-31 12:20:23.148
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-31 12:20:22.853
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-31 12:20:22.566
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-31 12:20:22.271
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-31 12:20:21.976
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 3326.18 MB
Verfügbarer physikalischer RAM: 1705.2 MB
Summe virtueller Speicher: 6650.68 MB
Verfügbarer virtueller Speicher: 5069.27 MB

==================== Laufwerke ================================

Drive c: (BOOT) (Fixed) (Total:911.51 GB) (Free:114.47 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:8.84 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F98D6E74)
Partition 1: (Active) - (Size=911.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)

==================== Ende vom Addition.txt ============================
         
halli hallo ,

da sind Sie.
DANKE

Alt 20.08.2016, 12:52   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
IRCBot Virut  wohl auf einem meiner Computer, informierte mich die T-Com - Standard

IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    PCSpeedUp Application

  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 21.08.2016, 10:15   #15
timercp
 
IRCBot Virut  wohl auf einem meiner Computer, informierte mich die T-Com - Standard

IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com



Hallo Cosinus

habe ich deinstalliert[
CODE]
FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 20-08-2016
durchgeführt von Ck (Administrator) auf CK-PC (21-08-2016 11:10:50)
Gestartet von C:\Users\Ck\Desktop
Geladene Profile: Ck (Verfügbare Profile: Ck)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(AVM GmbH) C:\Program Files\FRITZ!Powerline\PowerlineService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
() C:\Windows\System32\PSIService.exe
() C:\Program Files\Cyberlink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(cyberlink) C:\Program Files\Cyberlink\Shared files\brs.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CyberLink) C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(CANON INC.) C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
() C:\Program Files\Winamp\winampa.exe
() C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Dropbox, Inc.) C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6724128 2009-02-03] (Realtek Semiconductor)
HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [13687328 2009-03-27] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] => C:\Windows\system32\NvMcTray.dll [92704 2009-03-27] (NVIDIA Corporation)
HKLM\...\Run: [BDRegion] => C:\Program Files\Cyberlink\Shared Files\brs.exe [75048 2009-03-30] (cyberlink)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1848648 2008-03-17] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-10] (CANON INC.)
HKLM\...\Run: [CLMLServer] => C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe [104936 2008-07-18] (CyberLink)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-09] (Intel Corporation)
HKLM\...\Run: [IJNetworkScanUtility] => C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [128352 2007-11-19] (CANON INC.)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [37888 2009-07-01] ()
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [AgentMonitor] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe [401280 2014-06-20] ()
HKLM\...\Run: [CloneCDTray] => C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [57344 2006-09-28] (SlySoft, Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [55824 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [2745544 2016-01-09] (Dominik Reichl)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-07-20] (Logitech, Inc.)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560 2014-01-23] (Samsung Electronics)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Run: [Dropbox Update] => C:\Users\Ck\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-02] (Dropbox, Inc.)
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\MountPoints2: {1284c770-c9ed-11e2-9b24-806e6f6e6963} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\LIESMICH.htm
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\MountPoints2: {59f93d6c-02b1-11e3-a5d9-00242178ad0f} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\MountPoints2: {5f1d01bd-90f0-11e3-99cf-00242178ad0f} - K:\DTVP_Launcher.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-06-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ck\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2014-08-25]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\Ck\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2009-11-27]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.115.100
Tcpip\..\Interfaces\{50C94D7A-C5DB-415C-8678-3F7462EF05FF}: [DhcpNameServer] 192.168.115.100
Tcpip\..\Interfaces\{E5D46DBA-07F2-4849-956E-461E87395D8B}: [DhcpNameServer] 192.168.115.100

