Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Mirai botnet Brief vom Telekom Sicherheitswarnung

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 27.04.2017, 23:14   #1
inesa394
 
Mirai botnet Brief vom Telekom Sicherheitswarnung - Standard

Mirai botnet Brief vom Telekom Sicherheitswarnung



Hallo
ich habe einen Brief(2xmal) von der Telekom bekommen mit einer Sicheheitswarnung zu meinem Internetzugang. Als ich bei der Hotline genau nachfragte was genau für eine Bedrohung wurde mir gesagt ich bin Mitglied beim Mirai Botnet . Da ich mehrere PC Laptops Handys zu Hause habe wollte ich fragen wie ich diesen Schädling wieder losbekomme. Ich habe eine Fritzbox zu Hause wo sich die clienten per Wlan oder Kabel ins Internet einwählen können.
Was ich bisher gemacht habe Malwarebytes und AwdCleaner die auch was gefunden hatten
nur nicht in Zusammenhang mit diesen Mirai Bot. Da ich heute das zweite mal Post bekommen habe weiß ich nicht weiter was man noch machen kann.
Deshalb mein Hilfe ersuchen hier

Mfg Ines

Kann den keiner was zu den Mirai Botnet sagen ?? und wie man den wieder los wird

Alt 28.04.2017, 14:45   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mirai botnet Brief vom Telekom Sicherheitswarnung - Standard

Mirai botnet Brief vom Telekom Sicherheitswarnung



Zitat:
Was ich bisher gemacht habe Malwarebytes und AwdCleaner die auch was gefunden hatten
und Logs dazu?


Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 29.04.2017, 12:45   #3
inesa394
 
Mirai botnet Brief vom Telekom Sicherheitswarnung - Standard

Mirai botnet Brief vom Telekom Sicherheitswarnung



Laptop mit Windows 10
AWD
Code:
ATTFilter
# AdwCleaner v6.046 - Bericht erstellt am 27/04/2017 um 17:04:28
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-04-25.1 [Server]
# Betriebssystem : Windows 10 Home  (X86)
# Benutzername : mikelsoft - MIKELSOFT-LAPTO
# Gestartet von : C:\Users\mikelsoft\Desktop\adwcleaner_6.046.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

Keine schädlichen Dienste gefunden.


***** [ Ordner ] *****

Ordner Gefunden: C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjndloejlcbpkholmagjbddfkjmmploh


***** [ Dateien ] *****

Datei Gefunden: C:\WINDOWS\unins000.dat
Datei Gefunden: C:\WINDOWS\unins000.exe
Datei Gefunden: C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gjndloejlcbpkholmagjbddfkjmmploh_0.localstorage
Datei Gefunden: C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gjndloejlcbpkholmagjbddfkjmmploh_0.localstorage-journal


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - gjndloejlcbpkholmagjbddfkjmmploh
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - oadboiipflhobonjjffjbfekfjcgkhco
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hxxp://search.orbitdownloader.com/

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1580 Bytes] - [25/10/2015 14:55:05]
C:\AdwCleaner\AdwCleaner[C2].txt - [2796 Bytes] - [22/09/2016 13:05:31]
C:\AdwCleaner\AdwCleaner[C3].txt - [2274 Bytes] - [18/11/2016 17:24:27]
C:\AdwCleaner\AdwCleaner[C4].txt - [2418 Bytes] - [07/04/2017 21:06:30]
C:\AdwCleaner\AdwCleaner[S1].txt - [1490 Bytes] - [25/10/2015 14:53:19]
C:\AdwCleaner\AdwCleaner[S2].txt - [4166 Bytes] - [20/09/2016 22:05:41]
C:\AdwCleaner\AdwCleaner[S3].txt - [2914 Bytes] - [22/09/2016 13:03:41]
C:\AdwCleaner\AdwCleaner[S4].txt - [2472 Bytes] - [18/11/2016 17:21:39]
C:\AdwCleaner\AdwCleaner[S5].txt - [2616 Bytes] - [07/04/2017 20:33:44]
C:\AdwCleaner\AdwCleaner[S6].txt - [2692 Bytes] - [27/04/2017 17:04:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [2765 Bytes] ##########
         
Malwarebyte
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 27.04.2017
Suchlaufzeit: 17:20
Protokolldatei: malwarelaptop.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2017.04.07.04
Rootkit-Datenbank: v2017.04.02.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x86
Dateisystem: NTFS
Benutzer: mikelsoft

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 303808
Abgelaufene Zeit: 43 Min., 51 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 2
PUP.Optional.FullTab, C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.fulltabsearch.com_0.localstorage, In Quarantäne, [e759c12dc6e25cdab17f2cd5679a02fe], 
PUP.Optional.FullTab, C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.fulltabsearch.com_0.localstorage-journal, In Quarantäne, [9da39e50367281b5f43c867b54adeb15], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Rechner 1 AWD Cleaner
Code:
ATTFilter
AdwCleaner v6.045 - Bericht erstellt am 27/04/2017 um 20:55:02
# Aktualisiert am 28/03/2017 von Malwarebytes
# Datenbank : 2017-04-06.1 [Lokal]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : mikelsoft - ZENTIS
# Gestartet von : C:\Users\mikelsoft\Desktop\AdwCleaner_6.045.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

Keine schädlichen Dienste gefunden.


***** [ Ordner ] *****

Ordner Gefunden: C:\Users\mikelsoft\AppData\Roaming\Browser-Security
Ordner Gefunden: C:\Program Files (x86)\Mozilla Firefox\browser\plugin
Ordner Gefunden: C:\Program Files (x86)\Mozilla Firefox\browser\plugin
Ordner Gefunden: C:\Program Files (x86)\Mozilla Firefox\browser\plugin
Ordner Gefunden: C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjndloejlcbpkholmagjbddfkjmmploh


***** [ Dateien ] *****

Datei Gefunden: C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gjndloejlcbpkholmagjbddfkjmmploh_0.localstorage
Datei Gefunden: C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gjndloejlcbpkholmagjbddfkjmmploh_0.localstorage-journal


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden: HKU\S-1-5-21-2426455433-2531843764-2980284681-1000\Software\CoinisRevShare
Schlüssel Gefunden: HKCU\Software\CoinisRevShare
Schlüssel Gefunden: [x64] HKCU\Software\CoinisRevShare
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - gjndloejlcbpkholmagjbddfkjmmploh
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - oadboiipflhobonjjffjbfekfjcgkhco
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hxxp://search.orbitdownloader.com/

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [6919 Bytes] - [06/10/2015 12:03:10]
C:\AdwCleaner\AdwCleaner[C2].txt - [3715 Bytes] - [12/01/2016 01:48:05]
C:\AdwCleaner\AdwCleaner[S1].txt - [7587 Bytes] - [06/10/2015 12:01:36]
C:\AdwCleaner\AdwCleaner[S2].txt - [3727 Bytes] - [12/01/2016 01:45:49]
C:\AdwCleaner\AdwCleaner[S3].txt - [3354 Bytes] - [27/04/2017 19:06:27]
C:\AdwCleaner\AdwCleaner[S4].txt - [3104 Bytes] - [27/04/2017 20:55:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [3177 Bytes] ##########
         
Malwarebyte
Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 27.04.17
Scan-Zeit: 18:52
Protokolldatei: malwarezentis.txt
Administrator: Ja

-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.96
Version des Aktualisierungspakets: 1.0.1622
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: System

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 482749
Abgelaufene Zeit: 2 Min., 40 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 1
PUP.Optional.BrowserSecurity, C:\Users\mikelsoft\AppData\Roaming\Browser-Security\s768.exe, In Quarantäne, [1472], [180951],1.0.1622

Modul: 2
PUP.Optional.BrowserSecurity, C:\Users\mikelsoft\AppData\Roaming\Browser-Security\s768.exe, In Quarantäne, [1472], [180951],1.0.1622
PUP.Optional.Elex, C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\WTSAPI32.DLL, In Quarantäne, [7], [315191],1.0.1622

Registrierungsschlüssel: 7
PUP.Optional.BrowserSecurity, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Browser-Security, In Quarantäne, [1472], [180951],1.0.1622
PUP.Optional.Elex, HKLM\SOFTWARE\CLASSES\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, In Quarantäne, [15], [160059],1.0.1622
PUP.Optional.Elex, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, In Quarantäne, [15], [160059],1.0.1622
PUP.Optional.Elex, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, In Quarantäne, [15], [160059],1.0.1622
PUP.Optional.ProductSetup, HKU\S-1-5-21-2426455433-2531843764-2980284681-1000\SOFTWARE\PRODUCTSETUP, In Quarantäne, [14560], [242047],1.0.1622
PUP.Optional.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, In Quarantäne, [84], [-1],0.0.0
PUP.Optional.InstallCore, HKU\S-1-5-21-2426455433-2531843764-2980284681-1000\SOFTWARE\csastats, In Quarantäne, [2], [260986],1.0.1622

Registrierungswert: 6
PUP.Optional.BrowserSecurity, HKU\S-1-5-21-2426455433-2531843764-2980284681-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|safe_urls768, In Quarantäne, [1472], [180951],1.0.1622
PUP.Optional.StartPage, HKU\S-1-5-21-2426455433-2531843764-2980284681-1000\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{BA2C82B0-7FA8-11E4-B4A9-0800200C9A66}, In Quarantäne, [50], [186594],1.0.1622
PUP.Optional.ProductSetup, HKU\S-1-5-21-2426455433-2531843764-2980284681-1000\SOFTWARE\PRODUCTSETUP|TB, In Quarantäne, [14560], [242047],1.0.1622
PUP.Optional.Wajam, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, In Quarantäne, [84], [-1],0.0.0
PUP.Optional.Wajam, HKU\S-1-5-21-2426455433-2531843764-2980284681-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, In Quarantäne, [84], [-1],0.0.0
PUP.Optional.Wajam, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, In Quarantäne, [84], [-1],0.0.0

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 3
PUP.Optional.BrowserSecurity, C:\USERS\MIKELSOFT\APPDATA\ROAMING\Browser-Security, Entfernung fehlgeschlagen, [1472], [180951],1.0.1622
PUP.Optional.BrowserSecurity, C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530\jetpack\firefox@browser-security.de\simple-storage, In Quarantäne, [1472], [347817],1.0.1622
PUP.Optional.BrowserSecurity, C:\USERS\MIKELSOFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L6CYWNNT.DEFAULT-1452556399530\JETPACK\FIREFOX@BROWSER-SECURITY.DE, In Quarantäne, [1472], [347817],1.0.1622

Datei: 11
PUP.Optional.BrowserSecurity, C:\Users\mikelsoft\AppData\Roaming\Browser-Security\data, In Quarantäne, [1472], [180951],1.0.1622
PUP.Optional.BrowserSecurity, C:\Users\mikelsoft\AppData\Roaming\Browser-Security\license.rtf, In Quarantäne, [1472], [180951],1.0.1622
PUP.Optional.BrowserSecurity, C:\Users\mikelsoft\AppData\Roaming\Browser-Security\s768.exe, Entfernung fehlgeschlagen, [1472], [180951],1.0.1622
PUP.Optional.BrowserSecurity, C:\Users\mikelsoft\AppData\Roaming\Browser-Security\uninstall.exe, In Quarantäne, [1472], [180951],1.0.1622
PUM.Optional.FireFoxSecurityOverride, C:\USERS\MIKELSOFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\207ME1ZQ.DEFAULT\USER.JS, In Quarantäne, [18799], [302435],1.0.1622
PUM.Optional.FireFoxSecurityOverride, C:\USERS\MIKELSOFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L6CYWNNT.DEFAULT-1452556399530\USER.JS, In Quarantäne, [18799], [302435],1.0.1622
PUP.Optional.BrowserSecurity, C:\USERS\MIKELSOFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L6CYWNNT.DEFAULT-1452556399530\EXTENSIONS\FIREFOX@BROWSER-SECURITY.DE.XPI, In Quarantäne, [1087], [246993],1.0.1622
PUP.Optional.Elex, C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\WTSAPI32.DLL, Entfernung fehlgeschlagen, [7], [315191],1.0.1622
PUP.Optional.Wajam, C:\USERS\MIKELSOFT\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_www.technologiestuart.com_0.localstorage, In Quarantäne, [84], [251274],1.0.1622
PUP.Optional.Wajam, C:\USERS\MIKELSOFT\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_www.technologiestuart.com_0.localstorage-journal, In Quarantäne, [84], [251274],1.0.1622

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)
         
Rechner 2 awd cleaner vom 27.04
Code:
ATTFilter
# AdwCleaner v6.046 - Bericht erstellt am 27/04/2017 um 17:11:28
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-04-25.1 [Server]
# Betriebssystem : Windows 10 Home  (X86)
# Benutzername : mikelsoft - MIKELSOFT-PC
# Gestartet von : C:\Users\mikelsoft\Desktop\adwcleaner_6.046.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

Keine schädlichen Dienste gefunden.


***** [ Ordner ] *****

Ordner Gefunden: C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjndloejlcbpkholmagjbddfkjmmploh


***** [ Dateien ] *****

Datei Gefunden: C:\WINDOWS\unins000.dat
Datei Gefunden: C:\WINDOWS\unins000.exe
Datei Gefunden: C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gjndloejlcbpkholmagjbddfkjmmploh_0.localstorage
Datei Gefunden: C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gjndloejlcbpkholmagjbddfkjmmploh_0.localstorage-journal


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Web data] - websearch.ask.com
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Web data] - r
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Web data] - search.conduit.com
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Web data] - mystart.incredimail.com
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - gjndloejlcbpkholmagjbddfkjmmploh
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - oadboiipflhobonjjffjbfekfjcgkhco
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hxxp://search.orbitdownloader.com/

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [8258 Bytes] - [07/04/2017 20:15:18]
C:\AdwCleaner\AdwCleaner[R0].txt - [4895 Bytes] - [14/09/2013 19:56:09]
C:\AdwCleaner\AdwCleaner[S0].txt - [4961 Bytes] - [14/09/2013 19:57:15]
C:\AdwCleaner\AdwCleaner[S1].txt - [7448 Bytes] - [07/04/2017 20:10:53]
C:\AdwCleaner\AdwCleaner[S2].txt - [2791 Bytes] - [27/04/2017 17:11:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2864 Bytes] ##########
         
und vom 7.04 AWD Cleaner
Code:
ATTFilter
# AdwCleaner v6.045 - Bericht erstellt am 07/04/2017 um 20:10:53
# Aktualisiert am 28/03/2017 von Malwarebytes
# Datenbank : 2017-04-06.1 [Server]
# Betriebssystem : Windows 10 Home  (X86)
# Benutzername : mikelsoft - MIKELSOFT-PC
# Gestartet von : C:\Users\mikelsoft\Desktop\AdwCleaner_6.045.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

Keine schädlichen Dienste gefunden.


***** [ Ordner ] *****

Ordner Gefunden: C:\ProgramData\1WinManPro1
Ordner Gefunden: C:\Users\mikelsoft\AppData\Local\YSearchUtil
Ordner Gefunden: C:\Users\mikelsoft\AppData\Roaming\FoxTab
Ordner Gefunden: C:\ProgramData\IHProtectUpDate
Ordner Gefunden: C:\Program Files\Yahoo!\yset
Ordner Gefunden: C:\Users\mikelsoft\AppData\Local\Temp\DMR
Ordner Gefunden: C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjndloejlcbpkholmagjbddfkjmmploh
Ordner Gefunden: C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco
Ordner Gefunden: C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofkpgiaknijknhajbhnghkodiccblkg


***** [ Dateien ] *****

Datei Gefunden: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
Datei Gefunden: C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}.xpi
Datei Gefunden: C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
Datei Gefunden: C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi
Datei Gefunden: C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\searchplugins\Search Provided by Yahoo.xml
Datei Gefunden: C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gjndloejlcbpkholmagjbddfkjmmploh_0.localstorage
Datei Gefunden: C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gjndloejlcbpkholmagjbddfkjmmploh_0.localstorage-journal
Datei Gefunden: C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oadboiipflhobonjjffjbfekfjcgkhco_0.localstorage
Datei Gefunden: C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kofkpgiaknijknhajbhnghkodiccblkg_0.localstorage


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WindowsMangerProtect
Schlüssel Gefunden: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\windowsmangerprotect
Schlüssel Gefunden: HKCU\Software\Classes\CLSID\{BEBBC426-4F16-4567-8FE1-BE198C982027}
Wert Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{1F91A9A1-01BA-4C81-863D-3BA0751E1419}]
Schlüssel Gefunden: HKU\.DEFAULT\Software\AskToolbar
Schlüssel Gefunden: HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\Software\BoBrowser
Schlüssel Gefunden: HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\Software\InstallCore
Schlüssel Gefunden: HKU\S-1-5-18\Software\AskToolbar
Schlüssel Gefunden: HKCU\Software\BoBrowser
Schlüssel Gefunden: HKCU\Software\InstallCore
Schlüssel Gefunden: HKLM\SOFTWARE\Clara
Schlüssel Gefunden: HKLM\SOFTWARE\FFPluginHp
Schlüssel Gefunden: HKLM\SOFTWARE\IHProtect
Schlüssel Gefunden: HKLM\SOFTWARE\istartsurfSoftware
Schlüssel Gefunden: HKLM\SOFTWARE\SupDp
Schlüssel Gefunden: HKLM\SOFTWARE\SupTab
Schlüssel Gefunden: HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gefunden: HKLM\SOFTWARE\SUPDP
Schlüssel Gefunden: HKLM\SOFTWARE\SUPTAB
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet
Wert Gefunden: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [defsearchp@gmail.com]
Wert Gefunden: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [defsearchp@gmail.com]
Wert Gefunden: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [defsearchp@gmail.com]
Schlüssel Gefunden: HKCU\Software\Google\Chrome\Extensions\kofkpgiaknijknhajbhnghkodiccblkg
Schlüssel Gefunden: HKLM\SOFTWARE\Google\Chrome\Extensions\kofkpgiaknijknhajbhnghkodiccblkg


***** [ Internetbrowser ] *****

Firefox pref Gefunden: [C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\prefs.js] - "browser.search.defaultenginename" -  "Search Provided by Yahoo"
Firefox pref Gefunden: [C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\prefs.js] - "browser.search.selectedEngine" -  "Search Provided by Yahoo"
Firefox pref Gefunden: [C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\prefs.js] - "extensions.quick_start.enable_search1" -  false
Firefox pref Gefunden: [C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\prefs.js] - "extensions.quick_start.sd.closeWindowWithLastTab_prev_state" -  false
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Chromium\User Data\Default\Web data] - search provided by yahoo
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Chromium\User Data\Default\Secure Preferences] - hxxps://de.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_20_orgnl&param1=1&param2=f%3D7%26b%3Dchmm%2
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Chromium\User Data\Default\Secure Preferences ] - kofkpgiaknijknhajbhnghkodiccblkg
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Chromium\User Data\Default\Secure Preferences ] - hxxps://de.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_20_orgnl&param1=1&param2=f%3D1%26b%3Dchmm%
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Web data] - websearch.ask.com
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Web data] - r
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Web data] - search.conduit.com
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Web data] - mystart.incredimail.com
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - gjndloejlcbpkholmagjbddfkjmmploh
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - kofkpgiaknijknhajbhnghkodiccblkg
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - oadboiipflhobonjjffjbfekfjcgkhco
Chrome pref Gefunden: [C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hxxp://search.orbitdownloader.com/

*************************

C:\AdwCleaner\AdwCleaner[R0].txt - [4895 Bytes] - [14/09/2013 19:56:09]
C:\AdwCleaner\AdwCleaner[S0].txt - [4961 Bytes] - [14/09/2013 19:57:15]
C:\AdwCleaner\AdwCleaner[S1].txt - [7296 Bytes] - [07/04/2017 20:10:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [7369 Bytes] ##########
         
scan von Malewarebyte
Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 27.04.17
Scan-Zeit: 20:45
Protokolldatei: mmalwarewohn.txt
Administrator: Ja

-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.96
Version des Aktualisierungspakets: 1.0.1682
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10
CPU: x86
Dateisystem: NTFS
Benutzer: MIKELSOFT-PC\mikelsoft

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 480721
Abgelaufene Zeit: 24 Min., 34 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Ersetzt, [13884], [292819],1.0.1682

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 2
PUP.Optional.WinYahoo, C:\Users\mikelsoft\AppData\Local\{1EB528E9-3A1D-4451-5785-61B973ED9D21}\HowToRemove, In Quarantäne, [75], [302717],1.0.1682
PUP.Optional.WinYahoo, C:\USERS\MIKELSOFT\APPDATA\LOCAL\{1EB528E9-3A1D-4451-5785-61B973ED9D21}, In Quarantäne, [75], [302717],1.0.1682

Datei: 16
PUP.Optional.OpenCandy, C:\USERS\MIKELSOFT\DOWNLOADS\DTLITE4491-0356.EXE, In Quarantäne, [469], [297667],1.0.1682
PUP.Optional.WinYahoo, C:\USERS\MIKELSOFT\APPDATA\LOCAL\{1EB528E9-3A1D-4451-5785-61B973ED9D21}\HOWTOREMOVE\HOWTOREMOVE.HTML, In Quarantäne, [75], [302717],1.0.1682
PUP.Optional.WinYahoo, C:\Users\mikelsoft\AppData\Local\{1EB528E9-3A1D-4451-5785-61B973ED9D21}\HowToRemove\chromium-min.jpg, In Quarantäne, [75], [302717],1.0.1682
PUP.Optional.WinYahoo, C:\Users\mikelsoft\AppData\Local\{1EB528E9-3A1D-4451-5785-61B973ED9D21}\HowToRemove\control panel-min-min.JPG, In Quarantäne, [75], [302717],1.0.1682
PUP.Optional.WinYahoo, C:\Users\mikelsoft\AppData\Local\{1EB528E9-3A1D-4451-5785-61B973ED9D21}\HowToRemove\down.png, In Quarantäne, [75], [302717],1.0.1682
PUP.Optional.WinYahoo, C:\Users\mikelsoft\AppData\Local\{1EB528E9-3A1D-4451-5785-61B973ED9D21}\HowToRemove\ff menu.JPG, In Quarantäne, [75], [302717],1.0.1682
PUP.Optional.WinYahoo, C:\Users\mikelsoft\AppData\Local\{1EB528E9-3A1D-4451-5785-61B973ED9D21}\HowToRemove\ff search engine-min.png, In Quarantäne, [75], [302717],1.0.1682
PUP.Optional.WinYahoo, C:\Users\mikelsoft\AppData\Local\{1EB528E9-3A1D-4451-5785-61B973ED9D21}\HowToRemove\hp-min ff.png, In Quarantäne, [75], [302717],1.0.1682
PUP.Optional.WinYahoo, C:\Users\mikelsoft\AppData\Local\{1EB528E9-3A1D-4451-5785-61B973ED9D21}\HowToRemove\hp-min ie.png, In Quarantäne, [75], [302717],1.0.1682
PUP.Optional.WinYahoo, C:\Users\mikelsoft\AppData\Local\{1EB528E9-3A1D-4451-5785-61B973ED9D21}\HowToRemove\search engine.gif, In Quarantäne, [75], [302717],1.0.1682
PUP.Optional.WinYahoo, C:\Users\mikelsoft\AppData\Local\{1EB528E9-3A1D-4451-5785-61B973ED9D21}\HowToRemove\setup pages.gif, In Quarantäne, [75], [302717],1.0.1682
PUP.Optional.WinYahoo, C:\Users\mikelsoft\AppData\Local\{1EB528E9-3A1D-4451-5785-61B973ED9D21}\HowToRemove\sp-min.png, In Quarantäne, [75], [302717],1.0.1682
PUP.Optional.WinYahoo, C:\Users\mikelsoft\AppData\Local\{1EB528E9-3A1D-4451-5785-61B973ED9D21}\HowToRemove\start-min.jpg, In Quarantäne, [75], [302717],1.0.1682
PUP.Optional.WinYahoo, C:\Users\mikelsoft\AppData\Local\{1EB528E9-3A1D-4451-5785-61B973ED9D21}\HowToRemove\up.png, In Quarantäne, [75], [302717],1.0.1682
PUP.Optional.WinYahoo, C:\Users\mikelsoft\AppData\Local\{1EB528E9-3A1D-4451-5785-61B973ED9D21}\coda, In Quarantäne, [75], [302717],1.0.1682
PUP.Optional.OpenCandy, C:\USERS\MIKELSOFT\DOWNLOADS\MEDIAINFO_GUI_0.7.76_WINDOWS.EXE, Keine Aktion durch Benutzer, [469], [297667],1.0.1682

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)
         
Ich habe dann noch Rechner mit Linux dazu zählt 1 NAS 1 Ubuntu Fhem Server
3 Raspberry PI
Außerdem diverse Smarthome Sachen (Kamera türschlösser sonos alexa homematic u.s.w.) die sich ins Wlan einwählen können