Internet Explorer:
==================
HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {5C0E257E-9DFE-4955-AA93-0A9B166BAB50} hxxp://192.168.115.107:5000/surveillance/object/SSObject.cab
DPF: {8214B72E-B0CD-466E-A44D-1D54D926038D} hxxp://kaysercam.dyndns.org/AVC_AX_724.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {FD3BEB0C-AB43-4253-9146-C371D48FBE0D} hxxp://kaysercam.dyndns.org/web.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  Keine Datei
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default
FF NewTab: about:newtab
FF Homepage: Google
FF Keyword.URL: user_pref("keyword.URL", true);
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2009-03-19] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2013-07-22] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [Keine Datei]
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-20] (Google)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-02] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin: JFGuide -> C:\Program Files\NetSurveillance\CMS\npGuide.dll [2016-01-12] ()
FF Plugin: JFWeb -> C:\Program Files\NetSurveillance\CMS\npWebPlugin.dll [2014-09-11] ()
FF Plugin HKU\S-1-5-21-1965394401-2103718357-1127923810-1000: runtop.com/RTPlayer -> C:\Program Files\VVVIPCamera\npRTPlayer.dll [2015-09-08] (RunTop)
FF Plugin HKU\S-1-5-21-1965394401-2103718357-1127923810-1000: webnp/nsstPlugin -> C:\Users\Ck\AppData\Roaming\WebPlugin\npnsstPlugin.dll [2015-08-08] (webnp)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npEModelPlugin.dll [2009-12-09] (Dassault Systèmes SolidWorks Corp.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-02-06] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-04-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-04-13] (Apple Inc.)
FF SearchPlugin: C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\searchplugins\footiefox.xml [2009-12-31]
FF Extension: FootieFox - C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\extensions\{9fb7d178-155a-4318-9173-1a8eaaea7fe4}.xpi [2016-04-05]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2013-05-31] [ist nicht signiert]
FF Extension: AniWeather - C:\Users\Ck\AppData\Roaming\Mozilla\Firefox\Profiles\6w2vefvb.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2016-04-27]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-05-31] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-09-02] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => nicht gefunden
FF HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [ist nicht signiert]
FF HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] - C:\Program Files\BullGuard Ltd\BullGuard\antispam\tbspamfilter => nicht gefunden
FF HKU\S-1-5-21-1965394401-2103718357-1127923810-1000\...\Thunderbird\Extensions: [{380AE6CB-09B9-4373-B360-D01C2462A6E7}] - C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin => nicht gefunden