Ines
__________________

Alt 29.04.2017, 15:24   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mirai botnet Brief vom Telekom Sicherheitswarnung - Standard

Mirai botnet Brief vom Telekom Sicherheitswarnung



Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 29.04.2017, 21:19   #5
inesa394
 
Mirai botnet Brief vom Telekom Sicherheitswarnung - Standard

Mirai botnet Brief vom Telekom Sicherheitswarnung



Laptop

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 27-04-2017
durchgeführt von mikelsoft (Administrator) auf MIKELSOFT-LAPTO (29-04-2017 19:43:22)
Gestartet von C:\Users\mikelsoft\Desktop
Geladene Profile: mikelsoft (Verfügbare Profile: mikelsoft)
Platform: Microsoft Windows 10 Home Version 1607 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files\Bluetooth Suite\AdminService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files\Lenovo\iMController\Service\Lenovo.Modern.ImController.exe
() C:\Program Files\BidCoS Service\rfd.exe
() C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
() C:\Program Files\Repetier-Server\bin\RepetierServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Amazon Services LLC) C:\Users\mikelsoft\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Emurasoft, Inc.) C:\Program Files\EmEditor\emedtray.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x86__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Program Files\No-IP\ducservice.exe
() C:\Program Files\Lenovo\System Update\UNCServer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Martin Prikryl) C:\Program Files\WinSCP\WinSCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
() C:\Users\mikelsoft\AppData\Local\Apps\2.0\E20X19JB.C55\WNNEL1AX.QG3\myha..tion_893f52c973591bc9_0001.0000_6a878e02a9e32088\AppFiles\MyHarmony.exe
() C:\Users\mikelsoft\AppData\Local\Apps\2.0\E20X19JB.C55\WNNEL1AX.QG3\myha..tion_893f52c973591bc9_0001.0000_6a878e02a9e32088\AppFiles\MyHarmony.exe
() C:\Users\mikelsoft\AppData\Local\Apps\2.0\E20X19JB.C55\WNNEL1AX.QG3\myha..tion_893f52c973591bc9_0001.0000_6a878e02a9e32088\AppFiles\MyHarmony.exe
() C:\Users\mikelsoft\AppData\Local\Apps\2.0\E20X19JB.C55\WNNEL1AX.QG3\myha..tion_893f52c973591bc9_0001.0000_6a878e02a9e32088\AppFiles\MyHarmony.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Don HO don.h@free.fr) C:\Program Files\Notepad++\notepad++.exe
() C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
() C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12214528 2015-08-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1024256 2015-08-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1024256 2015-08-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1024256 2015-08-22] (Realtek Semiconductor)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [28344536 2017-04-26] (Dropbox, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3519144 2015-06-19] (Synaptics Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [483840 2017-03-28] (Microsoft Corporation)
HKLM\...\RunOnce: [Malwarebytes Anti-Rootkit (cleanup)] => C:\ProgramData\Malwarebytes' Anti-Malware (portable)\mbamdor.exe [54072 2015-09-10] (Malwarebytes Corporation)
HKU\S-1-5-21-2548902348-863574374-2724880110-1000\...\Run: [Amazon Music] => C:\Users\mikelsoft\AppData\Local\Amazon Music\Amazon Music Helper.exe [3694056 2017-02-01] (Amazon Services LLC)
HKU\S-1-5-21-2548902348-863574374-2724880110-1000\...\Run: [GoogleChromeAutoLaunch_EEFE44D0258C3D0E520D3E68631825C9] => C:\Program Files\Google\Chrome\Application\chrome.exe [941912 2017-03-29] (Google Inc.)
HKU\S-1-5-21-2548902348-863574374-2724880110-1000\...\MountPoints2: {5e71a359-1bc5-11e7-947c-d05349decf76} - "D:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2548902348-863574374-2724880110-1000\...\MountPoints2: {99c470a0-cd2a-11e6-945b-d05349decf76} - "D:\HiSuiteDownLoader.exe" 
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl)
Startup: C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EmEditor.lnk [2016-07-21]
ShortcutTarget: EmEditor.lnk -> C:\Program Files\EmEditor\emedtray.exe (Emurasoft, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5f9c7367-c98f-4327-af9c-709124af5686}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-2548902348-863574374-2724880110-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\S-1-5-21-2548902348-863574374-2724880110-1000 -> {8FD69A31-5D65-4640-B4F2-581773455D2D} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-28] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-28] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: rthaolbz.default
FF ProfilePath: C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\rthaolbz.default [2017-04-27]
FF Homepage: Mozilla\Firefox\Profiles\rthaolbz.default -> www.google.de
FF Session Restore: Mozilla\Firefox\Profiles\rthaolbz.default -> ist aktiviert.
FF Extension: (Google Translator for Firefox) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\rthaolbz.default\Extensions\translator@zoli.bod.xpi [2017-02-18]
FF Extension: (Flagfox) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\rthaolbz.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2017-04-21]
FF Extension: (PDF Download) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\rthaolbz.default\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2016-04-28]
FF Extension: (Download Status Bar) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\rthaolbz.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2016-10-06]
FF Extension: (NoScript) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\rthaolbz.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-04-26]
FF Extension: (Live HTTP headers) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\rthaolbz.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2016-04-28]
FF Extension: (ImTranslator) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\rthaolbz.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2017-01-06]
FF Extension: (WOT) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\rthaolbz.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-10]
FF Extension: (Adblock Plus) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\rthaolbz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-09]
FF Extension: (DownThemAll!) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\rthaolbz.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-10-06]
FF ProfilePath: C:\Users\mikelsoft\AppData\Roaming\Gapminder Foundation\Gapminder World\Profiles\v8se7xom.default [2017-04-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-11] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [2015-09-07] (Adobe Systems, Inc.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-28] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-02-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-02-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-02-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-02-20] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)

Chrome: 
=======
CHR HomePage: Default -> hxxp://search.orbitdownloader.com/
CHR StartupUrls: Default -> "hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f056386a-ace8-4385-b788-b001646a9ec1&searchtype=hp&installDate=20/05/2013","hxxp://www.google.com/","hxxp://www.istartsurf.com/?type=hp&ts=1438291744&z=835a089035872680a155b5eg1zfcbb0odtdofe7oeq&from=smt&uid=CorsairXForceX3XSSD_11476502000008951204","hxxp://www.istartsurf.com/?type=hppp&ts=1438291805&z=396efe5531988c07fea5102g8z3c4bfo6t8o8e4beb&from=smt&uid=CorsairXForceX3XSSD_11476502000008951204","hxxp://www.google.com"
CHR Profile: C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default [2017-04-29]
CHR Extension: (Google*Übersetzer) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2016-02-14]
CHR Extension: (Google Präsentationen) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-22]
CHR Extension: (h264ify) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleakchihdccplidncghkekgioiakgal [2016-05-16]
CHR Extension: (Google Docs) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-22]
CHR Extension: (Google Drive) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-16]
CHR Extension: (Wetter (Erweiterung)) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2017-03-16]
CHR Extension: (TV) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2016-02-14]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-03-16]
CHR Extension: (YouTube) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-20]
CHR Extension: (Adblock Plus) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-23]
CHR Extension: (Adblock für Youtube™) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-04-20]
CHR Extension: (Google-Suche) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-16]
CHR Extension: (XJZ Survey Remover) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cphljojhgmnabimjemakjleocdheengh [2016-02-14]
CHR Extension: (Google Tabellen) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-22]
CHR Extension: (TabSaver) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmjkkhoegfianolbdbceddpgnidbfpmo [2017-04-27]
CHR Extension: (Uhr) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2016-02-14]
CHR Extension: (Google Docs Offline) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-13]
CHR Extension: (IP-Adresse) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjndloejlcbpkholmagjbddfkjmmploh [2017-04-27]
CHR Extension: (In Google Drive speichern) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2016-02-14]
CHR Extension: (Advanced REST client) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgmloofddffdnphfgcellkdfbfbjeloo [2017-02-25]
CHR Extension: (Google Play Music) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2016-06-09]
CHR Extension: (Chrome to Mobile) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2016-02-14]
CHR Extension: (Dropbox) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2016-02-14]
CHR Extension: (eBay für Chrome) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2016-11-27]
CHR Extension: (Yahoo Partner) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdmjodecdegfglgaapafjleomjjlpnh [2016-11-07]
CHR Extension: (Erweiterte Startseite) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhlflcpjmbmnhfehipheboagibdjgmog [2016-02-14]
CHR Extension: (Skype) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-16]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-04-12]
CHR Extension: (Google Maps) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-02-14]
CHR Extension: (Codebender App) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\magknjdfniglanojbpadmpjlglepnlko [2016-07-21]
CHR Extension: (Google Mail-Checker) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2016-02-14]
CHR Extension: (Downloads) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi [2017-04-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-16]
CHR Extension: (Picasa) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2016-02-14]
CHR Extension: (Google Mail) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-22]
CHR Extension: (Chrome Media Router) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-16]
CHR HKLM\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2548902348-863574374-2724880110-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [279120 2015-06-29] (Windows (R) Win 7 DDK provider)
R2 BidCoS-Service; C:\Program Files\BidCoS Service\rfd.exe [598016 2015-12-07] () [Datei ist nicht signiert]
S3 cphs; C:\WINDOWS\system32\IntelCpHeciSvc.exe [283024 2015-06-08] (Intel Corporation)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-11] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-11] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42288 2017-04-26] (Dropbox, Inc.)
S2 debugregsvc; C:\WINDOWS\System32\debugregsvc.dll [24064 2016-07-15] (Microsoft Corporation)
S3 DeveloperToolsService; C:\WINDOWS\System32\DeveloperToolsSvc.exe [84480 2016-07-15] (Microsoft Corporation)
R2 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [155848 2016-11-25] () [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [297872 2015-06-08] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [33696 2015-08-13] ()
R2 NoIPDUCService4; C:\Program Files\No-IP\ducservice.exe [12288 2015-07-20] () [Datei ist nicht signiert]
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [32384 2016-10-03] (The OpenVPN Project)
R2 RepetierServer; C:\Program Files\Repetier-Server\bin\RepetierServer.exe [5940584 2016-11-27] ()
S4 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [734400 2015-08-13] (@ByELDI) [Datei ist nicht signiert]
R3 SshBroker; C:\WINDOWS\System32\SshBroker.dll [276992 2016-07-15] (Microsoft Corporation)
R3 SshProxy; C:\WINDOWS\System32\SshProxy.dll [213504 2016-07-15] (Microsoft Corporation)
S4 SUService; C:\Program Files\Lenovo\System Update\SUService.exe [28544 2016-07-07] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [208552 2015-06-19] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [55808 2015-02-17] (Code Sector) [Datei ist nicht signiert]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2017-03-28] (Microsoft Corporation)
S4 WebManagement; C:\WINDOWS\system32\WebManagement.exe [709120 2016-07-15] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84928 2017-03-28] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ACPIVPC; C:\WINDOWS\System32\drivers\AcpiVpc.sys [36176 2015-08-22] (Lenovo Corporation)
S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus.sys [23424 2016-03-02] (LG Electronics Inc.)
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag.sys [24064 2016-03-02] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem.sys [28672 2016-03-02] (LG Electronics Inc.)
R3 athr; C:\WINDOWS\System32\drivers\athw8.sys [3228672 2016-07-16] (Qualcomm Atheros Communications, Inc.)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [521248 2016-06-26] (Qualcomm Atheros)
S3 CH341SER; C:\WINDOWS\System32\Drivers\CH341SER.SYS [41472 2015-02-06] (www.winchiphead.com)
S3 FTDIBUS; C:\WINDOWS\system32\drivers\ftdibus.sys [96464 2016-10-04] (Future Technology Devices International Ltd.)
S3 FTSER2K; C:\WINDOWS\system32\drivers\ftser2k.sys [74864 2016-10-04] ()
S3 HWiNFO32; C:\Users\mikelsoft\AppData\Local\Temp\HWiNFO32.SYS [23840 2017-04-26] (REALiX(tm)) <==== ACHTUNG
S3 intaud_WaveExtensible; C:\WINDOWS\system32\drivers\intelaud.sys [44096 2015-06-26] (Intel Corporation)
R3 iwdbus; C:\WINDOWS\System32\drivers\iwdbus.sys [35904 2015-06-26] (Intel Corporation)
S3 kmloop; C:\WINDOWS\System32\drivers\loop.sys [12800 2016-07-16] (Microsoft Corporation)
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [42592 2017-01-28] (hxxp://libusb-win32.sourceforge.net)
R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [94936 2017-04-28] (Malwarebytes)
R3 MEI; C:\WINDOWS\System32\drivers\TeeDriverW8.sys [161056 2015-06-12] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
S3 netr28u; C:\WINDOWS\System32\drivers\netr28u.sys [1824256 2016-07-16] (MediaTek Inc.)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [77136 2016-12-15] (Insecure.Com LLC.)
S4 npcap_wifi; C:\WINDOWS\system32\DRIVERS\npcap.sys [77136 2016-12-15] (Insecure.Com LLC.)
R1 npf; C:\WINDOWS\system32\DRIVERS\npf.sys [77136 2016-12-15] (Insecure.Com LLC.)
S4 npf_wifi; C:\WINDOWS\system32\DRIVERS\npf.sys [77136 2016-12-15] (Insecure.Com LLC.)
S3 qcfilter; C:\WINDOWS\System32\drivers\qcusbfilter.sys [39456 2015-09-25] (QUALCOMM Incorporated)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [214560 2015-09-25] (QUALCOMM Incorporated)
U0 rjaty; C:\WINDOWS\System32\drivers\imofugc.sys [52440 2017-04-28] (Malwarebytes Corporation)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2016-07-16] (Realtek                                            )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [301824 2015-08-23] (Realsil Semiconductor Corporation)
S3 silabenm; C:\WINDOWS\system32\DRIVERS\silabenm.sys [16128 2014-11-25] (Silicon Laboratories)
S3 silabser; C:\WINDOWS\system32\DRIVERS\silabser.sys [462432 2015-11-25] (Silicon Laboratories Inc.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [26792 2015-06-19] (Synaptics Incorporated)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [23040 2016-04-21] (The OpenVPN Project)
R3 teamviewervpn; C:\WINDOWS\System32\drivers\teamviewervpn.sys [25088 2015-06-18] (TeamViewer GmbH)
R3 USBPcap; C:\WINDOWS\system32\DRIVERS\USBPcap.sys [33016 2015-10-07] (USBPcap)
S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [102968 2016-07-18] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [165880 2016-07-18] (Oracle Corporation)
R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [516264 2016-10-20] (IDRIX)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [161280 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2016-11-25] (Huawei Technologies Co., Ltd.)
U3 idsvc; kein ImagePath
S3 rtsuvc; \SystemRoot\system32\DRIVERS\rtsuvc.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVC: debugregsvc -> C:\Windows\System32\debugregsvc.dll (Microsoft Corporation)