Chrome: 
=======
CHR Profile: C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (YouTube) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-13]
CHR Extension: (Google Search) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-13]
CHR Extension: (RealDownloader) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-12-24]
CHR Extension: (Google Wallet) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-13]
CHR Extension: (Gmail) - C:\Users\Ck\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-13]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [255904 2012-11-28] (AVM Berlin)
R2 AVMPowerlineService; C:\Program Files\FRITZ!Powerline\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [Datei ist nicht signiert]
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [122272 2012-11-28] (AVM Berlin)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64112 2014-01-16] (CyberGhost S.R.L)
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2014-01-23] (Teruten) [Datei ist nicht signiert]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-05-18] (Hewlett-Packard Company) [Datei ist nicht signiert]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [155488 2013-06-10] (AVM Berlin)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [247152 2009-02-25] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [632832 2011-03-21] (Nokia) [Datei ist nicht signiert]
S3 SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2010-02-24] (SolidWorks) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
S3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-12-06] (Disc Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [34760 2007-02-16] (SlySoft, Inc.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [25160 2007-08-07] (Elaborate Bytes AG)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2014-01-23] () [Datei ist nicht signiert]
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28560 2009-06-17] (Logitech, Inc.)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-14] (Ralink Technology Corp.)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [334712 2011-07-05] (AVM Berlin)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2009-05-29] (Duplex Secure Ltd.)
S3 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [Datei ist nicht signiert]
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\HomeCinema\PowerDVD9\000.fcl [87536 2009-03-30] (CyberLink Corp.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-21 11:04 - 2016-08-21 11:04 - 00001195 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2016-08-21 11:04 - 2016-08-21 11:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-08-21 11:04 - 2016-08-21 11:04 - 00000000 ____D C:\Program Files\VS Revo Group
2016-08-21 11:02 - 2016-08-21 11:02 - 07093624 _____ (VS Revo Group ) C:\Users\Ck\Desktop\revosetup_2.0.exe
2016-08-19 19:42 - 2016-08-21 11:10 - 00000000 ____D C:\Users\Ck\Desktop\FRST-OlderVersion
2016-08-17 22:19 - 2016-08-17 22:19 - 00008582 _____ C:\Users\Ck\Desktop\JRT.txt
2016-08-17 21:52 - 2016-08-18 19:33 - 00000000 ____D C:\AdwCleaner
2016-08-17 21:13 - 2016-08-17 21:13 - 01610560 _____ (Malwarebytes) C:\Users\Ck\Desktop\JRT.exe
2016-08-17 21:09 - 2016-07-08 17:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-08-17 21:08 - 2016-08-17 21:08 - 03784256 _____ C:\Users\Ck\Desktop\AdwCleaner_6.000.exe
2016-08-15 21:29 - 2016-08-15 21:29 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-15 21:28 - 2016-08-17 20:51 - 00000000 ____D C:\Users\Ck\Desktop\mbar
2016-08-15 21:28 - 2016-08-17 20:51 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-08-15 21:28 - 2016-08-17 18:38 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-15 21:28 - 2016-08-17 18:37 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-08-15 21:27 - 2016-08-15 21:27 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Ck\Desktop\mbar-1.09.3.1001.exe
2016-08-15 20:55 - 2016-08-02 16:08 - 00346312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-15 20:55 - 2016-08-02 08:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-08-15 20:55 - 2016-08-02 08:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-08-15 20:55 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-15 20:55 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-15 20:55 - 2016-08-02 07:51 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-08-15 20:55 - 2016-08-02 07:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-08-15 20:55 - 2016-08-02 07:51 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-08-15 20:55 - 2016-08-02 07:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-08-15 20:55 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-15 20:55 - 2016-08-02 07:45 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-08-15 20:55 - 2016-08-02 07:44 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-08-15 20:55 - 2016-08-02 07:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-15 20:55 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-15 20:55 - 2016-08-02 07:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-08-15 20:55 - 2016-08-02 07:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-08-15 20:55 - 2016-08-02 07:41 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-08-15 20:55 - 2016-08-02 07:36 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-08-15 20:55 - 2016-08-02 07:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-08-15 20:55 - 2016-08-02 07:29 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-08-15 20:55 - 2016-08-02 07:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-08-15 20:55 - 2016-08-02 07:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-08-15 20:55 - 2016-08-02 07:25 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-08-15 20:55 - 2016-08-02 07:24 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-08-15 20:55 - 2016-08-02 07:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-08-15 20:55 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-15 20:55 - 2016-08-02 07:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-08-15 20:55 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-15 20:55 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-15 20:55 - 2016-08-02 07:14 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-08-15 20:55 - 2016-08-02 07:14 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-15 20:55 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-15 20:55 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-15 20:55 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-15 20:55 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-15 20:55 - 2016-07-08 17:22 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-15 20:55 - 2016-07-08 17:22 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-08-15 20:55 - 2016-07-08 17:16 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-08-15 20:55 - 2016-07-08 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-08-15 20:55 - 2016-07-08 16:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-08-15 20:55 - 2016-07-08 16:53 - 02399232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-15 20:55 - 2016-07-08 16:51 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-08-15 20:55 - 2016-07-08 16:51 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-08-15 20:55 - 2016-07-08 16:51 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-08-15 20:55 - 2016-07-08 16:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-08-15 20:55 - 2016-07-08 16:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-08-15 20:55 - 2016-07-08 16:50 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-08-11 20:50 - 2016-08-11 20:56 - 00221242 _____ C:\TDSSKiller.3.1.0.11_11.08.2016_20.50.46_log.txt
2016-08-11 20:29 - 2016-08-19 19:44 - 00074819 _____ C:\Users\Ck\Desktop\Addition.txt
2016-08-11 20:29 - 2016-08-11 20:29 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Ck\Desktop\tdsskiller.exe
2016-08-11 20:28 - 2016-08-21 11:11 - 00022063 _____ C:\Users\Ck\Desktop\FRST.txt
2016-08-11 20:28 - 2016-08-21 11:10 - 00000000 ____D C:\FRST
2016-08-11 20:26 - 2016-08-21 11:10 - 01745920 _____ (Farbar) C:\Users\Ck\Desktop\FRST.exe
2016-08-07 21:49 - 2016-08-07 21:49 - 06870919 _____ C:\Users\Ck\Downloads\General_HZXM_IPC_HI3516C_53H20L_S38_V4.02.R11.20150812_ALL.bin
2016-08-07 21:49 - 2016-08-07 21:49 - 04183898 _____ () C:\Users\Ck\Downloads\General_DeviceManage_V2.5.1.0.R.20141023(1).exe
2016-08-07 17:57 - 2016-08-07 17:57 - 00000000 ____D C:\Users\Ck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-04 13:43 - 2016-08-04 13:44 - 00144201 _____ C:\Users\Ck\Downloads\ResetConfig(1).zip
2016-08-04 11:53 - 2016-08-04 11:53 - 00067181 _____ C:\Users\Ck\Downloads\Mitteilung_777964016_vom_30.07.2016_20160804115330.pdf
2016-08-04 11:52 - 2016-08-04 11:52 - 00077226 _____ C:\Users\Ck\Downloads\Kontoauszug_777964016__Nr.0072016_vom_30.07.2016_20160804115248.pdf
2016-08-02 23:23 - 2016-06-25 22:01 - 00037096 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-08-02 23:23 - 2016-06-25 21:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 01004544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-08-02 23:23 - 2016-06-25 21:53 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-08-02 23:23 - 2016-06-25 21:42 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-08-02 23:23 - 2016-06-25 21:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-08-02 23:23 - 2016-06-25 21:41 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-08-02 23:23 - 2016-06-22 15:06 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 01288192 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-08-02 23:23 - 2016-06-17 20:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-23 09:35 - 2016-07-23 09:43 - 00000000 ____D C:\Users\Ck\Desktop\vom S Rechner