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-29 19:43 - 2017-04-29 19:44 - 00031935 _____ C:\Users\mikelsoft\Desktop\FRST.txt
2017-04-29 10:47 - 2017-04-29 10:47 - 00000000 ____D C:\Users\mikelsoft\Desktop\FRST-OlderVersion
2017-04-28 23:59 - 2017-04-28 23:59 - 00004096 _____ C:\WINDOWS\SECOH-QAD.exe
2017-04-28 13:25 - 2017-04-28 13:25 - 00052440 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\imofugc.sys
2017-04-28 06:27 - 2017-04-28 13:25 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-04-28 06:26 - 2017-04-28 13:25 - 00000000 ____D C:\Users\mikelsoft\Desktop\mbar
2017-04-27 17:27 - 2017-04-27 17:27 - 00000816 _____ C:\Users\mikelsoft\Desktop\JRTold.txt
2017-04-27 16:58 - 2017-04-27 16:57 - 04102600 _____ C:\Users\mikelsoft\Desktop\adwcleaner_6.046.exe
2017-04-27 16:48 - 2017-04-27 16:48 - 00001260 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-04-27 15:51 - 2017-04-27 15:50 - 00602112 _____ (OldTimer Tools) C:\Users\mikelsoft\Desktop\OTL.exe
2017-04-27 14:18 - 2017-04-27 14:24 - 00130924 _____ C:\WINDOWS\Minidump\042717-49015-01.dmp
2017-04-27 06:11 - 2017-04-27 06:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-04-26 20:02 - 2017-04-26 20:02 - 00042288 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-04-26 13:02 - 2017-04-26 13:03 - 00000000 ___HD C:\$WINDOWS.~BT
2017-04-26 11:38 - 2017-04-26 12:59 - 00000000 ____D C:\Program Files\Intel Driver Update Utility
2017-04-26 11:38 - 2017-04-26 11:38 - 00001191 _____ C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.7.2.lnk
2017-04-26 11:38 - 2017-04-26 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2017-04-25 11:38 - 2017-04-25 11:44 - 00281612 _____ C:\WINDOWS\Minidump\042517-42234-01.dmp
2017-04-22 21:49 - 2017-04-22 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2017-04-22 21:36 - 2017-04-23 22:44 - 00000000 ____D C:\xampp
2017-04-18 19:00 - 2017-04-18 19:02 - 00281780 _____ C:\WINDOWS\Minidump\041817-34125-01.dmp
2017-04-18 14:55 - 2017-04-18 14:55 - 00000000 __RSD C:\WINDOWS\system32\WindowsDevicePortal
2017-04-18 14:55 - 2017-04-18 14:55 - 00000000 ___RD C:\WINDOWS\WebManagement
2017-04-18 14:55 - 2016-07-15 18:45 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\debugregsvcapi.dll
2017-04-18 14:55 - 2016-07-15 18:45 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperTools.ProxyStub.dll
2017-04-18 14:55 - 2016-07-15 18:44 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevToolsLauncher.exe
2017-04-18 14:55 - 2016-07-15 18:43 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeployUtil.exe
2017-04-18 14:55 - 2016-07-15 18:42 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdp.dll
2017-04-18 14:55 - 2016-07-15 18:42 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshProxy.dll
2017-04-18 14:55 - 2016-07-15 18:42 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperToolsSvc.exe
2017-04-18 14:55 - 2016-07-15 18:42 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\debugregsvc.dll
2017-04-18 14:55 - 2016-07-15 18:41 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshSession.exe
2017-04-18 14:55 - 2016-07-15 18:41 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshSftp.exe
2017-04-18 14:55 - 2016-07-15 18:39 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshBroker.dll
2017-04-18 14:55 - 2016-07-15 18:37 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebManagement.exe
2017-04-18 14:44 - 2017-04-18 14:49 - 00281756 _____ C:\WINDOWS\Minidump\041817-32656-01.dmp
2017-04-16 14:48 - 2017-04-16 14:51 - 00281604 _____ C:\WINDOWS\Minidump\041617-39015-01.dmp
2017-04-12 22:07 - 2017-03-28 08:04 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-04-12 22:07 - 2017-03-28 08:04 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-04-12 22:07 - 2017-03-28 07:58 - 00240992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-04-12 22:07 - 2017-03-28 07:52 - 01966944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-04-12 22:07 - 2017-03-28 07:42 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-12 22:07 - 2017-03-28 07:41 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-12 22:07 - 2017-03-28 07:40 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys
2017-04-12 22:07 - 2017-03-28 07:40 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-12 22:07 - 2017-03-28 07:39 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-04-12 22:07 - 2017-03-28 07:39 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-04-12 22:07 - 2017-03-28 07:38 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-04-12 22:07 - 2017-03-28 07:35 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 22:07 - 2017-03-28 07:35 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2017-04-12 22:07 - 2017-03-28 07:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-12 22:07 - 2017-03-28 07:34 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-04-12 22:07 - 2017-03-28 07:34 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2017-04-12 22:07 - 2017-03-28 07:33 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-04-12 22:07 - 2017-03-28 07:32 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-04-12 22:07 - 2017-03-28 07:32 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-04-12 22:07 - 2017-03-28 07:32 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-04-12 22:07 - 2017-03-28 07:32 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 22:07 - 2017-03-28 07:31 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-04-12 22:07 - 2017-03-28 07:30 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-04-12 22:07 - 2017-03-28 07:30 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-04-12 22:07 - 2017-03-28 07:29 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-04-12 22:07 - 2017-03-28 07:29 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-04-12 22:07 - 2017-03-28 07:25 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-04-12 22:07 - 2017-03-28 07:24 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-04-12 22:07 - 2017-03-28 07:23 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-04-12 22:07 - 2017-03-28 07:15 - 01700864 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-04-12 22:07 - 2017-03-28 07:14 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-04-12 22:07 - 2017-03-28 07:13 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-04-12 22:07 - 2017-03-28 07:13 - 01486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-04-12 22:07 - 2017-03-28 07:12 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-04-12 22:07 - 2017-03-28 07:12 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-04-12 22:07 - 2017-03-28 07:11 - 01887232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-12 22:07 - 2017-03-28 07:09 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-04-12 22:07 - 2017-03-28 07:08 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-04-12 22:07 - 2017-03-28 07:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-04-12 22:06 - 2017-03-28 09:10 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-12 22:06 - 2017-03-28 08:59 - 00448864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-04-12 22:06 - 2017-03-28 08:21 - 00890984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-04-12 22:06 - 2017-03-28 08:20 - 01725136 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-04-12 22:06 - 2017-03-28 08:19 - 05999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-12 22:06 - 2017-03-28 08:19 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-04-12 22:06 - 2017-03-28 08:15 - 02048496 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 22:06 - 2017-03-28 08:13 - 00950624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-04-12 22:06 - 2017-03-28 08:05 - 01896800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-12 22:06 - 2017-03-28 08:05 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-12 22:06 - 2017-03-28 08:05 - 00342880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-12 22:06 - 2017-03-28 08:04 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-04-12 22:06 - 2017-03-28 08:04 - 02262776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-12 22:06 - 2017-03-28 08:04 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-04-12 22:06 - 2017-03-28 08:02 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-04-12 22:06 - 2017-03-28 08:02 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-04-12 22:06 - 2017-03-28 07:59 - 06667520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-12 22:06 - 2017-03-28 07:59 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-04-12 22:06 - 2017-03-28 07:59 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-12 22:06 - 2017-03-28 07:58 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-04-12 22:06 - 2017-03-28 07:58 - 01851688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-12 22:06 - 2017-03-28 07:58 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-04-12 22:06 - 2017-03-28 07:58 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-04-12 22:06 - 2017-03-28 07:58 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-04-12 22:06 - 2017-03-28 07:58 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-04-12 22:06 - 2017-03-28 07:58 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-04-12 22:06 - 2017-03-28 07:58 - 00961192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-12 22:06 - 2017-03-28 07:58 - 00198496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-04-12 22:06 - 2017-03-28 07:58 - 00125792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-04-12 22:06 - 2017-03-28 07:53 - 01412128 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-12 22:06 - 2017-03-28 07:53 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-12 22:06 - 2017-03-28 07:48 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-04-12 22:06 - 2017-03-28 07:45 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-04-12 22:06 - 2017-03-28 07:41 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-04-12 22:06 - 2017-03-28 07:40 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-04-12 22:06 - 2017-03-28 07:39 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2017-04-12 22:06 - 2017-03-28 07:38 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-04-12 22:06 - 2017-03-28 07:37 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-04-12 22:06 - 2017-03-28 07:37 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\apds.dll
2017-04-12 22:06 - 2017-03-28 07:37 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-04-12 22:06 - 2017-03-28 07:37 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-04-12 22:06 - 2017-03-28 07:36 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-04-12 22:06 - 2017-03-28 07:36 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-04-12 22:06 - 2017-03-28 07:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 22:06 - 2017-03-28 07:35 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-04-12 22:06 - 2017-03-28 07:35 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-04-12 22:06 - 2017-03-28 07:35 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-04-12 22:06 - 2017-03-28 07:35 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-04-12 22:06 - 2017-03-28 07:35 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-04-12 22:06 - 2017-03-28 07:34 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-12 22:06 - 2017-03-28 07:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-04-12 22:06 - 2017-03-28 07:34 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-04-12 22:06 - 2017-03-28 07:34 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-04-12 22:06 - 2017-03-28 07:33 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-04-12 22:06 - 2017-03-28 07:33 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-04-12 22:06 - 2017-03-28 07:32 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-04-12 22:06 - 2017-03-28 07:32 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-04-12 22:06 - 2017-03-28 07:32 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-04-12 22:06 - 2017-03-28 07:32 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-04-12 22:06 - 2017-03-28 07:32 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-04-12 22:06 - 2017-03-28 07:32 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-04-12 22:06 - 2017-03-28 07:32 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-04-12 22:06 - 2017-03-28 07:32 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-04-12 22:06 - 2017-03-28 07:31 - 00728064 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-04-12 22:06 - 2017-03-28 07:31 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-04-12 22:06 - 2017-03-28 07:31 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-04-12 22:06 - 2017-03-28 07:31 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-04-12 22:06 - 2017-03-28 07:31 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-12 22:06 - 2017-03-28 07:31 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-12 22:06 - 2017-03-28 07:30 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-04-12 22:06 - 2017-03-28 07:30 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-04-12 22:06 - 2017-03-28 07:30 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-12 22:06 - 2017-03-28 07:30 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-04-12 22:06 - 2017-03-28 07:29 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-04-12 22:06 - 2017-03-28 07:29 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-04-12 22:06 - 2017-03-28 07:29 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-04-12 22:06 - 2017-03-28 07:28 - 01110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-04-12 22:06 - 2017-03-28 07:28 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-04-12 22:06 - 2017-03-28 07:28 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-12 22:06 - 2017-03-28 07:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-04-12 22:06 - 2017-03-28 07:28 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-04-12 22:06 - 2017-03-28 07:27 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-04-12 22:06 - 2017-03-28 07:25 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-12 22:06 - 2017-03-28 07:25 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-04-12 22:06 - 2017-03-28 07:24 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-12 22:06 - 2017-03-28 07:24 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-04-12 22:06 - 2017-03-28 07:24 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-04-12 22:06 - 2017-03-28 07:24 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-04-12 22:06 - 2017-03-28 07:24 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-04-12 22:06 - 2017-03-28 07:23 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-12 22:06 - 2017-03-28 07:23 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-04-12 22:06 - 2017-03-28 07:23 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-12 22:06 - 2017-03-28 07:22 - 01284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-04-12 22:06 - 2017-03-28 07:21 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-04-12 22:06 - 2017-03-28 07:20 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-04-12 22:06 - 2017-03-28 07:20 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-04-12 22:06 - 2017-03-28 07:20 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-12 22:06 - 2017-03-28 07:19 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2017-04-12 22:06 - 2017-03-28 07:19 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-04-12 22:06 - 2017-03-28 07:19 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-04-12 22:06 - 2017-03-28 07:19 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2017-04-12 22:06 - 2017-03-28 07:19 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-04-12 22:06 - 2017-03-28 07:18 - 12181504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-12 22:06 - 2017-03-28 07:18 - 01406976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-04-12 22:06 - 2017-03-28 07:18 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-12 22:06 - 2017-03-28 07:17 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-04-12 22:06 - 2017-03-28 07:17 - 03774464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-04-12 22:06 - 2017-03-28 07:17 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-04-12 22:06 - 2017-03-28 07:17 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2017-04-12 22:06 - 2017-03-28 07:16 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-04-12 22:06 - 2017-03-28 07:16 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-04-12 22:06 - 2017-03-28 07:14 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-04-12 22:06 - 2017-03-28 07:14 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-04-12 22:06 - 2017-03-28 07:14 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-04-12 22:06 - 2017-03-28 07:13 - 06045184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-12 22:06 - 2017-03-28 07:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-04-12 22:06 - 2017-03-28 07:13 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-04-12 22:06 - 2017-03-28 07:13 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-04-12 22:06 - 2017-03-28 07:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-12 22:06 - 2017-03-28 07:12 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-04-12 22:06 - 2017-03-28 07:12 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-12 22:06 - 2017-03-28 07:12 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-12 22:06 - 2017-03-28 07:12 - 01235968 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-04-12 22:06 - 2017-03-28 07:12 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-04-12 22:06 - 2017-03-28 07:12 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-04-12 22:06 - 2017-03-28 07:12 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-04-12 22:06 - 2017-03-28 07:12 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-04-12 22:06 - 2017-03-28 07:12 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-04-12 22:06 - 2017-03-28 07:12 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-04-12 22:06 - 2017-03-28 07:11 - 03596288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-04-12 22:06 - 2017-03-28 07:11 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-12 22:06 - 2017-03-28 07:11 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-04-12 22:06 - 2017-03-28 07:11 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-12 22:06 - 2017-03-28 07:11 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-04-12 22:06 - 2017-03-28 07:11 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-04-12 22:06 - 2017-03-28 07:10 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-12 22:06 - 2017-03-28 07:09 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2017-04-12 22:06 - 2017-03-28 07:08 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-12 22:06 - 2017-03-18 19:28 - 01384704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-04-12 22:06 - 2017-03-18 19:02 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-12 22:06 - 2017-03-18 18:59 - 01378304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-04-12 22:06 - 2017-03-18 18:45 - 01949696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-12 22:06 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-04-12 22:05 - 2017-03-28 09:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-04-12 22:05 - 2017-03-28 08:21 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-04-12 22:05 - 2017-03-28 08:14 - 00583136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-04-12 22:05 - 2017-03-28 08:07 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-04-12 22:05 - 2017-03-28 08:04 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-04-12 22:05 - 2017-03-28 08:02 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-04-12 22:05 - 2017-03-28 07:52 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-04-12 22:05 - 2017-03-28 07:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-04-12 22:05 - 2017-03-28 07:40 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-12 22:05 - 2017-03-28 07:39 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-04-12 22:05 - 2017-03-28 07:39 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-04-12 22:05 - 2017-03-28 07:39 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2017-04-12 22:05 - 2017-03-28 07:39 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-04-12 22:05 - 2017-03-28 07:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-12 22:05 - 2017-03-28 07:38 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-04-12 22:05 - 2017-03-28 07:37 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-04-12 22:05 - 2017-03-28 07:36 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-04-12 22:05 - 2017-03-28 07:36 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-04-12 22:05 - 2017-03-28 07:36 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-04-12 22:05 - 2017-03-28 07:35 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-04-12 22:05 - 2017-03-28 07:35 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-04-12 22:05 - 2017-03-28 07:35 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dxpserver.exe
2017-04-12 22:05 - 2017-03-28 07:35 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-04-12 22:05 - 2017-03-28 07:35 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-04-12 22:05 - 2017-03-28 07:35 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-04-12 22:05 - 2017-03-28 07:35 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-04-12 22:05 - 2017-03-28 07:35 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-04-12 22:05 - 2017-03-28 07:34 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-04-12 22:05 - 2017-03-28 07:34 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-04-12 22:05 - 2017-03-28 07:33 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-04-12 22:05 - 2017-03-28 07:33 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-04-12 22:05 - 2017-03-28 07:32 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-04-12 22:05 - 2017-03-28 07:32 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-04-12 22:05 - 2017-03-28 07:32 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-04-12 22:05 - 2017-03-28 07:32 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 22:05 - 2017-03-28 07:32 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-04-12 22:05 - 2017-03-28 07:31 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-04-12 22:05 - 2017-03-28 07:31 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-04-12 22:05 - 2017-03-28 07:30 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-04-12 22:05 - 2017-03-28 07:29 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-04-12 22:05 - 2017-03-28 07:28 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-04-12 22:05 - 2017-03-28 07:26 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-04-12 22:05 - 2017-03-28 07:26 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-04-12 22:05 - 2017-03-28 07:25 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-04-12 22:05 - 2017-03-28 07:24 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-04-12 22:05 - 2017-03-28 07:23 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-04-12 22:05 - 2017-03-28 07:22 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-04-12 22:05 - 2017-03-28 07:19 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-04-12 22:05 - 2017-03-28 07:16 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-04-12 22:05 - 2017-03-28 07:15 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-04-12 22:05 - 2017-03-28 07:14 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-04-12 22:05 - 2017-03-28 07:12 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-04-12 22:05 - 2017-03-28 07:12 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-12 22:05 - 2017-03-28 07:12 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-04-12 22:05 - 2017-03-28 07:12 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-04-12 22:05 - 2017-03-28 07:12 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-04-12 21:09 - 2017-04-12 21:09 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Logitech
2017-04-12 21:08 - 2017-04-12 21:08 - 00000320 _____ C:\Users\mikelsoft\Desktop\MyHarmony.appref-ms
2017-04-12 21:08 - 2017-04-12 21:08 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logitech
2017-04-12 21:07 - 2017-04-28 13:45 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\Deployment
2017-04-11 21:24 - 2017-04-11 21:24 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Gapminder Foundation
2017-04-11 21:24 - 2017-04-11 21:24 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\Gapminder Foundation
2017-04-11 21:21 - 2017-04-11 21:21 - 00001165 _____ C:\Users\Public\Desktop\LibreOffice 5.3.lnk
2017-04-11 21:21 - 2017-04-11 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.3
2017-04-11 21:20 - 2017-04-11 21:21 - 00000000 ____D C:\Program Files\LibreOffice 5
2017-04-11 21:19 - 2017-04-11 21:19 - 00001263 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gapminder World.lnk
2017-04-11 21:19 - 2017-04-11 21:19 - 00001251 _____ C:\Users\Public\Desktop\Gapminder World.lnk
2017-04-11 21:19 - 2017-04-11 21:19 - 00000000 ____D C:\Program Files\Gapminder World
2017-04-08 14:14 - 2017-04-08 14:14 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2017-04-08 14:06 - 2017-04-08 14:06 - 00001018 _____ C:\Users\Public\Desktop\HiSuite.lnk
2017-04-08 14:06 - 2017-04-08 14:06 - 00000000 ____D C:\Users\mikelsoft\Documents\HiSuite
2017-04-08 14:06 - 2017-04-08 14:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2017-04-08 14:05 - 2017-04-08 14:12 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\Hisuite
2017-04-08 14:05 - 2017-04-08 14:06 - 00000000 ____D C:\Program Files\HiSuite
2017-04-08 14:05 - 2016-11-25 08:15 - 01837296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFUpdate_01009.dll
2017-04-08 14:05 - 2016-11-25 08:15 - 01461992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfCoInstaller01009.dll
2017-04-08 14:05 - 2016-11-25 08:15 - 00851176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winusbcoinstaller2.dll
2017-04-08 14:05 - 2016-11-25 08:15 - 00249856 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbnet.sys
2017-04-08 14:05 - 2016-11-25 08:15 - 00195200 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbmdm.sys
2017-04-08 14:05 - 2016-11-25 08:15 - 00112512 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_cdcacm.sys
2017-04-08 14:05 - 2016-11-25 08:15 - 00102272 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_usbdev.sys
2017-04-08 14:05 - 2016-11-25 08:15 - 00015360 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbccgpfilter.sys
2017-04-07 17:25 - 2017-04-27 17:22 - 01663672 _____ (Malwarebytes) C:\Users\mikelsoft\Desktop\JRT.exe
2017-04-07 17:24 - 2017-04-07 17:28 - 00065993 _____ C:\Users\mikelsoft\Desktop\Additionold.txt
2017-04-07 17:22 - 2017-04-29 19:43 - 00000000 ____D C:\FRST
2017-04-07 17:22 - 2017-04-07 17:28 - 00099866 _____ C:\Users\mikelsoft\Desktop\FRSTold.txt
2017-04-07 17:18 - 2017-04-29 10:47 - 01768448 _____ (Farbar) C:\Users\mikelsoft\Desktop\FRST.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-29 19:09 - 2016-08-19 18:02 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-29 12:32 - 2015-08-22 19:40 - 00000000 ____D C:\download
2017-04-29 12:09 - 2015-08-23 10:02 - 00000000 ____D C:\my download
2017-04-29 12:07 - 2016-09-20 11:26 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-29 10:34 - 2015-08-23 23:30 - 00000600 _____ C:\Users\mikelsoft\AppData\Local\PUTTY.RND
2017-04-28 19:41 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-28 13:25 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\Resources
2017-04-28 06:26 - 2016-09-20 11:24 - 00094936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-04-27 21:07 - 2016-12-02 20:26 - 00000000 ____D C:\Users\mikelsoft\AppData\LocalLow\Mozilla
2017-04-27 20:59 - 2016-02-14 19:26 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2017-04-27 19:24 - 2016-04-11 14:19 - 00000000 ___RD C:\Users\mikelsoft\Dropbox
2017-04-27 19:21 - 2017-02-26 21:29 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-04-27 19:21 - 2016-08-19 18:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-27 19:21 - 2015-08-22 21:46 - 00000000 __SHD C:\Users\mikelsoft\IntelGraphicsProfiles
2017-04-27 18:12 - 2016-07-16 04:22 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-04-27 17:56 - 2015-08-23 22:29 - 00000000 ____D C:\Program Files\TeamViewer
2017-04-27 17:30 - 2015-08-22 21:18 - 00000600 _____ C:\Users\mikelsoft\AppData\Roaming\winscp.rnd
2017-04-27 17:14 - 2016-08-19 18:09 - 00000000 ____D C:\Users\mikelsoft
2017-04-27 17:13 - 2016-09-15 19:17 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-04-27 17:13 - 2015-10-25 14:53 - 00000000 ____D C:\AdwCleaner
2017-04-27 16:55 - 2016-10-16 11:59 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\Atlassian
2017-04-27 16:55 - 2016-10-16 11:56 - 00000000 ____D C:\ProgramData\Atlassian
2017-04-27 16:48 - 2016-09-20 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-04-27 16:45 - 2016-03-11 14:53 - 00380928 _____ C:\Users\mikelsoft\Desktop\gmer.exe
2017-04-27 15:17 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-27 14:30 - 2016-07-16 10:29 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-27 14:18 - 2016-09-22 17:12 - 459242511 _____ C:\WINDOWS\MEMORY.DMP
2017-04-27 14:18 - 2016-08-23 13:27 - 00000000 ____D C:\WINDOWS\Minidump
2017-04-27 06:12 - 2016-04-11 14:09 - 00000000 ____D C:\Program Files\Dropbox
2017-04-26 13:03 - 2016-08-19 19:00 - 00000000 ___DC C:\WINDOWS\Panther
2017-04-26 13:03 - 2016-08-19 18:31 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2017-04-26 13:03 - 2016-08-19 18:31 - 00001908 _____ C:\WINDOWS\diagerr.xml
2017-04-26 12:53 - 2017-02-26 20:18 - 00000000 ____D C:\Users\mikelsoft\Downloads\Intel Components
2017-04-26 11:38 - 2015-08-22 21:36 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-26 11:21 - 2016-07-16 10:28 - 00000000 ____D C:\WINDOWS\INF
2017-04-24 12:12 - 2015-09-26 05:59 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2017-04-24 12:10 - 2017-02-15 01:10 - 00001974 _____ C:\Users\Public\Desktop\Sonos.lnk
2017-04-24 12:10 - 2015-09-26 06:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2017-04-24 12:10 - 2015-09-26 06:00 - 00000000 ____D C:\Program Files\Sonos
2017-04-24 12:10 - 2015-09-26 05:59 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\Downloaded Installations
2017-04-24 12:03 - 2015-08-22 21:05 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\AIMP
2017-04-22 14:43 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-04-22 14:43 - 2016-07-16 10:19 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-20 22:38 - 2015-10-21 20:54 - 00000000 ____D C:\Users\mikelsoft\.zenmap
2017-04-19 22:30 - 2015-08-22 21:07 - 00001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2017-04-19 22:30 - 2015-08-22 21:07 - 00001104 _____ C:\Users\Public\Desktop\WinSCP.lnk
2017-04-19 22:30 - 2015-08-22 21:07 - 00000000 ____D C:\Program Files\WinSCP
2017-04-18 19:31 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\rescache
2017-04-15 11:47 - 2016-07-16 19:27 - 00945224 _____ C:\WINDOWS\system32\perfh007.dat
2017-04-15 11:47 - 2016-07-16 19:27 - 00218010 _____ C:\WINDOWS\system32\perfc007.dat
2017-04-15 11:47 - 2015-08-22 22:41 - 02335380 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-13 19:11 - 2015-08-22 22:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-13 19:08 - 2016-08-23 15:15 - 00270160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-13 19:08 - 2015-08-27 13:43 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-04-13 19:07 - 2016-07-16 10:29 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-04-13 19:07 - 2016-07-16 10:29 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-04-13 19:07 - 2016-07-16 10:29 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-13 19:07 - 2016-07-16 10:29 - 00000000 ___RD C:\Program Files\Windows Defender
2017-04-13 19:07 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\setup
2017-04-13 19:07 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-04-13 19:07 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\Provisioning
2017-04-13 19:07 - 2016-07-16 10:29 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-12 22:35 - 2015-08-22 23:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-12 22:27 - 2015-08-27 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-04-12 22:27 - 2015-08-22 23:04 - 145733648 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-12 13:57 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-04-09 12:36 - 2015-08-22 20:57 - 00430248 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-04-06 16:36 - 2015-08-22 21:25 - 00002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-06 16:36 - 2015-08-22 21:25 - 00002198 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-01 20:52 - 2016-10-14 14:31 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-04-01 20:52 - 2016-10-14 14:31 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-02-15 01:11 - 2017-02-15 01:11 - 0000000 _____ () C:\Users\mikelsoft\AppData\Roaming\1c03d32c-a102-4688-8343-028b0b725a54.storage
2017-02-17 14:44 - 2017-02-17 14:44 - 0000000 _____ () C:\Users\mikelsoft\AppData\Roaming\744c8c86-fbb3-43ee-b2fb-910e33acb9a7.storage
2016-07-17 16:22 - 2016-07-17 20:20 - 0000069 _____ () C:\Users\mikelsoft\AppData\Roaming\advinator.ini
2016-01-30 21:22 - 2016-07-17 20:20 - 0012670 _____ () C:\Users\mikelsoft\AppData\Roaming\advo.tmp
2016-01-29 22:24 - 2016-01-10 11:52 - 0533504 _____ (cURL, hxxp://curl.haxx.se/) C:\Users\mikelsoft\AppData\Roaming\curlchk.exe
2016-07-20 11:45 - 2016-10-29 14:01 - 0002194 _____ () C:\Users\mikelsoft\AppData\Roaming\emm_times.ini
2016-02-02 20:57 - 2016-02-03 15:05 - 0001782 _____ () C:\Users\mikelsoft\AppData\Roaming\ftp.bmp
2016-02-02 20:58 - 2016-02-03 15:04 - 0001782 _____ () C:\Users\mikelsoft\AppData\Roaming\loc.bmp
2016-07-17 16:43 - 2016-07-17 16:43 - 0000069 _____ () C:\Users\mikelsoft\AppData\Roaming\observator.ini
2016-01-30 20:12 - 2016-01-30 19:23 - 0360448 _____ (Simon Tatham) C:\Users\mikelsoft\AppData\Roaming\psftp.exe
2016-02-02 20:29 - 2016-02-03 15:08 - 0001782 _____ () C:\Users\mikelsoft\AppData\Roaming\ssh.bmp
2016-05-11 07:57 - 2016-05-11 07:57 - 0001510 _____ () C:\Users\mikelsoft\AppData\Roaming\tiers3.dat
2015-08-22 21:18 - 2017-04-27 17:30 - 0000600 _____ () C:\Users\mikelsoft\AppData\Roaming\winscp.rnd
2015-08-23 23:30 - 2017-04-29 10:34 - 0000600 _____ () C:\Users\mikelsoft\AppData\Local\PUTTY.RND
2016-02-12 22:11 - 2016-02-12 22:11 - 0000218 _____ () C:\Users\mikelsoft\AppData\Local\recently-used.xbel
2015-08-22 19:40 - 2015-08-22 19:42 - 0013972 _____ () C:\Users\mikelsoft\AppData\Local\WiDiSetupLog.20150822.194042.wdl
2017-02-14 13:46 - 2017-02-14 13:46 - 0000000 _____ () C:\Users\mikelsoft\AppData\Local\zenmap.exe.log
2016-08-19 18:05 - 2016-08-19 18:05 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
2014-09-24 00:42 - 2014-09-24 00:42 - 0013824 _____ () C:\Users\mikelsoft\AppData\Local\Temp\gkey.exe
2016-10-20 19:26 - 2016-10-20 19:26 - 2458672 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\mikelsoft\AppData\Local\Temp\libeay32.dll
2016-10-20 19:26 - 2016-10-20 19:26 - 0970912 _____ (Microsoft Corporation) C:\Users\mikelsoft\AppData\Local\Temp\msvcr120.dll
2015-03-02 14:25 - 2015-03-02 14:25 - 0027648 _____ () C:\Users\mikelsoft\AppData\Local\Temp\pkeyui.exe
2016-10-20 19:26 - 2016-10-20 19:26 - 0772672 _____ () C:\Users\mikelsoft\AppData\Local\Temp\sqlite3.dll
2015-03-01 19:09 - 2017-04-20 13:20 - 0048848 _____ () C:\Users\mikelsoft\AppData\Local\Temp\wabk.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


nointegritychecks: ==> "IntegrityChecks" ist deaktiviert. <===== ACHTUNG

LastRegBack: 2017-04-22 18:45

==================== Ende vom FRST.txt ============================
         


Alt 29.04.2017, 21:20   #6
inesa394
 
Mirai botnet Brief vom Telekom Sicherheitswarnung - Standard

Mirai botnet Brief vom Telekom Sicherheitswarnung



Laptop
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 27-04-2017
durchgeführt von mikelsoft (29-04-2017 19:45:45)
Gestartet von C:\Users\mikelsoft\Desktop
Microsoft Windows 10 Home Version 1607 (X86) (2016-08-19 16:34:26)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2548902348-863574374-2724880110-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2548902348-863574374-2724880110-503 - Limited - Disabled)
Gast (S-1-5-21-2548902348-863574374-2724880110-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2548902348-863574374-2724880110-1006 - Limited - Enabled)
inesa (S-1-5-21-2548902348-863574374-2724880110-1003 - Limited - Enabled)
mikelsoft (S-1-5-21-2548902348-863574374-2724880110-1000 - Administrator - Enabled) => C:\Users\mikelsoft
Sonos (S-1-5-21-2548902348-863574374-2724880110-1004 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