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-21 11:10 - 2013-05-31 15:45 - 01627884 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-21 11:10 - 2009-07-14 10:47 - 00702602 _____ C:\Windows\system32\perfh007.dat
2016-08-21 11:10 - 2009-07-14 10:47 - 00150242 _____ C:\Windows\system32\perfc007.dat
2016-08-21 11:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-08-21 11:00 - 2013-08-27 22:54 - 00000000 ___RD C:\Users\Ck\Dropbox
2016-08-21 10:59 - 2013-12-24 16:34 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-21 10:59 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-19 20:25 - 2014-02-14 17:28 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-19 19:57 - 2013-12-24 16:34 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-19 19:55 - 2015-07-02 12:04 - 00001212 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000UA.job
2016-08-19 16:55 - 2015-07-02 12:04 - 00001160 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1965394401-2103718357-1127923810-1000Core.job
2016-08-19 16:47 - 2013-05-31 14:28 - 00019696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-19 16:47 - 2013-05-31 14:28 - 00019696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-19 10:37 - 2009-05-29 15:19 - 00000868 _____ C:\Windows\Tasks\Google Software Updater.job
2016-08-18 18:11 - 2015-07-25 13:18 - 00000000 ____D C:\Windows\rescache
2016-08-17 22:02 - 2013-05-31 15:55 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-08-17 21:50 - 2009-07-14 06:33 - 00462680 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-17 21:23 - 2013-07-13 10:16 - 00000000 ____D C:\Windows\system32\MRT
2016-08-17 21:15 - 2013-06-12 08:33 - 144884648 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-17 20:22 - 2013-01-27 16:28 - 00000000 ____D C:\Users\Ck\AppData\Local\ElevatedDiagnostics
2016-08-17 18:34 - 2015-07-02 11:13 - 00000000 ____D C:\Users\Ck\AppData\Local\Avg
2016-08-17 18:34 - 2010-12-05 13:36 - 00000000 ____D C:\ProgramData\MFAData
2016-08-17 18:14 - 2015-11-03 18:04 - 00000000 ____D C:\Users\Ck\AppData\Local\AvgSetupLog
2016-08-17 18:14 - 2013-07-29 19:22 - 00000000 ____D C:\ProgramData\AVG
2016-08-17 18:14 - 2010-12-05 14:05 - 00000000 ____D C:\Program Files\AVG
2016-08-15 21:03 - 2013-12-24 16:34 - 00002137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-07 21:50 - 2016-03-30 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Device Manager
2016-08-07 21:50 - 2014-10-24 12:20 - 00028088 _____ C:\Program Files\Device Manager Setup Log.txt
2016-08-07 21:50 - 2014-10-24 12:20 - 00001921 _____ C:\Users\Ck\Desktop\DeviceManage.lnk
2016-08-07 21:50 - 2014-10-24 12:20 - 00000000 ____D C:\Program Files\Device Manager
2016-08-07 18:25 - 2015-03-10 11:41 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2016-08-07 17:58 - 2013-08-27 22:51 - 00000000 ____D C:\Users\Ck\AppData\Roaming\Dropbox
2016-08-02 23:56 - 2014-12-17 07:19 - 00000000 ____D C:\Windows\system32\appraiser
2016-08-02 23:56 - 2009-07-14 10:56 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-02 21:40 - 2015-12-03 21:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-26 14:24 - 2009-10-02 17:47 - 00406184 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-23 17:25 - 2009-07-18 19:43 - 00000000 ____D C:\Users\Ck\AppData\Roaming\Winamp

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-10-24 12:20 - 2016-08-07 21:50 - 0028088 _____ () C:\Program Files\Device Manager Setup Log.txt
2014-05-17 08:51 - 2014-06-23 07:14 - 0000000 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2009-07-21 21:13 - 2013-12-06 10:54 - 0000192 _____ () C:\Users\Ck\AppData\Roaming\default.rss
2013-12-24 21:53 - 2014-06-17 19:16 - 0000942 _____ () C:\Users\Ck\AppData\Local\cookies.ini
2013-12-22 15:07 - 2016-06-15 17:46 - 0012800 _____ () C:\Users\Ck\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-04 08:02 - 2014-02-04 08:02 - 0000085 ___SH () C:\ProgramData\.zreglib