. . . (Version: 2.7.2.4 - Intel) Hidden
7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\{E38C529D-DD73-4002-8489-E09CEBD9BF32}) (Version: 12.2.0.162 - Adobe Systems, Inc)
AIMP (HKLM\...\AIMP) (Version: v4.10.1827, 08.08.2016 - AIMP DevTeam)
Air Monitor 2.44.0 (HKLM\...\REHAU Air Monitor_is1) (Version:  - )
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.4.0 - Sereby Corporation)
Amazon Music (HKU\S-1-5-21-2548902348-863574374-2724880110-1000\...\Amazon Amazon Music) (Version: 5.3.5.1704 - Amazon Services LLC)
Android SDK Tools (HKLM\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Arduino (HKLM\...\Arduino) (Version: 1.6.10 - Arduino LLC)
AVR Burn-O-Mat 2.1.2 (HKLM\...\{B9F41D01-DB28-4595-B93C-2732A54CBEA2}_is1) (Version:  - Torsten Brischalle)
BidCoS Service (HKLM\...\BidCoS Service) (Version: 1.520.0 - eQ-3 Entwicklung GmbH)
BidCoS Service (Version: 1.520.0 - eQ-3 Entwicklung GmbH) Hidden
calibre (HKLM\...\{C94D271E-A338-48CD-A4F6-F031E928BC1F}) (Version: 2.80.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
CrystalDiskInfo 7.0.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.0.0 - Crystal Dew World)
Cura 15.04.6 (HKLM\...\Cura_15.04.6) (Version:  - )
Cura 2.4 (HKLM\...\Cura 2.4) (Version: 2.4.0-BETA - Ultimaker)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
Dropbox (HKLM\...\Dropbox) (Version: 24.4.17 - Dropbox, Inc.)
Dropbox Update Helper (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
DVBViewer Pro (HKLM\...\DVBViewer Pro_is1) (Version: 5.6.4 - CM&V)
EmEditor (32-bit) (HKLM\...\{CA360FEE-642A-4BDE-8C17-10950C90FF7E}) (Version: 16.1.1 - Emurasoft, Inc.)
Eye4 1.3.0.87 (HKLM\...\{DE24BB52-3A46-4ED1-8E57-41E724F6BC74}_is1) (Version:  - Shenzhen VStarcam Technology Co., Ltd)
FileZilla Client 3.19.0 (HKLM\...\FileZilla Client) (Version: 3.19.0 - Tim Kosse)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.3.6.321 - Foxit Software Inc.)
FreeCAD 0.16 - A free open source CAD system (HKLM\...\FreeCAD 0.16) (Version: 0.16.6700 - Juergen Riegel)
FreeFileSync 7.8 (HKLM\...\FreeFileSync) (Version: 7.8 - www.FreeFileSync.org)
Gapminder World 0.0.7 (x86 en-US) (HKLM\...\Gapminder World 0.0.7 (x86 en-US)) (Version: 0.0.7 - Gapminder Foundation)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Drive (HKLM\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.33.5 - Google Inc.) Hidden
gpedt.msc 1.0 (HKLM\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version:  - Richard)
Greenshot 1.2.9.129 (HKLM\...\Greenshot_is1) (Version: 1.2.9.129 - Greenshot)
HiSuite (HKLM\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HM-1X_Aid_v01 (HKU\S-1-5-21-2548902348-863574374-2724880110-1000\...\eb209edbb3db51c1) (Version: 1.0.0.1 - HM-1X_Aid_v01)
HomeMatic Config (HKLM\...\HomeMatic Config) (Version: 1.520.0 - eQ-3 Entwicklung GmbH)
HomeMatic Config (Version: 1.520.0 - eQ-3 Entwicklung GmbH) Hidden
HomeMatic Firmware Update Tool (HKLM\...\HomeMatic Firmware Update Tool) (Version: 1.2 - eQ-3 Entwicklung GmbH)
HomeMatic Firmware Update Tool (Version: 1.2 - eQ-3 Entwicklung GmbH) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel® Driver Update Utility (HKLM\...\{954190cd-c66c-4650-bd15-f3dd85f2ae15}) (Version: 2.7.2.4 - Intel)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
Kodi (HKU\S-1-5-21-2548902348-863574374-2724880110-1000\...\Kodi) (Version:  - XBMC-Foundation)
Lenovo EasyCamera (HKLM\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10269 - Realtek Semiconductor Corp.)
Lenovo System Interface Foundation (HKLM\...\{884BAF97-AC8D-463E-846A-47DD41866A19}) (Version: 1.0.044.00 - Lenovo)
Lenovo System Update (HKLM\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0032 - Lenovo)
LG Mobile Driver (HKLM\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.1.1 - LG Electronics)
LG PC Suite (HKLM\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics)
LibreOffice 5.3.2.2 (HKLM\...\{8DA98699-6AD4-49CF-A9A0-B5E7B7981BE6}) (Version: 5.3.2.2 - The Document Foundation)
Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.8.6.8 - Hermann Schinagl)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
moDiag 2.8.602 (HKLM\...\moDiag_is1) (Version: 2.8.602 - Matthias Tieben)
Mozilla Firefox 51.0 (x86 de) (HKLM\...\Mozilla Firefox 51.0 (x86 de)) (Version: 51.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 51.0 - Mozilla)
MPC-HC 1.7.9 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.9 - MPC-HC Team)
MyHarmony (HKU\S-1-5-21-2548902348-863574374-2724880110-1000\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
Nmap 7.40 (HKLM\...\Nmap) (Version: 7.40 - )
No-IP DUC (HKLM\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC)
Notepad++ (32-bit x86) (HKLM\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
Npcap 0.78 r5 (HKLM\...\NpcapInst) (Version: 0.78 r5 - Nmap Project)
OpenVPN 2.3.12-I602  (HKLM\...\OpenVPN) (Version: 2.3.12-I602 - )
Oracle VM VirtualBox 5.0.26 (HKLM\...\{7A5DA8D4-D4C7-4E60-A4F6-053B7B745901}) (Version: 5.0.26 - Oracle Corporation)
PuTTY release 0.68 (HKLM\...\{55717628-7AE6-4BCF-A046-FA2768945E76}) (Version: 0.68.0.0 - Simon Tatham)
Python 2.7.12 (HKLM\...\{9DA28CE5-0AA5-429E-86D8-686ED898C665}) (Version: 2.7.12150 - Python Software Foundation)
Qualcomm Atheros Bluetooth Suite (HKLM\...\{A76CC483-4AAB-4DDF-9920-ADBEA8CCDBA2}) (Version: 10.0.1.1 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realterm 2.0.0.70_SignedWrapper (HKLM\...\Realterm) (Version: 2.0.0.70_SignedWrapper - Broadcast Equipment)
Repetier-Host GEEEtech Version 0.90D (HKLM\...\{97593A53-AD51-459B-AA1A-F9ADC826A177}_is1) (Version: 0.90D - )
Repetier-Host Version 1.6.2 (HKLM\...\{1143F758-929B-4EEB-8784-46CCB622F037}_is1) (Version: 1.6.2 - repetier)
Repetier-Server (HKLM\...\Repetier-Server) (Version: 0.80.2 - Hot-World GmbH & Co. KG)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
ScanMaster-ELM 2.1.104.771 (HKLM\...\ScanMaster-ELM_is1) (Version: 2.1.104.771 - WGSoft.de)
ScanMaster-ELM 4.0.0.2065 DEMO (HKLM\...\{76E1EA66-989B-475A-92AF-F950B49E711E}_is1) (Version: 4.0.0.2065 - WGSoft.de)
Shark007 ADVANCED Codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 5.3.5 - Shark007)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.30 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.103 - Skype Technologies S.A.)
Sonos Controller (HKLM\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 35.3.39010 - Sonos, Inc.)
Strawberry Perl (HKLM\...\{A9F555F9-7368-1014-A275-8A8131843670}) (Version: 5.24.1 - strawberryperl.com project)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.13.0 - Synaptics Incorporated)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamViewer 12 (HKLM\...\TeamViewer) (Version: 12.0.75813 - TeamViewer)
TeraCopy 3.0 alfa 3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
TP-LINK PLC Utility (HKLM\...\{B0E80E49-FBC8-4A5B-B04C-222CBD95B2F6}) (Version: 2.1.2309 - TP-LINK)
Universal Adb Driver (HKLM\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
USBPcap 1.1.0.0-g794bf26 (HKLM\...\USBPcap) (Version:  - )
VeraCrypt (HKLM\...\VeraCrypt) (Version: 1.19 - IDRIX)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.5 - VideoLAN)
WinAVR 20100110 (remove only) (HKLM\...\WinAVR-20100110) (Version: 20100110 - )
Windows 10-Upgrade-Assistent (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
Windows Driver Package - Arduino LLC (www.arduino.cc) Arduino USB Driver (01/04/2013 1.0.0.0) (HKLM\...\124CD00616895BFBEA8CB26599398B83F46A34C2) (Version: 01/04/2013 1.0.0.0 - Arduino LLC (www.arduino.cc))
Windows Driver Package - Arduino LLC (www.arduino.cc) Arduino USB Driver (01/04/2013 1.0.0.0) (HKLM\...\1E3EA5624DD04BEFECF3FFF6D3A21CCE9CD70A91) (Version: 01/04/2013 1.0.0.0 - Arduino LLC (www.arduino.cc))
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (12/06/2010 4.0.0000.00000) (HKLM\...\FE6F385A54D12F7C8459466625BE8A478BA59D47) (Version: 12/06/2010 4.0.0000.00000 - Google, Inc.)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows-Treiberpaket - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
Windows-Treiberpaket - Silicon Laboratories Inc. (silabser) Ports  (11/20/2015 6.7.2.200) (HKLM\...\F189C013BFD9D0C73BEC97AD2CFF0CF7CAD1E670) (Version: 11/20/2015 6.7.2.200 - Silicon Laboratories Inc.)
WinSCP 5.9.5 (HKLM\...\winscp3_is1) (Version: 5.9.5 - Martin Prikryl)
Wireshark 2.0.1 (32-bit) (HKLM\...\Wireshark) (Version: 2.0.1 - The Wireshark developer community, hxxps://www.wireshark.org)
XAMPP (HKLM\...\xampp) (Version: 7.1.1-0 - Bitnami)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2548902348-863574374-2724880110-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0377F02E-3498-4667-B82E-826A885113DE} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => %ProgramFiles%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe 
Task: {06237F7B-F668-4676-8E8C-E25B7436678A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe 
Task: {12C5C19E-0885-4EA7-909F-026A1548AF6D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {1867A585-2F52-4D38-8E86-F86EB32197D8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {1A5ED7B2-111C-47A5-A96B-DB25C69C9490} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-04-11] (Dropbox, Inc.)
Task: {1F902CFC-1124-4724-91DE-A353953457EB} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {292FCDD1-9D5C-49ED-B718-0FE8E678BA9C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {2B62041A-4FF0-4B3C-A1FA-C2672742675A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {32CBE677-2C37-4473-ADC1-1CB119634BAD} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {3437ECF7-205A-44E8-AF36-EA31997AE063} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-08-13] (@ByELDI)
Task: {38E23F37-D469-4049-B105-1A8340E7DEDD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {4CE1A7EB-231B-4886-B425-7538255561D5} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {61525B3A-0D5C-42F4-8E8E-0DFFD1164FB8} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {655B0218-B3CC-4D9F-9EE4-D88810D8CAC2} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-12] (Adobe Systems Incorporated)
Task: {65BAC873-C05D-4DF9-BB29-88E302DA43D2} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe 
Task: {6FA20866-D02D-430A-946E-33C1890D2957} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo)
Task: {79FF03A4-0AE0-44EA-A244-905978B93F45} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {7A6D1F88-3A2C-45FC-B59B-D4FEF7544F2E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {7A804AA4-37B0-4C6E-80E2-85FE188711CF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {7B10773D-8702-467F-8AC8-D29BE949B8F2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {8089CE3A-8F1B-4838-B52A-432223D02DF8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-04-12] (Microsoft Corporation)
Task: {8257A8FF-3FB4-4199-AB0A-8ACD0248239F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe 
Task: {877EFC97-A0F2-4DA4-85D8-92EEA6FFEBB4} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe 
Task: {8DD50DFB-7505-4E45-83DF-52E6F58F1502} - System32\Tasks\{BF72A7F3-5D5F-467E-8689-F6DDECD9B042} => pcalua.exe -a "C:\Program Files\HHD Software\Free Serial Port Monitor\Device Monitor.exe" -d C:\WINDOWS\system32
Task: {8FEC6C1E-BEA9-47CD-800D-2E69E1484065} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {965B5063-C134-4D6D-8B7F-C5074EA8CC36} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe [2017-04-12] (Adobe Systems Incorporated)
Task: {97F98AD6-6CAA-4B7F-AA59-BCFCC30B667F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {A3B7F2EE-A44E-4D0D-9810-C6864D8F7F43} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-04-11] (Dropbox, Inc.)
Task: {AC2D2009-08D5-4CF6-AA65-4EAFCBF70D18} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe 
Task: {B3EFB582-2F42-43EB-83D5-5DF76200226E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {CA600D2D-67EE-4155-9EB3-6FCCCD8D62BD} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {E5142F3B-8817-4014-9629-1FB94A04A2A5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {E6191B27-A255-4DFD-AD90-8477DE4B1DF4} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {E8A89E63-9557-48F1-845A-1A36659B9F18} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {EF0FBDAC-78B6-4C1C-80D4-C615A272681B} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {F41A1E5F-5B26-44D6-9593-8AA87BCBEC66} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files\Lenovo\System Update\tvsuShim.exe [2016-07-07] ()
Task: {F6CE5A4B-88C1-4CDD-BC3D-73FD36CC782A} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files\Lenovo\System Update\tvsuShim.exe [2016-07-07] ()
Task: {FC61C30F-702E-407E-A5C6-FF9D4A9C968A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {FEBC1984-C596-4261-B534-58EB147BE31A} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => sc control iMControllerService 128

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Link Shell Extension\Donate.lnk -> hxxp://schinagl.priv.at/nt/hardlinkshellext/linkshellextension.htm

ShortcutWithArgument: C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Advanced REST client.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hgmloofddffdnphfgcellkdfbfbjeloo
ShortcutWithArgument: C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Codebender App.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=magknjdfniglanojbpadmpjlglepnlko

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 10:25 - 2016-07-16 10:25 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-12 22:06 - 2017-03-28 08:15 - 02048496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-23 00:02 - 2015-08-23 00:02 - 00216992 _____ () C:\Windows\System32\iMDriverHelper.dll
2016-09-20 11:37 - 2017-03-17 15:49 - 00019184 _____ () C:\WINDOWS\system32\spool\PRTPROCS\W32X86\TeamViewer_PrintProcessor.dll
2015-08-13 21:24 - 2015-08-13 21:24 - 00033696 _____ () C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
2015-12-07 17:29 - 2015-12-07 17:29 - 00598016 _____ () C:\Program Files\BidCoS Service\rfd.exe
2015-12-07 17:18 - 2015-12-07 17:18 - 00137216 _____ () C:\Program Files\BidCoS Service\xmlrpc.dll
2015-12-07 17:24 - 2015-12-07 17:24 - 00245248 _____ () C:\Program Files\BidCoS Service\libhsscomm.dll
2015-12-07 17:23 - 2015-12-07 17:23 - 00093184 _____ () C:\Program Files\BidCoS Service\elvutils.dll
2015-12-07 17:18 - 2015-12-07 17:18 - 00028160 _____ () C:\Program Files\BidCoS Service\xmlparser.dll
2015-12-07 17:18 - 2015-12-07 17:18 - 00027648 _____ () C:\Program Files\BidCoS Service\pthread.dll
2016-11-25 08:16 - 2016-11-25 08:16 - 00155848 _____ () C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe
2016-11-27 17:53 - 2016-11-27 17:53 - 05940584 _____ () C:\Program Files\Repetier-Server\bin\RepetierServer.exe
2017-04-12 22:06 - 2017-03-28 08:15 - 02048496 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-06-27 17:25 - 2016-06-27 17:25 - 00048816 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2004-09-30 19:09 - 2004-09-30 19:09 - 00155648 _____ () C:\Program Files\LinkShellExtension\RockallDLL.dll
2015-08-23 09:19 - 2015-04-21 21:55 - 02308608 _____ () C:\Program Files\TeraCopy\TeraCopyExt.dll
2017-02-13 00:31 - 2017-02-13 00:31 - 00267952 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2016-08-19 20:38 - 2016-08-19 20:38 - 00679624 _____ () C:\Users\mikelsoft\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\ClientTelemetry.dll
2015-08-23 09:19 - 2015-04-21 22:11 - 01063936 _____ () C:\Program Files\TeraCopy\TeraCopy.dll
2016-07-16 10:25 - 2016-07-16 10:25 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 23:59 - 2017-03-04 08:24 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 23:58 - 2017-03-04 08:04 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 23:58 - 2017-03-04 07:58 - 01150464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-22 12:46 - 2016-08-06 05:21 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-12 22:06 - 2017-03-28 07:10 - 01724928 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-12 22:06 - 2017-03-28 07:11 - 03158016 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-04-27 06:10 - 2017-04-26 19:59 - 00870720 _____ () C:\Program Files\Dropbox\Client\dropbox_watchdog.dll
2017-04-27 06:10 - 2017-03-29 01:54 - 00035792 _____ () C:\Program Files\Dropbox\Client\_multiprocessing.pyd
2017-04-27 06:10 - 2017-03-29 01:54 - 00100296 _____ () C:\Program Files\Dropbox\Client\_ctypes.pyd
2017-04-27 06:10 - 2017-03-29 01:54 - 00018888 _____ () C:\Program Files\Dropbox\Client\select.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00019776 _____ () C:\Program Files\Dropbox\Client\tornado.speedups.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00020824 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-04-27 06:10 - 2017-03-29 01:54 - 00123856 _____ () C:\Program Files\Dropbox\Client\_cffi_backend.pyd
2017-04-27 06:10 - 2017-03-29 01:54 - 00694224 _____ () C:\Program Files\Dropbox\Client\unicodedata.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 01729360 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00020816 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-04-27 06:10 - 2017-03-29 01:54 - 00145864 _____ () C:\Program Files\Dropbox\Client\pyexpat.pyd
2017-04-27 06:10 - 2017-03-29 01:54 - 00019408 _____ () C:\Program Files\Dropbox\Client\faulthandler.pyd
2017-04-27 06:10 - 2017-03-29 01:54 - 00116688 _____ () C:\Program Files\Dropbox\Client\pywintypes27.dll
2017-04-27 06:10 - 2017-03-29 01:56 - 00105928 _____ () C:\Program Files\Dropbox\Client\win32api.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00022864 _____ () C:\Program Files\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00060736 _____ () C:\Program Files\Dropbox\Client\psutil._psutil_windows.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00038712 _____ () C:\Program Files\Dropbox\Client\fastpath.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00024528 _____ () C:\Program Files\Dropbox\Client\win32event.pyd
2017-04-27 06:10 - 2017-03-29 01:54 - 00392656 _____ () C:\Program Files\Dropbox\Client\pythoncom27.dll
2017-04-27 06:10 - 2017-03-29 01:56 - 00020936 _____ () C:\Program Files\Dropbox\Client\mmapfile.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00116176 _____ () C:\Program Files\Dropbox\Client\win32security.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00392512 _____ () C:\Program Files\Dropbox\Client\win32com.shell.shell.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00124880 _____ () C:\Program Files\Dropbox\Client\win32file.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00026456 _____ () C:\Program Files\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00024016 _____ () C:\Program Files\Dropbox\Client\win32clipboard.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00175560 _____ () C:\Program Files\Dropbox\Client\win32gui.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00030160 _____ () C:\Program Files\Dropbox\Client\win32pipe.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00043472 _____ () C:\Program Files\Dropbox\Client\win32process.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00048592 _____ () C:\Program Files\Dropbox\Client\win32service.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00057808 _____ () C:\Program Files\Dropbox\Client\win32evtlog.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00024016 _____ () C:\Program Files\Dropbox\Client\win32profile.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00246608 _____ () C:\Program Files\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00027488 _____ () C:\Program Files\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-04-27 06:10 - 2017-03-29 01:55 - 00241104 _____ () C:\Program Files\Dropbox\Client\_jpegtran.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00022336 _____ () C:\Program Files\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00025432 _____ () C:\Program Files\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00028616 _____ () C:\Program Files\Dropbox\Client\win32ts.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 01826104 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtCore.pyd
2017-04-27 06:10 - 2017-03-29 01:54 - 00083912 _____ () C:\Program Files\Dropbox\Client\sip.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 01972024 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtGui.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 03928896 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00171336 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00042816 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00531264 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00133432 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00224064 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00207680 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00060880 _____ () C:\Program Files\Dropbox\Client\win32print.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00054608 _____ () C:\Program Files\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00022864 _____ () C:\Program Files\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00069968 _____ () C:\Program Files\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00022872 _____ () C:\Program Files\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00021848 _____ () C:\Program Files\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00022872 _____ () C:\Program Files\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00349128 _____ () C:\Program Files\Dropbox\Client\winxpgui.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00103232 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00023896 _____ () C:\Program Files\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00025936 _____ () C:\Program Files\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-04-27 06:10 - 2017-03-29 01:52 - 00036296 _____ () C:\Program Files\Dropbox\Client\librsync.dll
2017-04-27 06:10 - 2017-04-26 20:02 - 00033112 _____ () C:\Program Files\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-04-27 06:10 - 2017-03-22 19:47 - 00293392 _____ () C:\Program Files\Dropbox\Client\EnterpriseDataAdapter.dll
2017-04-27 06:10 - 2017-04-26 20:02 - 00084288 _____ () C:\Program Files\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-04-27 06:10 - 2017-04-26 20:02 - 00030536 _____ () C:\Program Files\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-04-27 06:10 - 2017-03-29 02:00 - 00017864 _____ () C:\Program Files\Dropbox\Client\libEGL.dll
2017-04-27 06:10 - 2017-03-29 02:00 - 01631184 _____ () C:\Program Files\Dropbox\Client\libGLESv2.dll
2017-04-27 06:10 - 2017-04-26 20:02 - 00357688 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQml.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00026456 _____ () C:\Program Files\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00546104 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQuick.pyd
2016-06-29 05:13 - 2016-06-29 05:13 - 01708072 _____ () C:\Program Files\EmEditor\emedres.dll
2016-06-29 19:24 - 2016-06-29 19:24 - 00444456 _____ () C:\Program Files\EmEditor\mui\1031\emedloc.dll
2017-04-06 16:36 - 2017-03-29 04:04 - 02187096 _____ () C:\Program Files\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-04-06 16:36 - 2017-03-29 04:04 - 00086360 _____ () C:\Program Files\Google\Chrome\Application\57.0.2987.133\libegl.dll
2017-04-26 11:00 - 2017-04-26 11:01 - 00067584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x86__kzf8qxf38zg5c\SkypeHost.exe
2017-04-26 11:00 - 2017-04-26 11:01 - 00162304 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-26 11:00 - 2017-04-26 11:01 - 30891008 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x86__kzf8qxf38zg5c\SkyWrap.dll
2017-04-26 11:00 - 2017-04-26 11:01 - 01737216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x86__kzf8qxf38zg5c\skypert.dll
2015-07-20 17:34 - 2015-07-20 17:34 - 00012288 _____ () C:\Program Files\No-IP\ducservice.exe
2015-07-20 17:34 - 2015-07-20 17:34 - 00073728 _____ () C:\Program Files\No-IP\ducapi.dll
2016-07-07 15:21 - 2016-07-07 15:21 - 00031104 _____ () C:\Program Files\Lenovo\System Update\UNCServer.exe
2017-04-12 21:09 - 2017-04-12 21:09 - 00456704 _____ () C:\Users\mikelsoft\AppData\Local\Apps\2.0\E20X19JB.C55\WNNEL1AX.QG3\myha..tion_893f52c973591bc9_0001.0000_6a878e02a9e32088\AppFiles\MyHarmony.exe
2017-04-12 21:08 - 2017-04-12 21:09 - 36625920 _____ () C:\Users\mikelsoft\AppData\Local\Apps\2.0\E20X19JB.C55\WNNEL1AX.QG3\myha..tion_893f52c973591bc9_0001.0000_6a878e02a9e32088\AppFiles\libcef.dll
2017-04-12 21:08 - 2017-04-12 21:08 - 00861184 _____ () C:\Users\mikelsoft\AppData\Local\Apps\2.0\E20X19JB.C55\WNNEL1AX.QG3\myha..tion_893f52c973591bc9_0001.0000_6a878e02a9e32088\AppFiles\ffmpegsumo.dll
2017-04-12 21:08 - 2017-04-12 21:08 - 00231424 _____ () C:\Users\mikelsoft\AppData\Local\Apps\2.0\E20X19JB.C55\WNNEL1AX.QG3\myha..tion_893f52c973591bc9_0001.0000_6a878e02a9e32088\AppFiles\PlugIns\HarmonyRemoteDriver_32\SDE.dll
2017-04-12 21:08 - 2017-04-12 21:08 - 00214016 _____ () C:\Users\mikelsoft\AppData\Local\Apps\2.0\E20X19JB.C55\WNNEL1AX.QG3\myha..tion_893f52c973591bc9_0001.0000_6a878e02a9e32088\AppFiles\PlugIns\HarmonyRemoteDriver_32\UsbDevice.dll
2017-03-08 04:42 - 2017-03-08 04:42 - 00021680 _____ () C:\Program Files\Notepad++\plugins\NppExport.dll
2015-05-15 16:24 - 2015-05-15 16:24 - 02873856 _____ () C:\Program Files\Notepad++\plugins\NppFTP.dll
2015-08-13 21:24 - 2015-08-13 21:24 - 00033696 _____ () C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:C68DE4A3 [215]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2548902348-863574374-2724880110-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4B7C5D91-CE31-4EB0-926A-060DC43C463D}] => (Block) C:\program files\arduino\java\bin\javaw.exe
FirewallRules: [{25A90115-178A-42BD-9D22-0A0EF91F31FD}] => (Block) C:\program files\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{2A6FABB8-A310-4FF9-9908-A693DD97B8D9}C:\program files\arduino\java\bin\javaw.exe] => (Allow) C:\program files\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{49CA917D-535A-4DB9-A42B-2FBB2FC1C498}C:\program files\arduino\java\bin\javaw.exe] => (Allow) C:\program files\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{C8015BE9-D2C5-49D8-B8A8-856F3D195F31}C:\my download\hootoo\ipcsearch-windows pc search software\ipcsearch.exe] => (Allow) C:\my download\hootoo\ipcsearch-windows pc search software\ipcsearch.exe
FirewallRules: [TCP Query User{284C2AC7-1527-4A07-9B75-F1C3F9335198}C:\my download\hootoo\ipcsearch-windows pc search software\ipcsearch.exe] => (Allow) C:\my download\hootoo\ipcsearch-windows pc search software\ipcsearch.exe
FirewallRules: [{FC2E5481-2F87-4313-8D7F-0084B1D31A57}] => (Block) %ProgramFiles%\EmEditor\EmEditor.exe
FirewallRules: [{9B90E0E6-572F-4E00-A241-E3D52CC69F26}] => (Block) %ProgramFiles%\EmEditor\EEAdmin.exe
FirewallRules: [{CD9DF409-1068-433B-952A-3C7BAA4B2DA2}] => (Allow) C:\Program Files\DVBViewer\DVBViewer.exe
FirewallRules: [UDP Query User{B2316DE8-3664-4F1E-9AC0-62F0B4C6EF4F}C:\program files\homematic firmware update tool\lanif_config_gui.exe] => (Allow) C:\program files\homematic firmware update tool\lanif_config_gui.exe
FirewallRules: [TCP Query User{9A5F8E85-2F4F-4EAA-909F-743117458428}C:\program files\homematic firmware update tool\lanif_config_gui.exe] => (Allow) C:\program files\homematic firmware update tool\lanif_config_gui.exe
FirewallRules: [UDP Query User{C3D68551-8DDA-48BC-B6CE-6A21B10257C9}C:\program files\sonos\sonos.exe] => (Allow) C:\program files\sonos\sonos.exe
FirewallRules: [TCP Query User{527B5744-D6CA-4FBE-81EF-F3A334E3DEA5}C:\program files\sonos\sonos.exe] => (Allow) C:\program files\sonos\sonos.exe
FirewallRules: [UDP Query User{4BA570F0-50E4-4B14-A687-EEDAD39F95EE}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{11389AF6-F482-4371-AC91-C79B321FB8DE}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{7432CD3A-381D-489C-A1FA-39A6EE46F731}C:\program files\bidcos service\rfd.exe] => (Allow) C:\program files\bidcos service\rfd.exe
FirewallRules: [TCP Query User{34563280-4E8A-4B48-9423-8FD1C6074CA1}C:\program files\bidcos service\rfd.exe] => (Allow) C:\program files\bidcos service\rfd.exe
FirewallRules: [UDP Query User{D3F5C7C4-38AA-4090-A4D0-6EBF2E4C78F2}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe
FirewallRules: [TCP Query User{F2143A7F-E505-4EBD-9735-21D4075CA9B8}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe
FirewallRules: [UDP Query User{BF88E184-94A6-4CFD-91DA-1C8226BD4ED8}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{86F7E1CF-84AA-47CC-85FE-E3A081E30FE8}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{22DF8DF2-C1B3-4C58-A079-8DD182734669}C:\my download\app-pnp-upgrade.exe] => (Allow) C:\my download\app-pnp-upgrade.exe
FirewallRules: [TCP Query User{BBB86216-A5B8-4BCE-929B-BE687F9D5F39}C:\my download\app-pnp-upgrade.exe] => (Allow) C:\my download\app-pnp-upgrade.exe
FirewallRules: [UDP Query User{C6EEC503-8351-49E9-A34C-ACD198A7DA92}C:\program files\eye cloud\superipcam.exe] => (Allow) C:\program files\eye cloud\superipcam.exe
FirewallRules: [TCP Query User{7A28E7F7-7115-4E2F-B08D-BCDD2AA9D227}C:\program files\eye cloud\superipcam.exe] => (Allow) C:\program files\eye cloud\superipcam.exe
FirewallRules: [UDP Query User{DBD5AF06-115F-4C2C-BCA3-0105DF7D583F}C:\program files\bel\realterm\realterm.exe] => (Allow) C:\program files\bel\realterm\realterm.exe
FirewallRules: [TCP Query User{70A6EE6E-7445-4B34-B9E2-45C8C831F0CA}C:\program files\bel\realterm\realterm.exe] => (Allow) C:\program files\bel\realterm\realterm.exe
FirewallRules: [UDP Query User{3AD8B6FF-98B6-4D4D-B5C4-565B92DAB07B}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{97FDDA5D-7EAF-4150-AF15-DA01332D85F5}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{7E92F895-7B5F-4063-A05B-44E98C7DD891}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{3464B5E6-A77A-4C47-ABAF-CCDFF6F0DB74}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{E489BD1F-416B-47D5-BDF8-B1A06BCDB805}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{BE23353D-689D-478C-9601-1300CC4A2ED5}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{5D3C9633-A847-4848-A312-C4BD4ACC0921}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2FCE2165-AB9D-4247-A3DD-09D977242B31}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6C7E1546-64E3-4A59-A0CD-01B57382E25E}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{48DF1B7F-E338-497D-8565-050EDF39EAB6}] => (Allow) C:\Program Files\DVBViewer\dvbviewer.exe
FirewallRules: [{C1E29778-E45A-47E2-B73C-8F0618B4CD70}] => (Allow) C:\Program Files\DVBViewer\dvbviewer.exe
FirewallRules: [{A00C6113-EEFB-48B4-B87E-4DCB60B9144D}] => (Allow) %ProgramFiles%\DVBViewer\dvbviewer.exe
FirewallRules: [{9AC755CD-4FB2-45DF-9D7B-1996178A35F3}] => (Allow) LPort=8089
FirewallRules: [{C49BEC67-BD54-4EED-BA37-DA2CFA3F2CEE}] => (Allow) LPort=8089
FirewallRules: [TCP Query User{D7631753-F20B-46A6-B0BD-E4460041DD6B}C:\program files\sonos\sonos.exe] => (Allow) C:\program files\sonos\sonos.exe
FirewallRules: [UDP Query User{81A88F54-D151-4F5B-9FF9-D3ED40C3909C}C:\program files\sonos\sonos.exe] => (Allow) C:\program files\sonos\sonos.exe
FirewallRules: [TCP Query User{5D4370F8-6274-4626-AF2D-7570A221F64C}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{91E5357A-885C-4AEE-B75B-FD0896486D4D}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [{6C290331-8F4C-4CC3-BD86-7920A26F2961}] => (Allow) C:\Program Files\BidCoS Service\lanif_config.exe
FirewallRules: [{7BEC1A79-2440-4861-A94D-F252F0252BD6}] => (Allow) C:\Program Files\BidCoS Service\lanif_config_gui.exe
FirewallRules: [{BEEBEA70-7806-445C-A5CD-9C6D26778A73}] => (Allow) C:\Program Files\BidCoS Service\lanif_config.exe
FirewallRules: [{484BEEE0-9D5D-4526-977C-AA1B43A7DB67}] => (Allow) C:\Program Files\BidCoS Service\lanif_config_gui.exe
FirewallRules: [{3491F92F-170C-4FFA-BFC5-B3E339092A09}] => (Allow) C:\Program Files\HomeMatic Config\lanif_config_gui.exe
FirewallRules: [{C80F8CE1-F224-48BD-85E8-5437939E4832}] => (Allow) C:\Program Files\HomeMatic Config\rfd.exe
FirewallRules: [{B7D86E20-870E-41C4-9D60-CD289C908DAC}] => (Allow) C:\Program Files\HomeMatic Config\hm_config.exe
FirewallRules: [{23FFC881-F2EB-4716-86E7-E8D63095B30A}] => (Allow) C:\Program Files\HomeMatic Config\tclsh85t.exe
FirewallRules: [{47D3F39F-4E22-4B6C-90C3-56088C52D346}] => (Allow) C:\Program Files\HomeMatic Config\hm_config.exe
FirewallRules: [{5D16CDCC-818F-4235-8473-CA91A11529B4}] => (Allow) C:\Program Files\HomeMatic Config\lanif_config_gui.exe
FirewallRules: [{9E61B4B2-6726-44A8-A69C-04AC4060F667}] => (Allow) C:\Program Files\HomeMatic Config\tclsh85t.exe
FirewallRules: [{BA1997AA-ABFE-44D5-98C9-5655EC302D81}] => (Allow) C:\Program Files\HomeMatic Config\rfd.exe
FirewallRules: [{98EF2316-D886-489C-8F79-A9050631DDCD}] => (Allow) C:\Program Files\Lenovo\System Update\uncserver.exe
FirewallRules: [{BD181A1E-187B-47F4-A0CB-E2BB79EF9612}] => (Allow) C:\Program Files\Lenovo\System Update\uncserver.exe
FirewallRules: [TCP Query User{B3737FE3-9F57-4002-90EF-0F34C010CC8B}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files\tp-link\tp-link plc utility\tpplc.exe
FirewallRules: [UDP Query User{227C35E3-7729-4B34-99F7-CBC2136DA7AA}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files\tp-link\tp-link plc utility\tpplc.exe
FirewallRules: [TCP Query User{B59FF07D-215B-4058-9A0B-7F1AA137B83C}C:\program files\cura 2.3\cura.exe] => (Allow) C:\program files\cura 2.3\cura.exe
FirewallRules: [UDP Query User{2F3E32C9-8DEF-42CE-BA6F-DE94D0A35CEB}C:\program files\cura 2.3\cura.exe] => (Allow) C:\program files\cura 2.3\cura.exe
FirewallRules: [{039F2A76-2AE9-4C68-85E4-4693439DA6C5}] => (Allow) C:\Program Files\Repetier-Server\bin\RepetierServer.exe
FirewallRules: [{2CD590FD-E08E-4165-B751-435C4015F475}] => (Allow) C:\Program Files\Repetier-Server\bin\RepetierServer.exe
FirewallRules: [{BE1B4D9E-A2F1-4456-BAC3-F153CAB77DE0}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{D4FA499F-E783-4762-9136-84EFB862B3FC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{098502C5-C944-4D76-9216-2D3E7698FA94}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{79C78CB2-77CA-40B8-B946-C0B9D1358021}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{C32D134F-D4D0-4593-A3D9-E364C28B1E8B}C:\users\mikelsoft\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\mikelsoft\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [UDP Query User{4AADD78B-1BC2-463D-AF9E-D140BEDAB835}C:\users\mikelsoft\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\mikelsoft\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [{0393C0A7-1AA4-4072-90D0-95F41FEA6098}] => (Block) C:\users\mikelsoft\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [{10BEDF9D-EFD5-4251-941E-71EA87312A47}] => (Block) C:\users\mikelsoft\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [{839AA6C4-5853-4EA5-9700-34119B2AC9DC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{C782AA57-5485-497D-B983-EEFEC5227F10}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{5E5B0DAE-F45D-40BB-A15C-7585E8D3206F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{574A02A5-B3B4-4E5A-9851-D9DC4993AE19}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{77A2996D-4EB8-461C-8F17-FF703B2252DA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{CE11FF57-BC87-4E0F-94E7-93EAFD01BA9C}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{88D82540-0EBE-4552-818E-0A1EACA772DD}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{13C29023-23C3-4350-90E0-85871909C035}] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{CF9940F1-656F-4450-AFD4-AD65D1853FE7}] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{DB26DFD9-7672-4BB8-9C40-C21D555E2E2E}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe

==================== Wiederherstellungspunkte =========================

11-04-2017 21:19:00 Installed LibreOffice 5.3.2.2
21-04-2017 20:32:15 Geplanter Prüfpunkt
26-04-2017 11:37:11 Intel® Driver Update Utility
27-04-2017 16:52:42 Removed SourceTree
27-04-2017 17:23:34 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Npcap Loopback Adapter
Description: Microsoft Loopbackadapter für KM-TEST
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kmloop
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: High Definition Audio-Gerät
Description: High Definition Audio-Gerät
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HdAudAddService
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/29/2017 10:29:11 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\crystaldiskinfo\DiskInfo64.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/29/2017 10:28:15 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\freefilesync\bin\FreeFileSync_x64.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/29/2017 10:28:15 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\freefilesync\bin\RealtimeSync_x64.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/29/2017 10:27:43 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\arduino\drivers\dpinst-amd64.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/29/2017 10:26:38 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Cura 2.4\arduino\dpinst64.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/29/2017 10:25:39 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Cura_15.04.6\drivers\dpinst64.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/28/2017 11:59:11 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Fehler bei der Installation des Kaufnachweises. 0xC004E016
Teil-Pkey=6CKHM
ACID=?
Genauer Fehler[?]

Error: (04/28/2017 01:25:45 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet

Error: (04/28/2017 01:24:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (04/28/2017 01:24:44 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {2a276bbb-235a-489f-9e6f-b3fa76839443}


Systemfehler:
=============
Error: (04/29/2017 10:30:28 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
Unzulässige Funktion.

Error: (04/27/2017 07:21:17 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/27/2017 07:21:17 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/27/2017 07:21:17 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/27/2017 06:06:53 PM) (Source: DCOM) (EventID: 10010) (User: MIKELSOFT-LAPTO)
Description: Der Server "{21F282D1-A881-49E1-9A3A-26E44E39B86C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/27/2017 06:04:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/27/2017 06:04:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/27/2017 06:04:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/27/2017 05:50:23 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT-AUTORITÄT)
Description: Bei der automatischen WLAN-Konfiguration wurde eine eingeschränkte Konnektivität erkannt, "Reset/Recover.adapter" wird ausgeführt.

 Code: 8 0x0 0x0

Error: (04/27/2017 05:50:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT-AUTORITÄT)
Description: Bei der automatischen WLAN-Konfiguration wurde eine eingeschränkte Konnektivität erkannt, "Reset/Recover.adapter" wird ausgeführt.

 Code: 2 0xdeaddeed 0xeeec


CodeIntegrity:
===================================
  Date: 2017-02-22 19:16:56.233
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-22 19:16:56.227
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-22 19:16:56.207
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-20 16:13:46.443
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-20 16:13:46.439
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-20 16:13:46.395
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-18 21:39:54.294
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-18 21:39:54.290
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-18 21:39:54.225
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-17 15:57:59.106
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 8108.36 MB
Verfügbarer physikalischer RAM: 4884.53 MB
Summe virtueller Speicher: 16300.36 MB
Verfügbarer virtueller Speicher: 11095.32 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:464.34 GB) (Free:278.43 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=1000 MB) - (Type=0B)
Partition 2: (Not Active) - (Size=464.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Ende vom Addition.txt ============================
         

Alt 29.04.2017, 21:21   #7
inesa394
 
Mirai botnet Brief vom Telekom Sicherheitswarnung - Standard

Mirai botnet Brief vom Telekom Sicherheitswarnung



Rechner 1 FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27-04-2017
durchgeführt von mikelsoft (Administrator) auf ZENTIS (29-04-2017 19:53:06)
Gestartet von C:\Users\mikelsoft\Desktop
Geladene Profile: mikelsoft & DefaultAppPool (Verfügbare Profile: mikelsoft & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
() C:\Program Files (x86)\Repetier-Server\bin\RepetierServer.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.8067.2032\OfficeClickToRun.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Valve Corporation) H:\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(ROCCAT GmbH Co., Ltd.) C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe
(Creative Technology Ltd.) C:\Windows\V0770Mon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe
(Valve Corporation) H:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-04-13] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-04-07] (AVAST Software)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [V0770Mon.exe] => C:\WINDOWS\V0770Mon.exe [41600 2015-10-06] (Creative Technology Ltd.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RoccatIskuFX] => C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe [540672 2014-10-19] (ROCCAT GmbH)
HKU\S-1-5-21-2426455433-2531843764-2980284681-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2426455433-2531843764-2980284681-1000\...\Run: [Steam] => H:\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-2426455433-2531843764-2980284681-1000\...\Run: [GoogleChromeAutoLaunch_EEFE44D0258C3D0E520D3E68631825C9] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [977240 2017-04-19] (Google Inc.)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-04-07] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-04-07] (AVAST Software)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-03-18] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-03-18] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-03-18] (Acronis)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk [2015-10-09]
ShortcutTarget: Roccat Talk.lnk -> C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe (ROCCAT GmbH Co., Ltd.)
Startup: C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-10-14]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5216e562-0503-489d-8e12-f8d78b887b89}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-10-28] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-04-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-28] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-04-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-28] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-04-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-28] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-18] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-04-18] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-04-18] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-18] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-04-18] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-04-18] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530 [2017-04-18]
FF NewTab: Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530 -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530 -> Avast Search
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530 -> hxxps://search.avast.com/AV772/search/web?q={searchTerms}
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530 -> Avast Search
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530 -> Avast Search
FF Homepage: Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530 -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530 -> ist aktiviert.
FF Keyword.URL: Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530 -> hxxps://search.avast.com/AV772/search/web?q={searchTerms}
FF Extension: (Flash Video Downloader - YouTube HD Download [4K]) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530\Extensions\artur.dubovoy@gmail.com [2017-03-05]
FF Extension: (anonymoX) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530\Extensions\client@anonymox.net.xpi [2017-01-29]
FF Extension: (YouTube™ Flash® Player) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2017-01-09]
FF Extension: (Avast SafePrice) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530\Extensions\sp@avast.com.xpi [2017-04-07]
FF Extension: (Google Translator for Firefox) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530\Extensions\translator@zoli.bod.xpi [2017-02-10]
FF Extension: (uBlock Origin) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530\Extensions\uBlock0@raymondhill.net.xpi [2017-04-18]
FF Extension: (Avast Online Security) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530\Extensions\wrc@avast.com.xpi [2017-04-07]
FF Extension: (Flagfox) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2017-03-23]
FF Extension: (Media Converter) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530\Extensions\{6e764c17-863a-450f-bdd0-6772bd5aaa18}.xpi [2016-11-30]
FF Extension: (NoScript) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-03-29]
FF Extension: (Live HTTP headers) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2016-04-27]
FF Extension: (WOT) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-01-12]
FF Extension: (FireFTP) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2017-02-04]
FF Extension: (Video DownloadHelper) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-01-06]
FF Extension: (DownThemAll!) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-29]
FF Extension: (Disable Prefetch) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\l6cywnnt.default-1452556399530\features\{a768e27b-292a-4cc5-a321-2a4b08de9d6e}\disable-prefetch@mozilla.org.xpi [2017-04-04]
FF ProfilePath: C:\Users\mikelsoft\AppData\Roaming\Flickr\Flickr Uploadr\Profiles\vv71miu2.default [2015-10-05]
FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-03-31] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-20] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-28] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-04-18] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-20] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw.dll [2015-07-23] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-07-28] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-07-28] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-07-28] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-07-28] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-28] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-04-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-04-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-02-20] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-02-20] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-02-20] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-02-20] (VideoLAN)
FF Plugin HKU\S-1-5-21-2426455433-2531843764-2980284681-1000: runtop.com/RTPlayer -> C:\Program Files (x86)\VVVIPCamera\npRTPlayer.dll [2015-09-08] (RunTop)
FF Plugin HKU\S-1-5-21-2426455433-2531843764-2980284681-1000: SkypePlugin -> C:\Users\mikelsoft\AppData\Local\SkypePlugin\7.16.0.22\npGatewayNpapi.dll [2016-03-04] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-2426455433-2531843764-2980284681-1000: SkypePlugin64 -> C:\Users\mikelsoft\AppData\Local\SkypePlugin\7.16.0.22\npGatewayNpapi-x64.dll [2016-03-04] (Skype Technologies S.A.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://search.orbitdownloader.com/
CHR StartupUrls: Default -> "hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f056386a-ace8-4385-b788-b001646a9ec1&searchtype=hp&installDate=20/05/2013","hxxp://www.google.com/","hxxp://www.istartsurf.com/?type=hp&ts=1438291744&z=835a089035872680a155b5eg1zfcbb0odtdofe7oeq&from=smt&uid=CorsairXForceX3XSSD_11476502000008951204","hxxp://www.istartsurf.com/?type=hppp&ts=1438291805&z=396efe5531988c07fea5102g8z3c4bfo6t8o8e4beb&from=smt&uid=CorsairXForceX3XSSD_11476502000008951204","hxxp://www.google.com"
CHR Profile: C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default [2017-04-29]
CHR Extension: (Google*Übersetzer) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2016-12-20]
CHR Extension: (Google Präsentationen) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-05]
CHR Extension: (h264ify) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleakchihdccplidncghkekgioiakgal [2016-12-20]
CHR Extension: (Google Docs) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-05]
CHR Extension: (Google Drive) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-08]
CHR Extension: (Wetter (Erweiterung)) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2017-03-10]
CHR Extension: (TV) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2016-12-20]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-03-07]
CHR Extension: (YouTube) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-05]
CHR Extension: (Adblock Plus) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-22]
CHR Extension: (Adblock für Youtube™) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-04-19]
CHR Extension: (Google-Suche) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-08]
CHR Extension: (Avast SafePrice) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-17]
CHR Extension: (Google Tabellen) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-05]
CHR Extension: (TabSaver) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmjkkhoegfianolbdbceddpgnidbfpmo [2017-04-29]
CHR Extension: (Google Docs Offline) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (AdBlock) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-18]
CHR Extension: (IP-Adresse) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjndloejlcbpkholmagjbddfkjmmploh [2017-04-07]
CHR Extension: (In Google Drive speichern) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2016-12-20]
CHR Extension: (Avast Online Security) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-04-06]
CHR Extension: (Advanced REST client) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgmloofddffdnphfgcellkdfbfbjeloo [2017-02-28]
CHR Extension: (Google Play Music) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2016-12-20]
CHR Extension: (Dropbox) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2016-12-20]
CHR Extension: (eBay für Chrome) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2016-12-20]
CHR Extension: (Erweiterte Startseite) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhlflcpjmbmnhfehipheboagibdjgmog [2016-12-20]
CHR Extension: (Skype) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-09]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-10-13]
CHR Extension: (Google Maps) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-12-20]
CHR Extension: (Codebender App) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\magknjdfniglanojbpadmpjlglepnlko [2016-12-20]
CHR Extension: (Google Mail-Checker) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2016-12-20]
CHR Extension: (Downloads) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi [2017-04-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Picasa) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2016-12-20]
CHR Extension: (Google Mail) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-05]
CHR Extension: (Chrome Media Router) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-29]
CHR HKU\S-1-5-21-2426455433-2531843764-2980284681-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1195840 2016-05-10] ()
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [4463592 2016-11-04] ()
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-15] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7376984 2017-04-07] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-04-07] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3801792 2017-04-06] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1648840 2016-08-05] (Foxit Software Inc.)
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [192304 2016-02-16] ()
S3 MailbirdUpdater.exe; C:\Program Files (x86)\Mailbird\MailbirdUpdater.exe [329144 2015-08-10] (Mailbird) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-03-28] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-03-28] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-04-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-03-28] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-06] (Electronic Arts)
R2 RepetierServer; C:\Program Files (x86)\Repetier-Server\bin\RepetierServer.exe [5940584 2016-11-27] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [118576 2014-11-26] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9698296 2016-04-16] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
S3 wlpasvc; C:\WINDOWS\System32\lpasvc.dll [1295360 2017-03-18] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [307736 2017-04-07] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-04-07] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334088 2017-04-07] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-04-07] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-04-07] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-04-07] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [127624 2017-04-07] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-04-07] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-04-07] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1006136 2017-04-07] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [561392 2017-04-07] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [164064 2017-04-07] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-04-07] (AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-10-06] (Disc Soft Ltd)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [339800 2016-11-04] (Acronis International GmbH)
S3 FTDIBUS; C:\WINDOWS\system32\drivers\ftdibus.sys [118160 2016-10-04] (Future Technology Devices International Ltd.)
S3 FTSER2K; C:\WINDOWS\system32\drivers\ftser2k.sys [88752 2016-10-04] ()
S3 iaLPSS2i_GPIO2_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [85504 2017-03-18] (Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [168448 2017-03-18] (Intel Corporation)
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [52832 2017-01-27] (hxxp://libusb-win32.sourceforge.net)
S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47928 2017-01-26] (hxxp://libusb-win32.sourceforge.net)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-04-29] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92096 2017-04-29] (Malwarebytes)
S3 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [81232 2016-12-15] (Insecure.Com LLC.)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e69a53b8ddde469c\nvlddmkm.sys [14841784 2017-04-03] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [66608 2017-04-01] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-03-28] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek                                            )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1267552 2016-11-04] (Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [193376 2016-11-04] (Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [601432 2016-11-04] (Acronis International GmbH)
R3 USBPcap; C:\WINDOWS\system32\DRIVERS\USBPcap.sys [41720 2015-10-07] (USBPcap)
R3 V0770Vid; C:\WINDOWS\system32\DRIVERS\V0770Vid.sys [388616 2015-10-06] (Creative Technology Ltd.)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2016-01-19] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [194976 2016-01-19] (Oracle Corporation)
R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [198248 2016-02-29] (IDRIX)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [279392 2016-11-04] (Acronis International GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-29 19:53 - 2017-04-29 19:53 - 00036999 _____ C:\Users\mikelsoft\Desktop\FRST.txt
2017-04-29 11:36 - 2017-04-27 16:57 - 04102600 _____ C:\Users\mikelsoft\Desktop\adwcleaner_6.046.exe
2017-04-29 11:27 - 2017-04-27 15:50 - 00602112 _____ (OldTimer Tools) C:\Users\mikelsoft\Desktop\OTL.exe
2017-04-29 11:23 - 2017-04-29 11:23 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Google
2017-04-29 11:23 - 2017-04-29 11:23 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-04-18 16:56 - 2017-04-18 16:56 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\NVIDIA
2017-04-18 16:53 - 2017-04-29 11:24 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-18 16:53 - 2017-04-29 11:24 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-18 16:53 - 2017-04-29 11:24 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-18 16:53 - 2017-04-29 11:24 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-18 16:53 - 2017-04-29 11:24 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-18 16:53 - 2017-04-29 11:24 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-18 16:53 - 2017-04-29 11:24 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-18 16:53 - 2017-04-29 11:24 - 00001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-04-18 16:53 - 2017-04-18 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-04-18 16:53 - 2017-03-28 05:32 - 01882048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-04-18 16:53 - 2017-03-28 05:32 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-04-18 16:53 - 2017-03-28 05:32 - 01472960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-04-18 16:53 - 2017-03-28 05:32 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-04-18 16:53 - 2017-03-28 05:32 - 00121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-04-18 16:53 - 2017-03-21 06:27 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-04-18 16:52 - 2017-04-01 05:27 - 00512960 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-04-18 16:52 - 2017-04-01 05:27 - 00420408 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-04-18 16:52 - 2017-04-01 04:10 - 06437312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-04-18 16:52 - 2017-04-01 04:10 - 02481208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-04-18 16:52 - 2017-04-01 04:10 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-04-18 16:52 - 2017-04-01 04:10 - 00549944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-04-18 16:52 - 2017-04-01 04:10 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-04-18 16:52 - 2017-04-01 04:10 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-04-18 16:52 - 2017-04-01 04:10 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-04-18 16:52 - 2017-04-01 03:36 - 00136248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-04-18 16:52 - 2017-03-31 12:15 - 07851747 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-04-18 16:52 - 2017-03-28 03:25 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-04-18 16:49 - 2017-04-02 18:12 - 01600560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-04-18 16:49 - 2017-04-02 18:12 - 00218040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-04-18 16:49 - 2017-04-02 18:12 - 00046008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 40201152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 35354048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 35280320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 28592184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 11111392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 11056272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 10635192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 09316648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 09014792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 08876272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 04085712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 03790904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 03602296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 03246016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 01988032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438165.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 01591352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438165.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 01278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 01276128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 01055800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 00995920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 00993872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 00990144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 00960448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 00911296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 00821184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 00776048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 00688968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 00652856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 00618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 00612088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 00577544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 00499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-04-18 16:49 - 2017-04-01 05:27 - 00045061 _____ C:\WINDOWS\system32\nvinfo.pb
2017-04-18 16:49 - 2017-04-01 05:27 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-04-18 16:49 - 2017-04-01 05:27 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-04-18 16:49 - 2017-04-01 02:41 - 00172592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-04-18 16:49 - 2017-04-01 02:41 - 00146480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-04-18 16:49 - 2017-04-01 02:41 - 00076840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\SETB581.tmp
2017-04-18 16:49 - 2017-04-01 02:41 - 00066608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-04-18 16:49 - 2017-03-28 05:32 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-04-18 16:23 - 2015-01-16 20:57 - 00014480 _____ C:\WINDOWS\system32\Drivers\nvflash.sys
2017-04-12 19:18 - 2017-04-12 19:18 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-04-11 19:26 - 2017-04-01 02:57 - 01411640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-04-11 19:26 - 2017-04-01 02:57 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-11 19:26 - 2017-04-01 02:57 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-11 19:26 - 2017-04-01 02:29 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-11 19:26 - 2017-04-01 02:28 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-04-11 19:26 - 2017-04-01 02:25 - 06756920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-11 19:26 - 2017-04-01 02:25 - 00986592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-11 19:26 - 2017-04-01 02:11 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-04-11 19:26 - 2017-04-01 02:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-11 19:26 - 2017-04-01 02:09 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-11 19:26 - 2017-04-01 02:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-11 19:26 - 2017-04-01 02:08 - 19334144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-11 19:26 - 2017-04-01 02:04 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-04-11 19:26 - 2017-04-01 02:02 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-11 19:26 - 2017-04-01 02:02 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-04-11 19:26 - 2017-04-01 02:01 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-04-11 19:26 - 2017-04-01 01:59 - 11869696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-11 19:26 - 2017-04-01 01:58 - 06296064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-11 19:26 - 2017-04-01 01:58 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-11 19:26 - 2017-04-01 01:56 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-04-11 19:26 - 2017-04-01 01:52 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-11 19:26 - 2017-04-01 01:52 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-11 19:25 - 2017-04-01 03:05 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-11 19:25 - 2017-04-01 03:05 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-11 19:25 - 2017-04-01 03:04 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-04-11 19:25 - 2017-04-01 03:04 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-04-11 19:25 - 2017-04-01 03:04 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-11 19:25 - 2017-04-01 02:59 - 08319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-11 19:25 - 2017-04-01 02:52 - 02444184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-11 19:25 - 2017-04-01 02:52 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-11 19:25 - 2017-04-01 02:51 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-04-11 19:25 - 2017-04-01 02:51 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-11 19:25 - 2017-04-01 02:51 - 00205728 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-04-11 19:25 - 2017-04-01 02:50 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-04-11 19:25 - 2017-04-01 02:48 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-11 19:25 - 2017-04-01 02:47 - 01323880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-11 19:25 - 2017-04-01 02:19 - 23675392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-11 19:25 - 2017-04-01 02:06 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-11 19:25 - 2017-04-01 02:05 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-11 19:25 - 2017-04-01 02:04 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-11 19:25 - 2017-04-01 02:03 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-11 19:25 - 2017-04-01 01:58 - 23680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-11 19:25 - 2017-04-01 01:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-04-11 19:25 - 2017-04-01 01:55 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-04-11 19:25 - 2017-04-01 01:55 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-04-11 19:25 - 2017-04-01 01:55 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-04-11 19:25 - 2017-04-01 01:53 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-11 19:25 - 2017-04-01 01:52 - 08247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-11 19:25 - 2017-04-01 01:50 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-04-11 19:25 - 2017-04-01 01:50 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-11 19:25 - 2017-04-01 01:48 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-04-11 19:25 - 2017-04-01 01:47 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-04-11 19:25 - 2017-04-01 01:45 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-11 19:25 - 2017-04-01 01:44 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-11 19:25 - 2017-03-31 23:00 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-04-11 19:25 - 2017-03-25 10:28 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-04-11 19:25 - 2017-03-25 09:58 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-04-11 19:08 - 2017-04-11 19:08 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\DBG
2017-04-09 18:42 - 2017-04-09 18:42 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2017-04-07 21:28 - 2017-04-07 21:28 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-04-07 21:28 - 2017-04-07 20:31 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-04-07 21:28 - 2017-03-17 23:00 - 05739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2017-04-07 21:28 - 2017-03-17 22:59 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2017-04-07 21:28 - 2017-03-17 22:48 - 06348288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2017-04-07 21:28 - 2017-03-17 22:43 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2017-04-07 21:28 - 2017-03-17 22:35 - 05484544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2017-04-07 21:26 - 2017-04-07 21:26 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-04-07 21:26 - 2017-04-07 21:26 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-04-07 21:26 - 2017-04-07 21:26 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-04-07 21:26 - 2017-04-07 21:26 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-04-07 21:26 - 2017-04-07 21:26 - 00000000 ____D C:\Program Files\MSBuild
2017-04-07 21:26 - 2017-04-07 21:26 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-04-07 21:26 - 2017-04-07 21:26 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-04-07 21:26 - 2017-04-07 21:26 - 00000000 ____D C:\inetpub
2017-04-07 21:26 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-04-07 21:26 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-04-07 21:26 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-04-07 21:26 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-04-07 21:26 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-04-07 21:26 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-04-07 20:58 - 2017-04-07 20:58 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\14C23111.sys
2017-04-07 20:50 - 2017-04-07 20:50 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-04-07 20:49 - 2017-04-07 20:49 - 00000000 ____D C:\ProgramData\USOShared
2017-04-07 20:48 - 2017-04-07 20:48 - 00000020 ___SH C:\Users\mikelsoft\ntuser.ini
2017-04-07 20:46 - 2017-04-07 18:08 - 00400456 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-04-07 20:44 - 2017-04-07 20:44 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-04-07 20:44 - 2017-04-07 20:44 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-04-07 20:41 - 2017-04-29 19:53 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E3C78B3F-0DBF-4C4A-A9E7-EAA67B56389D}
2017-04-07 20:41 - 2017-04-29 11:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-07 20:41 - 2017-04-29 11:05 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-07 20:41 - 2017-04-29 11:05 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-07 20:41 - 2017-04-20 18:51 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-04-07 20:41 - 2017-04-07 20:50 - 00003280 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-07 20:41 - 2017-04-07 20:46 - 00004026 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1458758872
2017-04-07 20:41 - 2017-04-07 20:46 - 00003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-04-07 20:41 - 2017-04-07 20:41 - 00002590 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2017-04-07 20:41 - 2017-04-07 20:41 - 00002538 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
2017-04-07 20:41 - 2017-04-07 20:41 - 00002236 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-04-07 20:41 - 2017-04-07 20:41 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-04-07 20:41 - 2017-04-07 20:41 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-04-07 20:37 - 2017-04-07 20:37 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-04-07 20:35 - 2017-04-07 20:35 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-04-07 20:34 - 2017-04-07 20:38 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-04-07 20:34 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-04-07 20:33 - 2017-04-29 11:27 - 02544174 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-07 20:33 - 2017-04-12 20:01 - 00000000 ____D C:\Users\mikelsoft
2017-04-07 20:33 - 2017-04-09 18:42 - 00000000 ____D C:\Users\DefaultAppPool
2017-04-07 20:33 - 2017-04-07 20:33 - 02011386 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\mikelsoft\Vorlagen
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\mikelsoft\Startmenü
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\mikelsoft\Netzwerkumgebung
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\mikelsoft\Lokale Einstellungen
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\mikelsoft\Eigene Dateien
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\mikelsoft\Druckumgebung
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\mikelsoft\Documents\Eigene Videos
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\mikelsoft\Documents\Eigene Musik
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\mikelsoft\Documents\Eigene Bilder
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\mikelsoft\AppData\Local\Verlauf
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\mikelsoft\AppData\Local\Anwendungsdaten
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\mikelsoft\Anwendungsdaten
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2017-04-07 20:33 - 2017-04-07 20:33 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2017-04-07 20:32 - 2017-04-29 19:53 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-07 20:32 - 2017-04-29 11:24 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-04-07 20:32 - 2017-04-29 11:24 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-04-07 20:32 - 2017-04-29 11:24 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-04-07 20:32 - 2017-04-07 20:32 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-04-07 20:32 - 2017-04-07 20:32 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-04-07 20:32 - 2017-04-07 20:32 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-04-07 20:32 - 2017-04-07 20:32 - 00000000 ____D C:\Program Files\Realtek
2017-04-07 20:31 - 2017-04-29 11:44 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-07 20:31 - 2017-04-29 11:22 - 00383848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-07 19:20 - 2017-04-07 20:48 - 00000000 ___DC C:\WINDOWS\Panther
2017-04-07 19:18 - 2017-04-07 19:18 - 00001827 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2017-04-07 19:18 - 2017-04-07 19:18 - 00001577 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark Legacy.lnk
2017-04-07 19:17 - 2017-04-07 19:19 - 00000036 _____ C:\WINDOWS\progress.ini
2017-04-07 19:11 - 2017-04-09 18:45 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\xarp-mikelsoft
2017-04-07 19:11 - 2017-04-07 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XArp
2017-04-07 19:11 - 2017-04-07 19:11 - 00000000 ____D C:\Program Files (x86)\XArp
2017-04-07 18:59 - 2017-04-07 19:03 - 00075888 _____ C:\Users\mikelsoft\Desktop\Additionold.txt
2017-04-07 18:58 - 2017-04-29 11:15 - 00000000 ____D C:\FRST
2017-04-07 18:58 - 2017-04-29 11:14 - 02427392 _____ (Farbar) C:\Users\mikelsoft\Desktop\FRST64.exe
2017-04-07 18:56 - 2017-04-07 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2017-04-07 18:56 - 2017-04-07 19:01 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\WinPatrol
2017-04-07 18:56 - 2017-04-07 18:56 - 00000000 ____D C:\ProgramData\InstallMate
2017-04-07 18:56 - 2017-04-07 18:56 - 00000000 ____D C:\Program Files (x86)\Ruiware
2017-04-07 18:56 - 2017-04-07 18:34 - 02001544 _____ C:\Users\mikelsoft\Desktop\pc-decrapifier-3.0.1.exe
2017-04-07 18:55 - 2017-04-07 18:33 - 01663904 _____ (Malwarebytes) C:\Users\mikelsoft\Desktop\JRT.exe
2017-04-07 18:51 - 2017-04-29 11:22 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-04-07 18:51 - 2017-04-29 11:22 - 00092096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-04-07 18:51 - 2017-04-29 11:22 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-04-07 18:51 - 2017-04-07 18:51 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-04-07 18:50 - 2017-04-18 16:59 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-04-07 18:50 - 2017-04-07 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-04-07 18:50 - 2017-04-07 18:50 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-04-07 18:50 - 2017-04-07 18:50 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-07 18:38 - 2017-04-07 18:56 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-04-07 18:37 - 2017-04-07 18:56 - 00000000 ____D C:\Users\mikelsoft\Desktop\mbar
2017-04-07 18:37 - 2017-04-07 18:37 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-04-07 17:52 - 2017-04-07 20:48 - 00000000 ___HD C:\$GetCurrent
2017-04-07 17:52 - 2017-04-07 20:48 - 00000000 ____D C:\Windows10Upgrade
2017-04-07 17:52 - 2017-04-07 17:52 - 00000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Upgrade-Assistent.lnk
2017-04-07 17:52 - 2017-04-07 17:52 - 00000719 _____ C:\Users\mikelsoft\Desktop\Windows 10-Upgrade-Assistent.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-29 19:53 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-29 19:53 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-29 11:27 - 2017-03-20 06:41 - 01131744 _____ C:\WINDOWS\system32\perfh007.dat
2017-04-29 11:27 - 2017-03-20 06:41 - 00267564 _____ C:\WINDOWS\system32\perfc007.dat
2017-04-29 11:25 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-04-29 11:22 - 2017-03-18 13:40 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-04-29 11:22 - 2016-10-29 19:23 - 00000000 ____D C:\ProgramData\Foxit Software
2017-04-29 11:22 - 2015-10-06 14:12 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-29 11:13 - 2015-10-05 22:58 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-29 11:13 - 2015-10-05 22:58 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-29 11:05 - 2016-12-20 17:57 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2017-04-29 11:05 - 2016-01-07 01:39 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\CrashDumps
2017-04-29 11:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-04-20 18:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-04-20 18:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-04-18 17:03 - 2015-10-06 11:45 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\NVIDIA Corporation
2017-04-18 16:54 - 2015-11-18 02:12 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\NVIDIA
2017-04-18 16:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-04-18 16:52 - 2016-03-14 17:41 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-04-18 16:35 - 2015-10-06 13:33 - 00000000 ____D C:\Program Files\Microsoft Office
2017-04-18 16:24 - 2016-11-26 23:01 - 00000000 ____D C:\Users\mikelsoft\AppData\LocalLow\Mozilla
2017-04-12 18:09 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-12 17:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-04-12 16:53 - 2016-05-24 15:15 - 00014336 ___SH C:\Users\mikelsoft\Desktop\Thumbs.db
2017-04-12 16:09 - 2016-03-22 14:41 - 00000000 _____ C:\WINDOWS\SysWOW64\last.dump
2017-04-11 20:42 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-11 20:23 - 2015-10-06 15:44 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-11 20:19 - 2015-10-06 15:44 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-11 19:56 - 2015-10-07 13:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-04-11 19:56 - 2015-10-07 13:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-04-11 19:51 - 2015-10-05 22:59 - 00000600 _____ C:\Users\mikelsoft\AppData\Roaming\winscp.rnd
2017-04-11 19:39 - 2016-02-24 15:44 - 00000000 ____D C:\Users\mikelsoft\.zenmap
2017-04-11 19:27 - 2015-10-07 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-04-11 19:10 - 2015-10-10 11:22 - 00000000 ___RD C:\Users\mikelsoft\Google Drive
2017-04-11 19:10 - 2015-10-06 17:18 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Skype
2017-04-11 19:08 - 2015-10-05 17:08 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\TeamViewer
2017-04-09 18:45 - 2015-10-06 11:37 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\Packages
2017-04-09 18:44 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-04-07 21:31 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-04-07 21:29 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-04-07 21:28 - 2017-03-20 06:42 - 00000000 ____D C:\WINDOWS\OCR
2017-04-07 21:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-04-07 21:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-04-07 21:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-04-07 21:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-04-07 21:26 - 2017-03-18 22:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-04-07 21:26 - 2017-03-18 22:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-04-07 21:26 - 2017-03-18 22:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-04-07 21:26 - 2017-03-18 22:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-04-07 21:26 - 2017-03-18 22:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-04-07 21:26 - 2017-03-18 22:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-04-07 21:26 - 2017-03-18 22:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-04-07 21:26 - 2017-03-18 22:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-04-07 21:26 - 2017-03-18 22:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-04-07 21:26 - 2017-03-18 22:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-04-07 21:26 - 2017-03-18 22:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-04-07 21:26 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-04-07 21:26 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-04-07 21:26 - 2017-03-18 22:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-04-07 20:59 - 2015-10-06 12:01 - 00000000 ____D C:\AdwCleaner
2017-04-07 20:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-04-07 20:50 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-04-07 20:50 - 2015-10-06 11:39 - 00002435 _____ C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-07 20:50 - 2015-10-06 11:39 - 00000000 ___RD C:\Users\mikelsoft\OneDrive
2017-04-07 20:49 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-04-07 20:49 - 2016-09-24 11:09 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\ConnectedDevicesPlatform
2017-04-07 20:48 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-07 20:48 - 2015-10-06 11:37 - 00000588 __RSH C:\ProgramData\ntuser.pol
2017-04-07 20:48 - 2015-09-10 07:44 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-07 20:46 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-04-07 20:46 - 2017-01-16 17:26 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-04-07 20:46 - 2017-01-16 17:26 - 00001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-04-07 20:46 - 2016-03-23 20:47 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-04-07 20:45 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-04-07 20:44 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-07 20:44 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-04-07 20:43 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-04-07 20:41 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-04-07 20:41 - 2015-10-06 11:36 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-04-07 20:38 - 2017-03-07 00:23 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2017-04-07 20:38 - 2017-02-28 16:40 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2017-04-07 20:38 - 2017-02-10 00:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot
2017-04-07 20:38 - 2017-02-06 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
2017-04-07 20:38 - 2017-02-06 17:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Npcap
2017-04-07 20:38 - 2017-02-06 17:47 - 00000000 ____D C:\WINDOWS\system32\Npcap
2017-04-07 20:38 - 2017-01-29 17:50 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Realterm
2017-04-07 20:38 - 2017-01-27 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVR Burn-O-Mat
2017-04-07 20:38 - 2017-01-26 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVRDUDESS
2017-04-07 20:38 - 2017-01-19 14:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cura 15.04.6
2017-04-07 20:38 - 2016-12-18 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simplify3D Software
2017-04-07 20:38 - 2016-12-04 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repetier-Host GEEEtech
2017-04-07 20:38 - 2016-12-04 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repetier-Server
2017-04-07 20:38 - 2016-12-04 21:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repetier-Host
2017-04-07 20:38 - 2016-12-04 21:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCAD 0.16
2017-04-07 20:38 - 2016-12-04 21:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cura 2.3
2017-04-07 20:38 - 2016-10-30 17:03 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2017-04-07 20:38 - 2016-10-29 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2017-04-07 20:38 - 2016-10-18 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
2017-04-07 20:38 - 2016-09-27 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2017-04-07 20:38 - 2016-09-08 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MQTT.fx
2017-04-07 20:38 - 2016-07-26 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDIPCamera
2017-04-07 20:38 - 2016-07-10 14:18 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2017-04-07 20:38 - 2016-05-05 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2017-04-07 20:38 - 2016-03-29 16:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2017-04-07 20:38 - 2016-03-23 20:50 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HM-1X_Aid_v01
2017-04-07 20:38 - 2016-03-22 14:38 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tftpd32
2017-04-07 20:38 - 2016-02-29 01:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeraCrypt
2017-04-07 20:38 - 2016-02-26 12:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSpy
2017-04-07 20:38 - 2016-02-24 15:44 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nmap
2017-04-07 20:38 - 2016-02-06 16:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio
2017-04-07 20:38 - 2016-02-06 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2017-04-07 20:38 - 2016-02-06 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minimal ADB and Fastboot
2017-04-07 20:38 - 2016-01-23 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\webcamXP 5
2017-04-07 20:38 - 2016-01-23 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2017-04-07 20:38 - 2015-12-17 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-04-07 20:38 - 2015-12-16 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mailbird
2017-04-07 20:38 - 2015-12-16 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clone.AD
2017-04-07 20:38 - 2015-12-16 00:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2017-04-07 20:38 - 2015-11-24 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy
2017-04-07 20:38 - 2015-11-13 21:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2017-04-07 20:38 - 2015-11-08 14:42 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-04-07 20:38 - 2015-11-07 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenshotCaptor
2017-04-07 20:38 - 2015-10-28 13:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2017-04-07 20:38 - 2015-10-19 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\moDiag
2017-04-07 20:38 - 2015-10-10 11:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-04-07 20:38 - 2015-10-07 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVBViewer
2017-04-07 20:38 - 2015-10-07 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
2017-04-07 20:38 - 2015-10-07 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2017-04-07 20:38 - 2015-10-07 13:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY
2017-04-07 20:38 - 2015-10-07 13:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-04-07 20:38 - 2015-10-06 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BioShock Infinite
2017-04-07 20:38 - 2015-10-06 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-04-07 20:38 - 2015-10-06 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2017-04-07 20:38 - 2015-10-06 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Age Inquisition
2017-04-07 20:38 - 2015-10-06 12:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher® 3 - Wild Hunt [GOG.com]
2017-04-07 20:38 - 2015-10-06 12:07 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2017-04-07 20:38 - 2015-10-06 11:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-04-07 20:38 - 2015-10-05 23:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2017-04-07 20:38 - 2015-10-05 23:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2017-04-07 20:38 - 2015-10-05 22:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2017-04-07 20:38 - 2015-10-05 22:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-04-07 20:38 - 2015-10-05 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-04-07 20:38 - 2015-10-05 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2017-04-07 20:35 - 2017-03-20 06:41 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-04-07 20:35 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-04-07 20:35 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-04-07 20:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-04-07 20:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-04-07 20:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-04-07 20:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\IME
2017-04-07 20:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\System
2017-04-07 20:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\schemas
2017-04-07 20:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-04-07 20:35 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-07 20:35 - 2017-03-16 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-04-07 20:35 - 2016-11-04 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2017-04-07 20:35 - 2016-04-14 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texas Instruments
2017-04-07 20:35 - 2016-03-14 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0
2017-04-07 20:35 - 2015-10-28 14:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2017-04-07 20:35 - 2015-10-09 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT
2017-04-07 20:35 - 2015-10-07 13:06 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2017-04-07 20:35 - 2015-10-05 22:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2017-04-07 20:34 - 2016-04-17 16:41 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texas Instruments
2017-04-07 20:34 - 2009-07-14 05:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-04-07 20:32 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-04-07 19:18 - 2015-10-28 13:42 - 00000000 ____D C:\Program Files\Wireshark
2017-04-07 19:17 - 2015-10-05 23:11 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-07 18:57 - 2015-10-05 22:34 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\AIMP
2017-04-07 18:50 - 2015-10-06 14:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-07 18:49 - 2015-10-05 22:34 - 00000000 ____D C:\Program Files (x86)\AIMP
2017-04-07 18:44 - 2015-10-05 22:58 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-04-07 18:43 - 2015-12-16 13:59 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\Mailbird
2017-04-07 18:29 - 2017-03-16 12:19 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-04-07 18:29 - 2015-10-06 17:18 - 00000000 ____D C:\ProgramData\Skype
2017-04-07 18:08 - 2017-03-09 18:30 - 00334088 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-04-07 18:08 - 2017-03-09 18:30 - 00307736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-04-07 18:08 - 2017-03-09 18:30 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-04-07 18:08 - 2017-03-09 18:30 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-04-07 18:08 - 2016-03-23 20:47 - 00032600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-04-07 18:08 - 2015-10-25 15:41 - 01006136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-04-07 18:08 - 2015-10-25 15:41 - 00561392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-04-07 18:08 - 2015-10-25 15:41 - 00339696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-04-07 18:08 - 2015-10-25 15:41 - 00164064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-04-07 18:08 - 2015-10-25 15:41 - 00127624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-04-07 18:08 - 2015-10-25 15:41 - 00101152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-04-07 18:08 - 2015-10-25 15:41 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-04-07 18:08 - 2015-10-25 15:41 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-04-07 17:55 - 2016-11-30 00:30 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-04-07 17:55 - 2016-11-30 00:30 - 00001028 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-04-07 17:55 - 2015-10-06 17:22 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-04-04 20:18 - 2017-01-29 15:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-04 20:18 - 2015-10-05 22:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-03 18:56 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-03 18:56 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-31 15:05 - 2017-03-07 00:25 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Autodesk
2017-03-31 15:04 - 2017-03-07 00:23 - 00000000 ____D C:\Users\mikelsoft\Documents\meshmixer
2017-03-31 10:47 - 2015-10-10 11:12 - 00002115 _____ C:\Users\Public\Desktop\Google Slides.lnk
2017-03-31 10:47 - 2015-10-10 11:12 - 00002113 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2017-03-31 10:47 - 2015-10-10 11:12 - 00002103 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-03-30 12:33 - 2015-10-05 17:05 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\Arduino15