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Ck\CAPITEST.exe


Einige Dateien in TEMP:
====================
C:\Users\Ck\AppData\Local\Temp\avg-ab4dcb36-a3b8-453e-95d0-3f1420a65049.exe
C:\Users\Ck\AppData\Local\Temp\avg-bf27893e-44c6-483e-af63-2236c14e051a.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_08130619252.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_08156097866.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_081642210183.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_081744902659.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_081845444654.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_081907132559.exe
C:\Users\Ck\AppData\Local\Temp\avguirn_08544418719.exe
C:\Users\Ck\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfipkzx.dll
C:\Users\Ck\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Ck\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Ck\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\Ck\AppData\Local\Temp\NEventMessages.dll
C:\Users\Ck\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Ck\AppData\Local\Temp\oi_{8E29BDD6-B734-427A-9492-304AB40FB8F2}.exe
C:\Users\Ck\AppData\Local\Temp\sp_setpoint.exe
C:\Users\Ck\AppData\Local\Temp\stubhelper.dll
C:\Users\Ck\AppData\Local\Temp\uninst1.exe
C:\Users\Ck\AppData\Local\Temp\UNINSTALL.EXE


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-08-17 20:15

==================== Ende vom FRST.txt ============================
         
--- --- ---

Antwort

Themen zu IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com
brief, bytefence, compu, computer, crazy, frst.txt, hallo zusammen, hilfe, ircbot, liebe, lieben, secure search, t-com, virut, wieder weg, zusammen



Ähnliche Themen: IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com


  1. Internet [ W-Lan ] laggt total nur an einem bestimmten Computer
    Plagegeister aller Art und deren Bekämpfung - 22.02.2015 (9)
  2. Warscheinlich ist mein PC von einem Rootkit befallen. Wie entferne ich den und wie schütze ich mich richtig?
    Alles rund um Windows - 08.10.2013 (2)
  3. Computer hängt eventuell in einem Bot-Netz
    Plagegeister aller Art und deren Bekämpfung - 21.09.2013 (13)
  4. Hallo, auf einem meiner Rechner hat sich ein Trojaner eingenistet, der den PC sperrt mit der Seite 'Bundesamt für Sicherheit in der Informa
    Log-Analyse und Auswertung - 22.07.2013 (20)
  5. Computer wird in meiner Abwesenheit ferngesteuert. Virus/Malware?
    Plagegeister aller Art und deren Bekämpfung - 09.06.2013 (3)
  6. Mich hats erwischt... wohl etwas mit windows recovery
    Log-Analyse und Auswertung - 04.05.2012 (1)
  7. mich wohl oder übel auch...(TR/Kazy.mekml.1)
    Log-Analyse und Auswertung - 06.05.2011 (1)
  8. TR/Kazy.mekml.1 - Mich hat es wohl auch erwischt!
    Plagegeister aller Art und deren Bekämpfung - 01.05.2011 (13)
  9. hacked by computername-da hats mich wohl auch erwischt
    Log-Analyse und Auswertung - 13.10.2010 (35)
  10. Brauche Hile bei einem Virus der mich beim Einloggen des WXP Kontos sofort ausloggt
    Plagegeister aller Art und deren Bekämpfung - 28.09.2010 (1)
  11. Internet geht seit kurzem nurnoch auf einem meiner beiden PC`s - Hilfe bitte!
    Plagegeister aller Art und deren Bekämpfung - 03.08.2009 (6)
  12. Chaos im Computer meiner Untermieterin
    Log-Analyse und Auswertung - 12.09.2007 (2)
  13. habe ein problem mit einem trojaner, isomini.exe oder so ähnlich -kenn mich nicht aus
    Log-Analyse und Auswertung - 13.04.2007 (2)
  14. Mich hat es wohl erwischt
    Log-Analyse und Auswertung - 01.12.2005 (1)
  15. Jetzt hat es mich wohl auch erwischt...
    Plagegeister aller Art und deren Bekämpfung - 07.12.2004 (2)
  16. Mich hat's auch wohl erwischt...
    Log-Analyse und Auswertung - 28.10.2004 (8)
  17. Auch mich hats wohl erwischt. :-(
    Log-Analyse und Auswertung - 23.10.2004 (21)

Zum Thema IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com - Hallo zusammen, habe nun den zweiten Brief von der T Com bekommen, das bei mir wohl ein Virus/Tjojaner am Werk ist. Nach Rückruf wurde mir der Name IRCBOT VIRUT genannt. - IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com...
Archiv
Du betrachtest: IRCBot Virut wohl auf einem meiner Computer, informierte mich die T-Com auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.