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-10-05 22:59 - 2017-04-11 19:51 - 0000600 _____ () C:\Users\mikelsoft\AppData\Roaming\winscp.rnd
2016-02-06 14:55 - 2016-02-06 14:55 - 0001456 _____ () C:\Users\mikelsoft\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2016-09-08 20:32 - 2016-09-08 20:32 - 0000058 _____ () C:\Users\mikelsoft\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2015-10-07 16:21 - 2017-03-17 13:37 - 0000600 _____ () C:\Users\mikelsoft\AppData\Local\PUTTY.RND
2017-03-03 18:28 - 2017-03-03 18:42 - 0000143 _____ () C:\Users\mikelsoft\AppData\Local\zenmap.exe.log
2017-04-07 20:32 - 2017-04-07 20:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-12-23 17:45 - 2017-01-11 00:51 - 0015016 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-23 17:45 - 2016-12-23 20:59 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Einige Dateien in TEMP:
====================
2017-04-07 18:33 - 2017-02-23 10:17 - 0868152 _____ (NVIDIA Corporation) C:\Users\mikelsoft\AppData\Local\Temp\nvSCPAPI64.dll
2017-04-12 19:17 - 2017-02-23 10:17 - 0354176 _____ (NVIDIA Corporation) C:\Users\mikelsoft\AppData\Local\Temp\nvStInst.exe
2017-04-09 19:15 - 2017-04-09 19:15 - 1452200 _____ (Sysinternals - www.sysinternals.com) C:\Users\mikelsoft\AppData\Local\Temp\procexp64.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-04-18 17:18

==================== Ende von FRST.txt ============================
         

Alt 29.04.2017, 21:22   #8
inesa394
 
Mirai botnet Brief vom Telekom Sicherheitswarnung - Standard

Mirai botnet Brief vom Telekom Sicherheitswarnung



Rechner 1 Addition

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27-04-2017
durchgeführt von mikelsoft (29-04-2017 19:53:54)
Gestartet von C:\Users\mikelsoft\Desktop
Windows 10 Pro Version 1703 (X64) (2017-04-07 18:48:09)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2426455433-2531843764-2980284681-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2426455433-2531843764-2980284681-503 - Limited - Disabled)
Gast (S-1-5-21-2426455433-2531843764-2980284681-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2426455433-2531843764-2980284681-1002 - Limited - Enabled)
mikelsoft (S-1-5-21-2426455433-2531843764-2980284681-1000 - Administrator - Enabled) => C:\Users\mikelsoft

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Out of date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
Acronis True Image (HKLM-x32\...\{43B5FB0A-9900-43B0-BD46-9E7F89C88A98}Visible) (Version: 19.0.6571 - Acronis)
Acronis True Image (x32 Version: 19.0.6571 - Acronis) Hidden
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\{B0B387B2-B1E4-43F2-961D-08ABFD759E1A}) (Version: 12.1.9.160 - Adobe Systems, Inc)
AIMP (HKLM-x32\...\AIMP) (Version: v4.13.1893, 06.04.2017 - AIMP DevTeam)
AlienFX for IskuFX (HKLM-x32\...\InstallShield_{2C3FC2CC-0A8B-409E-B487-8CD54F4DC1D4}) (Version: 1.02 - Roccat GmbH)
AlienFX for IskuFX (Version: 1.02 - Roccat GmbH) Hidden
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.4.0 - Sereby Corporation)
Amazon.com Kindle Fire (HKLM\...\Kindle Fire Drivers) (Version:  - )
AMD Catalyst Install Manager (HKLM\...\{AEC70A45-D98B-C34A-F1DC-CA46F2D46F5E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
ANNO 2205 Gold Edition MULTi2 1.0 (HKLM-x32\...\ANNO 2205 Gold Edition MULTi2 1.0) (Version:  - )
Ansel (Version: 381.65 - NVIDIA Corporation) Hidden
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.11 - Arduino LLC)
Assassin's Creed Syndicate Gold Edition Incl. Update 4 MULTi2 1.4 (HKLM-x32\...\Assassin's Creed Syndicate Gold Edition Incl. Update 4 MULTi2 1.4) (Version:  - )
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.4.2292 - AVAST Software)
AVR Burn-O-Mat 2.1.2 (HKLM-x32\...\{B9F41D01-DB28-4595-B93C-2732A54CBEA2}_is1) (Version:  - Torsten Brischalle)
AVRDUDESS 2.4 (HKLM-x32\...\{B6EAF03F-3DB3-4170-A4B0-B7007AAD6D0C}_is1) (Version: 2.4 - Zak Kemble)
BioShock Infinite (HKLM-x32\...\BioShock Infinite_is1) (Version:  - )
calibre (HKLM-x32\...\{DCB4A686-C75A-4F07-A5AE-00A4A618CE81}) (Version: 2.52.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
Civilization VI Digital Deluxe Edition MULTi2 1.0 (HKLM-x32\...\Civilization VI Digital Deluxe Edition MULTi2 1.0) (Version:  - )
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Cura 15.04.6 (HKLM-x32\...\Cura_15.04.6) (Version:  - )
Cura 2.3 (HKLM-x32\...\Cura 2.3) (Version: 2.3.1 - Ultimaker)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
DVBViewer Pro (HKLM-x32\...\DVBViewer Pro_is1) (Version: 5.6.4 - CM&V)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.118 - Etron Technology) Hidden
Fallout 4 (HKLM\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Far Cry 4 Complete Edition MULTi2 1.10.0 (HKLM-x32\...\Far Cry 4 Complete Edition MULTi2 1.10.0) (Version:  - )
FileZilla Client 3.12.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.12.0.2 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.0.6.909 - Foxit Software Inc.)
FreeCAD 0.16 - A free open source CAD system (HKLM\...\FreeCAD 0.16) (Version: 0.16.6700 - Juergen Riegel)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.81 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Greenshot 1.2.9.129 (HKLM\...\Greenshot_is1) (Version: 1.2.9.129 - Greenshot)
HDIPCamera V1.0.1.2 (HKLM-x32\...\HDIPCamera_is1) (Version:  - HDIPCamera)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HM-1X_Aid_v01 (HKU\S-1-5-21-2426455433-2531843764-2980284681-1000\...\eb209edbb3db51c1) (Version: 1.0.0.13 - HM-1X_Aid_v01)
iSpy (64 bit) (HKLM\...\{4C5C6F38-E560-4A88-8F68-735D7A258F28}) (Version: 6.5.1.0 - DeveloperInABox)
iSpy package installer (64 bit) (HKLM-x32\...\{122ec9b4-1264-45d8-b64c-b73493549025}) (Version: 6.5.1.0 - DeveloperInABox)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
Kodi (HKU\S-1-5-21-2426455433-2531843764-2980284681-1000\...\Kodi) (Version:  - XBMC-Foundation)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Live! Cam Sync HD VF0770 Driver (1.00.07.00) (HKLM\...\Creative VF0770) (Version:  - Creative Technology Ltd.)
Mailbird (HKLM-x32\...\{AE431B8C-3B05-48D8-8F50-CAA7BFAB2A17}) (Version: 2.1.12 - Mailbird)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MediaInfo 0.7.78 (HKLM\...\MediaInfo) (Version: 0.7.78 - MediaArea.net)
Meshmixer (HKLM\...\Meshmixer_x64) (Version: 11.0.544 - Autodesk, Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProplusRetail - de-de) (Version: 16.0.7870.2038 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.7870.2038 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2426455433-2531843764-2980284681-1000\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Project Professional 2016 - de-de (HKLM\...\ProjectProRetail - de-de) (Version: 16.0.7870.2038 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.7870.2038 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visio Professional 2016 - de-de (HKLM\...\VisioProRetail - de-de) (Version: 16.0.7870.2038 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.7870.2038 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version:  - Microsoft Corporation)
Minimal ADB and Fastboot version 1.3.1 (HKLM-x32\...\{26AC9666-A2C6-4D33-8370-A50F50F277C4}_is1) (Version: 1.3.1 - Sam Rodberg)
MKVToolNix 9.8.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 9.8.0 - Moritz Bunkus)
moDiag 2.8.602 (HKLM-x32\...\moDiag_is1) (Version: 2.8.602 - Matthias Tieben)
Mozilla Firefox 52.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 de)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2.6291 - Mozilla)
MPC-HC 1.7.11 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.11 - MPC-HC Team)
MQTT.fx 1.1.0 (HKLM\...\8748-4522-6208-1131) (Version: 1.1.0 - Jens Deters)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.23 - Black Tree Gaming)
Nmap 7.40 (HKLM-x32\...\Nmap) (Version: 7.40 - )
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
Npcap 0.78 r5 (HKLM-x32\...\NpcapInst) (Version: 0.78 r5 - Nmap Project)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 381.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.5.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.5.0.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 381.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.5.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{D9559CE2-9C58-F414-43EA-F908FEA13BB8}) (Version: 1.00.0000 - Ihr Firmenname)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7967.2035 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7967.2035 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 5.0.14 (HKLM\...\{82022940-639B-48A3-86D9-B139864105F7}) (Version: 5.0.14 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Potplayer (HKLM-x32\...\PotPlayer) (Version:  - Kakao Corp.)
Potplayer-64 Bits (HKLM\...\PotPlayer64) (Version:  - Kakao Corp.)
PuTTY release 0.65 (HKLM-x32\...\PuTTY_is1) (Version: 0.65 - Simon Tatham)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7487 - Realtek Semiconductor Corp.)
Realterm 2.0.0.70_SignedWrapper (HKLM-x32\...\Realterm) (Version: 2.0.0.70_SignedWrapper - Broadcast Equipment)
rebox.NET 2.9.9.3 (HKLM-x32\...\{02846029-D5BA-4504-96B2-2BD844FE3AAF}_is1) (Version: 2.9.9.3 - clone.AD)
Repetier-Host GEEEtech Version 0.90D (HKLM-x32\...\{97593A53-AD51-459B-AA1A-F9ADC826A177}_is1) (Version: 0.90D - )
Repetier-Host Version 1.6.2 (HKLM\...\{1143F758-929B-4EEB-8784-46CCB622F037}_is1) (Version: 1.6.2 - repetier)
Repetier-Server (HKLM-x32\...\Repetier-Server) (Version: 0.80.2 - Hot-World GmbH & Co. KG)
ROCCAT Isku FX Keyboard Driver (HKLM-x32\...\{DC69933C-E7B0-455D-8E54-FAC1EEF046FF}) (Version:  - Roccat GmbH)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0013 - Roccat GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.5 - Rockstar Games)
SafeZone Stable 3.55.2393.596 (x32 Version: 3.55.2393.596 - Avast Software) Hidden
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.81.00(25.05.2015) - Samsung Electronics Co., Ltd.)
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.06.00 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
Screenshot Captor 4.16.1 (HKLM-x32\...\ScreenshotCaptor_is1) (Version:  - )
Shark007 ADVANCED Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 7.2.0 - Shark007)
Shark007 ADVANCED x64Components (HKLM\...\ADVANCED x64Components_is1) (Version: 7.2.0 - Shark007)
SHIELD Streaming (Version: 7.1.0360 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.5.0.70 - NVIDIA Corporation) Hidden
Simplify3D Software (HKLM\...\Simplify3D Software 3.0.0) (Version: 3.0.0 - Simplify3D)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{95DC2B0B-2FE2-4574-B90D-0C3F70A1D67A}) (Version: 7.16.0.22 - Skype Technologies S.A.)
Skype™ 7.34 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.34.103 - Skype Technologies S.A.)
Skyrim Script Extender (SKSE) (HKLM-x32\...\Steam App 365720) (Version:  - The SKSE Team)
SmartRF Flash Programmer (1.12.7)  (HKLM-x32\...\{2FDA5019-C2D2-43B9-975C-025DD428D9EB}) (Version: 1.12.7.0 - Texas Instruments)
SmartRF Flash Programmer 2 (HKLM-x32\...\Texas Instruments Flash Programmer 2) (Version: 1.7.2 - Texas Instruments)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 35.3.39010 - Sonos, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.75813 - TeamViewer)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
Tftpd32 Standalone Edition (remove only) (HKLM-x32\...\Tftpd32) (Version:  - )
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Blood and Wine (HKLM-x32\...\Blood and Wine_is1) (Version: 1.21.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.0.0.0 - GOG.com)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
USBPcap 1.1.0.0-g794bf26 (HKLM\...\USBPcap) (Version:  - )
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.17 - IDRIX)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.5 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
webcamXP 5 Free (HKLM-x32\...\wLite) (Version: 5.9.5.0 - Moonware Studios)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
WinAVR 20100110 (remove only) (HKLM-x32\...\WinAVR-20100110) (Version: 20100110 - )
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17384 - Microsoft Corporation)
Windows Driver Package - Arduino LLC (www.arduino.cc) Arduino USB Driver (01/04/2013 1.0.0.0) (HKLM\...\1E3EA5624DD04BEFECF3FFF6D3A21CCE9CD70A91) (Version: 01/04/2013 1.0.0.0 - Arduino LLC (www.arduino.cc))
Windows-Treiberpaket - Amazon.com (WinUSB) KindleFireUsbDeviceClass  (12/03/2012 1.3.1000.00000) (HKLM\...\1AE83188214F7A553BC5B719D4D7F6AACB767195) (Version: 12/03/2012 1.3.1000.00000 - Amazon.com)
Windows-Treiberpaket - Silicon Laboratories Inc. (silabser) Ports  (11/20/2015 6.7.2.200) (HKLM\...\F189C013BFD9D0C73BEC97AD2CFF0CF7CAD1E670) (Version: 11/20/2015 6.7.2.200 - Silicon Laboratories Inc.)
WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 34.11.2016.27 - Ruiware)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinSCP 5.9.4 (HKLM-x32\...\winscp3_is1) (Version: 5.9.4 - Martin Prikryl)
Wireshark 2.2.5 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.2.5 - The Wireshark developer community, hxxps://www.wireshark.org)
World of Tanks (HKU\S-1-5-21-2426455433-2531843764-2980284681-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
XArp 2.2.2 (HKLM-x32\...\XArp) (Version: 2.2.2 - Christoph Mayer)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2426455433-2531843764-2980284681-1000_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\mikelsoft\AppData\Local\SkypePlugin\7.16.0.22\EdgeCalling.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-2426455433-2531843764-2980284681-1000_Classes\CLSID\{DAE9308A-E672-4D4C-B8D9-996CDF4D30E9}\InprocServer32 -> C:\Users\mikelsoft\AppData\Local\SkypePlugin\7.16.0.22\GatewayActiveX-x64.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-2426455433-2531843764-2980284681-1000_Classes\CLSID\{FE953B23-7D14-4905-9A67-B77389FBA857}\localserver32 -> C:\Users\mikelsoft\AppData\Local\SkypePlugin\7.16.0.22\GatewayVersion-x64.exe (Skype Technologies S.A.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {015F2602-7150-44F3-B820-90B355558F02} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-03-28] (NVIDIA Corporation)
Task: {01EACFA5-C518-4320-9523-BB427BAC5E4A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {0C0F73EC-4A9B-4BE8-AA4C-2655C9893F82} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {12D505AD-B900-478F-84A6-7C9BA96B09B2} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {209DCC0C-404B-47CF-A91C-7A50045779E9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-04-07] (AVAST Software)
Task: {24ACD6C6-F36B-4576-B822-9CF0819FC2D1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {29AAD200-35BC-4B44-B69B-E66E02967398} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {2FC245B5-48B8-4A8E-B0C6-0FCFDBE42A3F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-05] (Google Inc.)
Task: {308D9D69-9E50-4C2B-9FD1-F42E92485F28} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe 
Task: {33C22225-27F6-4C01-9E28-21A581354D0D} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {384C0BE6-BFFC-4DD6-AE12-6ACEE49C11C1} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {3DF347B6-E697-4E81-995C-A151E8B2A369} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-03-28] (NVIDIA Corporation)
Task: {4967D45F-7575-446A-97B0-F4F505D3826C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe 
Task: {4A97A12A-71EF-4EC3-9B50-733BC443DBE9} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {52884FEB-9414-48BB-926C-9BD585D4390E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-03-28] (NVIDIA Corporation)
Task: {6C5EA6A7-F8F3-43B5-89D7-9E44A3CA09A0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd)
Task: {6F21EF3C-0198-4882-9C72-15D14AEB8EFF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-06] (Microsoft Corporation)
Task: {713A0767-5A62-407B-84EC-1662C9BEB96A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-04-18] (Microsoft Corporation)
Task: {7CEFFABF-F79D-4CDA-8063-0A15FC3A508E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {7E5F74D8-647F-4F2E-AACA-CDDC2E31CD08} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe 
Task: {8098DD3F-B1E5-4DCB-A8D1-4B05CBD9BC1C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-03-28] (NVIDIA Corporation)
Task: {8AAA1F7E-2257-4CA1-849D-63C0EF0C4555} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {8ACBB2EF-C1EB-48A7-98A5-66183A5F5826} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-20] (Adobe Systems Incorporated)
Task: {9906A2F9-D39F-47DE-BFF2-87090A8F179A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-04-18] (Microsoft Corporation)
Task: {AA46B525-D42F-4F21-B6FA-C7A9E238F5A5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {ADD445B8-0BB8-49D6-9E95-7FFB55D3C60E} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-03-28] (NVIDIA Corporation)
Task: {B3957B0E-92F0-4042-A123-10A34F112EEE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-05] (Google Inc.)
Task: {B45304CA-5C7C-407B-8D5E-DEAE74E7D403} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {B7C27B13-9639-48F6-AC8D-AB23EB378410} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {B83A1B53-256E-4657-A370-D6DC383D51F6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-03-28] (NVIDIA Corporation)
Task: {C191C181-598B-4A8C-A74F-17A25702D80C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {C47AD337-FF98-4603-A1AB-D0826C5E7E83} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-18] (AVAST Software)
Task: {C7BD16E1-DAB8-4CAE-8B40-D96F29DA209F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-06] (Microsoft Corporation)
Task: {C8BDD622-D32B-4980-B489-488CDFC04CA9} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe 
Task: {D986E512-8B40-42F2-AA79-2EA7398EF0B3} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {DAE98566-0B36-4680-8943-DFBA1DC80248} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-03-28] (NVIDIA Corporation)
Task: {DD987128-1781-4954-A1F6-A64BAA44933A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {DF7409A3-2CE7-4665-892D-A92FEFFE34BE} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {DFEB0ABD-1D74-4A66-84BA-2809693C12FB} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {E5A8DA4A-2274-4F7B-8B10-814C6A6BAC90} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {EAF3F617-0739-425B-8498-8206E9E0FC33} - System32\Tasks\SafeZone scheduled Autoupdate 1458758872 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software)
Task: {EDF96E8C-5192-49F7-9F05-AD3D7C9D657A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe 
Task: {FC80BB6E-FF58-4ECF-B9E7-0C3413ED8018} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Advanced REST client.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hgmloofddffdnphfgcellkdfbfbjeloo
ShortcutWithArgument: C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Codebender App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=magknjdfniglanojbpadmpjlglepnlko

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-06 12:06 - 2014-04-16 10:22 - 00029184 _____ () C:\WINDOWS\System32\usp02l.dll
2016-05-13 16:30 - 2017-03-17 15:49 - 00020208 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2015-07-15 21:39 - 2015-07-15 21:39 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2016-05-10 16:51 - 2016-05-10 16:51 - 01195840 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
2016-11-04 16:03 - 2016-11-04 16:03 - 04463592 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
2016-05-05 14:13 - 2016-02-16 11:04 - 00192304 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2017-04-07 18:50 - 2017-04-18 16:59 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-07 18:50 - 2017-04-18 16:59 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2015-10-06 12:07 - 2014-11-26 13:07 - 00118576 _____ () C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe
2016-11-27 17:53 - 2016-11-27 17:53 - 05940584 _____ () C:\Program Files (x86)\Repetier-Server\bin\RepetierServer.exe
2017-04-18 16:53 - 2017-03-28 05:32 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-04-16 13:56 - 2016-04-16 13:56 - 09698296 _____ () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
2017-04-18 16:52 - 2017-04-01 04:10 - 00135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-07-09 19:32 - 2015-07-09 19:32 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2015-11-24 19:23 - 2012-01-20 15:55 - 00678400 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2016-05-18 00:42 - 2016-05-18 00:42 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-11-24 19:23 - 2012-01-29 17:55 - 00657920 _____ () C:\Program Files\TeraCopy\TeraCopy64.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-10 16:35 - 2016-05-10 16:35 - 00037808 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2016-05-10 16:36 - 2016-05-10 16:36 - 00445872 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2016-05-10 16:31 - 2016-05-10 16:31 - 00115632 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\EXPAT.dll
2017-04-18 16:53 - 2017-03-28 05:32 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-04-07 18:08 - 2017-04-07 18:08 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-04-07 18:08 - 2017-04-07 18:08 - 00993168 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-04-07 18:08 - 2017-04-07 18:08 - 67717632 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-04-07 18:08 - 2017-04-07 18:08 - 00175968 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-04-07 18:08 - 2017-04-07 18:08 - 00225328 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-04-07 18:08 - 2017-04-07 18:08 - 00293424 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2013-03-12 18:10 - 2017-03-10 02:13 - 00674592 _____ () H:\Steam\SDL2.dll
2015-01-20 12:32 - 2016-09-01 03:02 - 04969248 _____ () H:\Steam\v8.dll
2014-05-22 11:18 - 2017-04-26 01:55 - 02465056 _____ () H:\Steam\video.dll
2015-01-20 12:32 - 2016-09-01 03:02 - 01563936 _____ () H:\Steam\icui18n.dll
2015-01-20 12:32 - 2016-09-01 03:02 - 01195296 _____ () H:\Steam\icuuc.dll
2014-08-29 14:45 - 2016-01-27 09:49 - 02549760 _____ () H:\Steam\libavcodec-56.dll
2014-08-29 14:45 - 2016-01-27 09:49 - 00491008 _____ () H:\Steam\libavformat-56.dll
2014-08-29 14:45 - 2016-01-27 09:49 - 00332800 _____ () H:\Steam\libavresample-2.dll
2014-08-29 14:45 - 2016-01-27 09:49 - 00442880 _____ () H:\Steam\libavutil-54.dll
2014-08-29 14:45 - 2016-01-27 09:49 - 00485888 _____ () H:\Steam\libswscale-3.dll
2011-11-12 16:04 - 2017-04-26 01:55 - 00848672 _____ () H:\Steam\bin\chromehtml.DLL
2016-03-10 04:13 - 2016-07-05 00:17 - 00266560 _____ () H:\Steam\openvr_api.dll
2017-04-18 16:53 - 2017-03-28 05:32 - 65708992 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-04-29 11:13 - 2017-04-19 06:04 - 02864984 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\libglesv2.dll
2017-04-29 11:13 - 2017-04-19 06:04 - 00087384 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\libegl.dll
2017-04-18 16:53 - 2017-03-21 06:27 - 02442176 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2017-04-18 16:53 - 2017-03-21 06:27 - 00363576 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2017-04-18 16:53 - 2017-03-21 06:27 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2017-04-18 16:53 - 2017-03-21 06:27 - 00385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2017-04-18 16:53 - 2017-03-21 06:27 - 00469048 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2017-04-18 16:53 - 2017-03-21 06:27 - 00571840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2015-10-05 22:49 - 2012-07-08 16:31 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\hiddriver.dll
2016-12-13 19:31 - 2017-01-30 23:41 - 68875552 _____ () H:\Steam\bin\cef\cef.win7\libcef.dll
2016-05-10 17:25 - 2016-05-10 17:25 - 00759896 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy.dll
2016-05-10 17:21 - 2016-05-10 17:21 - 20582752 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:C68DE4A3 [215]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-11-12 15:31 - 00001026 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2426455433-2531843764-2980284681-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{05EB6A26-C596-4FE1-85F9-DDFF4FDC7D75}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{575FE5C2-25E4-4EBC-A544-12CC7C34F1D4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F335BB6A-36EA-4C36-913B-A564FB4D70AC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DF7E5A6A-4D89-451D-9838-A2EF7A5502B0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E5695BA9-D7A4-44A0-9BE7-05A8983F8AAF}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe
FirewallRules: [{C7B16E46-E110-47D2-B26B-D55785370D31}] => (Allow) LPort=1688
FirewallRules: [{285DF09D-6ABA-4F29-8F84-547492F9F6F9}] => (Allow) C:\Program Files (x86)\DVBViewer\DVBViewer.exe
FirewallRules: [UDP Query User{E34ED9AD-497A-4E57-A416-92A3FF8377BF}C:\program files\cura 2.3\cura.exe] => (Allow) C:\program files\cura 2.3\cura.exe
FirewallRules: [TCP Query User{C58BF7AD-A4C9-4084-8DDE-5325AEF30872}C:\program files\cura 2.3\cura.exe] => (Allow) C:\program files\cura 2.3\cura.exe
FirewallRules: [UDP Query User{34B71CFD-038F-44A5-88B8-D27E8582A906}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{06739CFE-0FB3-44BF-ACA6-5AD874307497}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [{4B940BB7-DC25-4607-B831-B3DB660C83B8}] => (Allow) H:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{74646DC5-A16D-43D4-A55F-A4CD6BCD4F9D}] => (Allow) H:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F890B938-A328-4B90-9087-9E93C910B11D}] => (Allow) C:\Program Files (x86)\Repetier-Server\bin\RepetierServer.exe
FirewallRules: [{D4C4362B-44EC-4C0D-9B4C-100EEAC0AFDE}] => (Allow) C:\Program Files (x86)\Repetier-Server\bin\RepetierServer.exe
FirewallRules: [{19B19697-29D0-4959-A1F8-D3A2B2243C3F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A4064ED5-685A-4BEA-BCFE-34972E24F742}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{62F01655-24D4-40DE-B1B9-90F8DD9696EF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0A55D341-CE44-46A5-B698-1DE482BE84B3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A39F7FD2-C9A4-4EE5-806F-F713EAAF71E8}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
FirewallRules: [{4C1B2E92-ED3F-4E4D-9296-324947578E4A}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [UDP Query User{179DD3AC-1A9C-4EE3-9E9F-5EC013019181}F:\programme\far cry 4\bin\farcry4.exe] => (Allow) F:\programme\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{FA388D6B-C675-43F8-90C9-A287D71AD517}F:\programme\far cry 4\bin\farcry4.exe] => (Allow) F:\programme\far cry 4\bin\farcry4.exe
FirewallRules: [{3AD08EE2-AC52-4AD0-A414-AA745C9C9955}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{90A31AD4-3900-44CC-AC80-0748B9A31D91}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{02ECFD28-CC96-47DA-A74C-DB0DCABA18C3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{246F0A04-6553-485C-91FE-D2F60A0A45A8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{1AB48EA0-309E-403D-9E3B-01E085037485}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{A12E98EA-53D3-49AA-8C06-6C35C70E0CB9}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{1010E349-42A8-4B27-8E45-696BD5A4822B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{2612FF95-3C34-4FF3-80AB-3B0DCF8F4DC8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{9B9FACA9-2999-4A61-B8DF-334CDBC9C997}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{70530F99-F3A4-46D9-9E5F-BBEF0FC233D8}] => (Allow) C:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{5E2BF67E-21AF-4EDA-BC90-0405B3F5596F}] => (Allow) C:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{769490B6-D3A0-4B7B-B893-3B48BFC2F177}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E5EA86DE-D2CB-4139-BE6B-59D9858808ED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DF3DA69A-2070-47C9-94FC-60F387215877}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{F3A50482-FD48-4861-87B4-640C193CDF36}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{80223F42-919F-4E21-852E-9BFBD7558449}] => (Allow) C:\Program Files (x86)\DVBViewer\dvbviewer.exe
FirewallRules: [{70E62D76-7243-4874-90C9-C9A6973D8997}] => (Allow) C:\Program Files (x86)\DVBViewer\dvbviewer.exe
FirewallRules: [UDP Query User{64CAEF65-DCF1-4174-8455-5AE6C5CBF296}C:\program files (x86)\sonos\sonos.exe] => (Allow) C:\program files (x86)\sonos\sonos.exe
FirewallRules: [TCP Query User{03B129F5-0A06-48AD-A64A-470A5C1426FF}C:\program files (x86)\sonos\sonos.exe] => (Allow) C:\program files (x86)\sonos\sonos.exe
FirewallRules: [{BBF69616-F40D-4E9C-929F-49580C61DE4C}] => (Allow) H:\Games\World_of_Tanks\WorldofTanks.exe
FirewallRules: [{E82F3CAC-7FBF-4942-97D6-E4DC4F52F2DC}] => (Allow) H:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{7B413DEC-34A0-4620-8D90-305250DA8946}] => (Block) H:\Programme\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{F9C4FE55-7AE0-4F43-8A45-72C4DC1F5E57}] => (Allow) H:\Steam\SteamApps\common\skyrim\skse_steam_boot.exe
FirewallRules: [{4B39B2CE-557B-41D3-9C67-EC8F1572FF3B}] => (Allow) H:\Steam\SteamApps\common\skyrim\skse_steam_boot.exe
FirewallRules: [{B4A9668D-B483-4C5F-8E9E-6C31042142C1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{854E7F1A-63A7-495A-A861-7519836C068B}] => (Allow) H:\Steam\bin\steamwebhelper.exe
FirewallRules: [{82193AAD-21FD-43AC-B320-0488C7D72D10}] => (Allow) H:\Steam\bin\steamwebhelper.exe
FirewallRules: [{C6DD7BD8-5533-4A24-BCAA-363BF3376987}] => (Allow) H:\Steam\Steam.exe
FirewallRules: [{6AF83680-2CA8-4BA9-B44E-9335AE8CAD34}] => (Allow) H:\Steam\Steam.exe
FirewallRules: [{755EED44-2834-4738-8EFA-837774271A22}] => (Block) H:\Programme\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [UDP Query User{8ABF5945-CE77-4D0E-B52D-900E2E5D87FB}F:\programme\grand theft auto v\gta5.exe] => (Allow) F:\programme\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{61D83F1F-A676-4C34-9DF3-5A44A27F7FC7}F:\programme\grand theft auto v\gta5.exe] => (Allow) F:\programme\grand theft auto v\gta5.exe
FirewallRules: [{F619A1E7-576F-497B-BBBE-E5AEA6632354}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe
FirewallRules: [{EC854981-EE73-4328-841B-AC4B219C0397}] => (Allow) C:\Users\mikelsoft\AppData\Local\Temp\InsC668\Setup.exe
FirewallRules: [{D03839A9-FDDC-4830-9879-73C2A2D04492}] => (Allow) C:\Users\mikelsoft\AppData\Local\Temp\InsC668\Setup.exe
FirewallRules: [{75DDD4C2-C336-4F96-B705-2B5ACAE16E22}] => (Allow) C:\Users\mikelsoft\AppData\Local\Temp\InsC668\Setup.exe
FirewallRules: [{E125BEAD-63BD-429C-AE0E-D79FDCAAE070}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3253A75F-E5A2-4DD6-AE0C-AFD278CC8B06}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{7B11C79D-FAD7-4538-B261-351120724AD0}C:\program files (x86)\calibre2\calibre.exe] => (Allow) C:\program files (x86)\calibre2\calibre.exe
FirewallRules: [UDP Query User{8E6503F4-4C8F-402B-957B-02819606F198}C:\program files (x86)\calibre2\calibre.exe] => (Allow) C:\program files (x86)\calibre2\calibre.exe
FirewallRules: [TCP Query User{E9322357-83A0-4F2B-B21F-C807FD990966}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{13593669-8B08-4DBF-825C-0AE9EF602A41}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{42326519-AF6B-4D86-B12C-CA217F6BA478}] => (Allow) C:\Program Files (x86)\webcamXP5\webcamXP.exe
FirewallRules: [{12CF3819-6AA7-40A6-A8CE-DC9E51CDA8D4}] => (Allow) C:\Program Files (x86)\webcamXP5\webcamXP.exe
FirewallRules: [TCP Query User{CD6A80CB-C7BD-4EC9-8E2F-5AD35DA4967F}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{AD64D56C-27C7-4BD6-8708-64426D12DF0F}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{8446DE49-5CC8-4364-ABCC-37FDECFF14B1}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{751CB134-8F94-41C2-B87D-710A55E63D67}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [TCP Query User{CF3F759F-A6C2-48CB-B2AE-A0C3FD429D1E}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{A1AD5D87-0E59-4DFF-83BE-7EBB1F2F8E28}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{F1DD4809-C173-4B53-B467-13E61068BE2A}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{07615E01-A7ED-4D71-8542-903D6AB1F021}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{8524E56C-E64D-47EA-90D6-06D21BEBB30A}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{5381F977-2AB2-4CCB-863A-307F60AF9190}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{F616A003-834D-463E-9886-6BCD01C95205}C:\program files\ispy\ispy.exe] => (Allow) C:\program files\ispy\ispy.exe
FirewallRules: [UDP Query User{8F4F8AF7-C6D3-4DAC-B591-4D66E3A305C3}C:\program files\ispy\ispy.exe] => (Allow) C:\program files\ispy\ispy.exe
FirewallRules: [TCP Query User{C723395C-FAD9-455F-829A-329FE89639B0}C:\program files (x86)\nmap\nmap.exe] => (Allow) C:\program files (x86)\nmap\nmap.exe
FirewallRules: [UDP Query User{036060BE-3CD3-4CE3-8494-C084810D0D5B}C:\program files (x86)\nmap\nmap.exe] => (Allow) C:\program files (x86)\nmap\nmap.exe
FirewallRules: [TCP Query User{98E2D91A-1402-474E-B270-848294829C1E}C:\program files (x86)\tftpd32\tftpd32.exe] => (Allow) C:\program files (x86)\tftpd32\tftpd32.exe
FirewallRules: [UDP Query User{AD5D99C4-0D17-45A3-8CF0-4411ED058EB9}C:\program files (x86)\tftpd32\tftpd32.exe] => (Allow) C:\program files (x86)\tftpd32\tftpd32.exe
FirewallRules: [{8D7EBA70-196E-4774-9A68-033FF6E9FC44}] => (Allow) %ProgramFiles% (x86)\Tftpd32\tftpd32.exe
FirewallRules: [{370AB302-580E-4A79-AEB9-F59A6436003F}] => (Allow) %ProgramFiles% (x86)\Tftpd32\tftpd32.exe
FirewallRules: [{34005C4C-4BFD-455C-B830-23EF57275B81}] => (Allow) C:\Program Files (x86)\DVBViewer\DVBViewer.exe
FirewallRules: [TCP Query User{83150398-5998-41C8-BB09-D848CCCB8961}H:\ts2015\railworks.exe] => (Allow) H:\ts2015\railworks.exe
FirewallRules: [UDP Query User{0920C755-60A1-4DF2-AAF6-A264E8EE795A}H:\ts2015\railworks.exe] => (Allow) H:\ts2015\railworks.exe
FirewallRules: [{09F31B63-83D6-4B37-A16B-3DE122D2D345}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe
FirewallRules: [{7B582961-1490-4223-850C-EEB744671485}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{87C304CD-E375-42E9-AA7E-E2C74D3A9DD6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{38B6FB8D-12B2-4630-8650-20B5D86A8CF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{543BC8D1-CF35-4437-B2F2-AFF387312E91}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{82956C84-F9D5-4DF8-B4D6-BBC2FF6B3CE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1047DCE0-C38A-496A-87EA-0A6E5E14640F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

18-04-2017 17:30:04 Geplanter Prüfpunkt
29-04-2017 11:15:09 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/29/2017 11:37:48 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "D:\My downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (04/29/2017 11:37:25 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "\\MIKELSOFT-PC\MyDownloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (04/29/2017 11:35:14 AM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{41FD88F7-F295-4D39-91AC-A85F3149A05B}" wurde abgelehnt.

Error: (04/29/2017 11:29:57 AM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{41FD88F7-F295-4D39-91AC-A85F3149A05B}" wurde abgelehnt.

Error: (04/29/2017 11:25:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 10.0.15063.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 12f4

Startzeit: 01d2c0ca2974b8a1

Beendigungszeit: 0

Anwendungspfad: C:\Windows\explorer.exe

Berichts-ID: b020ed4f-2047-4534-8e54-998040a551d1

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (04/29/2017 11:23:59 AM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{41FD88F7-F295-4D39-91AC-A85F3149A05B}" wurde abgelehnt.

Error: (04/29/2017 11:23:56 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_EXPIRED.

Error: (04/29/2017 11:16:49 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 10.0.15063.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1d94

Startzeit: 01d2b92b3336294f

Beendigungszeit: 22299

Anwendungspfad: C:\Windows\explorer.exe

Berichts-ID: ab6c5941-2197-40cb-af5e-071783391d4e

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (04/29/2017 11:16:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZENTIS)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/29/2017 11:05:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CompanionApp.exe, Version: 10.1609.1609.12001, Zeitstempel: 0x57d67860
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.15063.0, Zeitstempel: 0x72781892
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000004430af
ID des fehlerhaften Prozesses: 0x3730
Startzeit der fehlerhaften Anwendung: 0x01d2b9dbba0b512a
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1609.2561.0_x64__8wekyb3d8bbwe\CompanionApp.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll
Berichtskennung: ee6a4995-38e2-4bec-b8fc-dee968b937e6
Vollständiger Name des fehlerhaften Pakets: Microsoft.WindowsPhone_10.1609.2561.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CompanionApp.App


Systemfehler:
=============
Error: (04/29/2017 07:50:52 PM) (Source: DCOM) (EventID: 10016) (User: ZENTIS)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Zentis\mikelsoft" (SID: S-1-5-21-2426455433-2531843764-2980284681-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C}
 und der APPID 
{CE79BC8B-2980-4CA9-9570-6E0BF5B93BF2}
 im Anwendungscontainer "Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe" (SID: S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/29/2017 11:44:12 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (04/29/2017 11:32:28 AM) (Source: DCOM) (EventID: 10016) (User: ZENTIS)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Zentis\mikelsoft" (SID: S-1-5-21-2426455433-2531843764-2980284681-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C}
 und der APPID 
{CE79BC8B-2980-4CA9-9570-6E0BF5B93BF2}
 im Anwendungscontainer "Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe" (SID: S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/29/2017 11:23:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (04/29/2017 11:23:41 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (04/29/2017 11:23:25 AM) (Source: DCOM) (EventID: 10016) (User: ZENTIS)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Zentis\mikelsoft" (SID: S-1-5-21-2426455433-2531843764-2980284681-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C}
 und der APPID 
{CE79BC8B-2980-4CA9-9570-6E0BF5B93BF2}
 im Anwendungscontainer "Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe" (SID: S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/29/2017 11:22:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (04/29/2017 11:15:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/29/2017 11:04:52 AM) (Source: DCOM) (EventID: 10016) (User: ZENTIS)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Zentis\mikelsoft" (SID: S-1-5-21-2426455433-2531843764-2980284681-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C}
 und der APPID 
{CE79BC8B-2980-4CA9-9570-6E0BF5B93BF2}
 im Anwendungscontainer "Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe" (SID: S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/20/2017 09:55:05 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5


CodeIntegrity:
===================================
  Date: 2017-04-07 20:48:41.104
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-07 20:48:40.184
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-07 20:48:34.534
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-07 20:48:33.959
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-07 20:48:30.978
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-07 20:48:30.481
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD FX(tm)-6300 Six-Core Processor 
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 16340.73 MB
Verfügbarer physikalischer RAM: 12887.02 MB
Summe virtueller Speicher: 32724.73 MB
Verfügbarer virtueller Speicher: 28570.59 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:236.8 GB) (Free:17.63 GB) NTFS
Drive d: () (Fixed) (Total:228.96 GB) (Free:15.75 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.02 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (Lokaler Datenträger) (Fixed) (Total:465.66 GB) (Free:98.86 GB) NTFS
Drive g: () (Fixed) (Total:138.31 GB) (Free:19.06 GB) NTFS
Drive h: (Volume) (Fixed) (Total:793.2 GB) (Free:62.24 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 19294146)
Partition 1: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=604 GB) - (Type=05)
Partition 4: (Not Active) - (Size=793.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7CE96DF0)
Partition 1: (Active) - (Size=229 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=236.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 29.04.2017, 21:24   #9
inesa394
 
Mirai botnet Brief vom Telekom Sicherheitswarnung - Standard

Mirai botnet Brief vom Telekom Sicherheitswarnung



Rechner 2 FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 27-04-2017
durchgeführt von mikelsoft (Administrator) auf MIKELSOFT-PC (29-04-2017 19:48:28)
Gestartet von C:\Users\mikelsoft\Desktop
Geladene Profile: mikelsoft (Verfügbare Profile: mikelsoft & Acronis Agent User & fhem & DefaultAppPool)
Platform: Microsoft Windows 10 Home Version 1703 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_x86_772bc7bcc8c1c0c4\igfxCUIService.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
() C:\Program Files\BubbleUPnP Server\BubbleUPnPServer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acronis International GmbH) C:\Program Files\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
() C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(FileZilla Project) C:\Program Files\FileZilla Server\FileZilla Server.exe
() C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Acronis International GmbH) C:\Program Files\Common Files\Acronis\Infrastructure\mms_mini.exe
() C:\Program Files\No-IP\ducservice.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files\Raptr Inc\PlaysTV\plays_service.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(AMD) C:\Windows\System32\atieclxx.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x86__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(Logitech Inc.) C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Acronis International GmbH) C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
() C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
() C:\Program Files\No-IP\DUC40.exe
(CM&V Hackbart) C:\Program Files\DVBViewer\DVBVCtrl.exe
() C:\Program Files\AutoHotkey\AutoHotkey.exe
(rejetto) G:\download\hfs285.exe
(Crystal Dew World) C:\systemtest\CrystalDiskInfo6_5_2\DiskInfo.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x86__8wekyb3d8bbwe\WinStore.App.exe
(CM & V) C:\Program Files\DVBViewer\DVBVservice.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() G:\Deluge\deluge.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(CM&V Hackbart) C:\Program Files\DVBViewer\DVBViewer.exe
() C:\Program Files\DVBViewer\Plugins\EPGplus.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.0_none_be549efe47bbc296\TiWorker.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [485280 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [589104 2017-04-08] ()
HKLM\...\Run: [FileZilla Server Interface] => C:\Program Files\FileZilla Server\FileZilla Server Interface.exe [2770088 2017-02-08] (FileZilla Project)
HKLM\...\Run: [LWS] => C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM\...\Run: [PowerDVD16Agent] => C:\Program Files\CyberLink\PowerDVD16\PowerDVD16Agent.exe [516296 2016-03-14] (CyberLink Corp.)
HKLM\...\Run: [AcronisTibMounterMonitor] => C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425864 2017-02-14] (Acronis International GmbH)
HKLM\...\Run: [TrueImageMonitor.exe] => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [5110240 2017-04-08] ()
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [8156672 2017-03-30] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4360392 2016-02-26] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Raptr] => C:\Program Files\Raptr Inc\Raptr\raptrstub.exe [58584 2017-02-01] (Raptr, Inc)
HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\...\Run: [NoIPDUCv4] => C:\Program Files\No-IP\DUC40.exe [346624 2014-05-03] ()
HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\...\Run: [DVBV Service Ctrl] => C:\Program Files\DVBViewer\DVBVCtrl.exe [84120 2016-11-14] (CM&V Hackbart)
ShellIconOverlayIdentifiers: [     AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2017-03-02] ()
ShellIconOverlayIdentifiers: [     AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2017-03-02] ()
ShellIconOverlayIdentifiers: [     AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2017-03-02] ()
ShellIconOverlayIdentifiers: [     AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2017-03-02] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Deluge.lnk [2014-12-16]
ShortcutTarget: Deluge.lnk -> G:\Deluge\deluge.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GSB_Script_AllinOne.ahk [2014-12-27] ()
Startup: C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HFS.lnk [2015-01-01]
ShortcutTarget: HFS.lnk -> G:\download\hfs285.exe (rejetto)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 07 C:\Windows\system32\wlidnsp.dll [43008 2017-03-18] (Microsoft Corporation)
Winsock: Catalog5 08 C:\Windows\system32\wlidnsp.dll [43008 2017-03-18] (Microsoft Corporation)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{60df89d1-1065-4913-84d6-e1accae2cad5}: [NameServer] 192.168.178.1
Tcpip\..\Interfaces\{d007382c-8e5a-4211-a963-c95fb310769c}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2866739208-1381630699-1568876280-1001 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2866739208-1381630699-1568876280-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-20] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-20] (Oracle Corporation)
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab

Edge: 
======
Edge Session Restore: HKU\S-1-5-21-2866739208-1381630699-1568876280-1001 -> ist aktiviert.
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_1.11.0.0_neutral__c1wakc4j0nefm [2017-02-17]
Edge Extension: (Pin It Button) -> EdgeExtension_PinterestPinItButton_xnkra2w3aecd0 => C:\Program Files\WindowsApps\Pinterest.PinItButton_1.39.5.0_neutral__xnkra2w3aecd0 [2016-10-03]
Edge Extension: (Translator For Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.16.0_neutral__8wekyb3d8bbwe [2016-10-13]
Edge Extension: (Amazon Assistant) -> xxx_AmazoncomAmazonAssistant_343d40qqvtj1t => C:\Program Files\WindowsApps\Amazon.com.AmazonAssistant_10.1608.26.0_neutral__343d40qqvtj1t [2016-10-03]

FireFox:
========
FF ProfilePath: C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default [2017-04-29]
FF Homepage: Mozilla\Firefox\Profiles\sm15rvc6.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\sm15rvc6.default -> ist aktiviert.
FF Extension: (Forecastfox) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2016-05-10]
FF Extension: (Flagfox) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2017-04-19]
FF Extension: (PDF Download) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2016-04-27]
FF Extension: (Gmail Manager) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{582195F5-92E7-40a0-A127-DB71295901D7}.xpi [2016-05-10]
FF Extension: (Download Status Bar) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2016-09-27]
FF Extension: (NoScript) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-04-22]
FF Extension: (ImTranslator) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2017-01-07]
FF Extension: (WOT) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-10]
FF Extension: (Video DownloadHelper) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-12-30]
FF Extension: (Adblock Plus) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF Extension: (Download Statusbar) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2016-05-10]
FF Extension: (Tab Mix Plus) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-01-15]
FF SearchPlugin: C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\searchplugins\suche.xml [2014-01-22]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-11] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 -> C:\Program Files\Winamp Detect\npwachk.dll [2013-08-22] (Nullsoft, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f056386a-ace8-4385-b788-b001646a9ec1&searchtype=hp&installDate=20/05/2013","hxxp://www.google.com/","hxxp://www.istartsurf.com/?type=hp&ts=1438291744&z=835a089035872680a155b5eg1zfcbb0odtdofe7oeq&from=smt&uid=CorsairXForceX3XSSD_11476502000008951204","hxxp://www.istartsurf.com/?type=hppp&ts=1438291805&z=396efe5531988c07fea5102g8z3c4bfo6t8o8e4beb&from=smt&uid=CorsairXForceX3XSSD_11476502000008951204","hxxp://www.google.com"
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default [2017-04-27]
CHR Extension: (Google*Übersetzer) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2016-03-17]
CHR Extension: (Google Präsentationen) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-06]
CHR Extension: (h264ify) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleakchihdccplidncghkekgioiakgal [2016-08-17]
CHR Extension: (Google Docs) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (Google Drive) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-17]
CHR Extension: (Wetter (Erweiterung)) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2017-03-19]
CHR Extension: (TV) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2015-01-23]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-03-31]
CHR Extension: (YouTube) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-17]
CHR Extension: (Adblock Plus) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-31]
CHR Extension: (Webseiten-Screenshot - Webpage Screenshot) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2015-01-23]
CHR Extension: (Adblock für Youtube™) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-04-23]
CHR Extension: (Google-Suche) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-17]
CHR Extension: (XJZ Survey Remover) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cphljojhgmnabimjemakjleocdheengh [2015-01-23]
CHR Extension: (Google Tabellen) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-06]
CHR Extension: (Uhr) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2015-01-23]
CHR Extension: (Google Docs Offline) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-25]
CHR Extension: (AdBlock) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-23]
CHR Extension: (In Google Drive speichern) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2015-01-23]
CHR Extension: (Google Play Music) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2016-08-17]
CHR Extension: (Chrome to Mobile) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2015-01-23]
CHR Extension: (Dropbox) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-08-02]
CHR Extension: (Yahoo Partner) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdmjodecdegfglgaapafjleomjjlpnh [2017-03-19]
CHR Extension: (Erweiterte Startseite) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhlflcpjmbmnhfehipheboagibdjgmog [2015-08-02]
CHR Extension: (Google Maps) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-03-17]
CHR Extension: (Codebender App) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\magknjdfniglanojbpadmpjlglepnlko [2016-08-17]
CHR Extension: (Google Mail-Checker) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-01-23]
CHR Extension: (Radio Receiver) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\miieomcelenidlleokajkghmifldohpo [2016-08-17]
CHR Extension: (Downloads) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi [2017-04-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-31]
CHR Extension: (Picasa) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2015-01-23]
CHR Extension: (Google Mail) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR Extension: (Chrome Media Router) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-23]
CHR HKLM\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AcronisActiveProtectionService; C:\Program Files\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [1492904 2017-03-24] (Acronis International GmbH)
S3 AcronisAgent; C:\Program Files\Common Files\Acronis\Agent\agent.exe [1914768 2010-11-30] (Acronis)
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [1060328 2017-04-08] ()
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [6086232 2017-04-19] ()
R2 BubbleUPnP Server; C:\Program Files\BubbleUPnP Server\BubbleUPnPServer.exe [420352 2014-07-24] () [Datei ist nicht signiert]
S4 chip1click; C:\Program Files\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
S3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh.inf_x86_772bc7bcc8c1c0c4\IntelCpHeciSvc.exe [284112 2016-08-27] (Intel Corporation)
S3 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh.inf_x86_772bc7bcc8c1c0c4\IntelCpHDCPSvc.exe [359888 2016-08-27] (Intel Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd)
S2 DMS; C:\Program Files\Acronis\DiskDirectorAdvanced\mms.exe [4638352 2010-11-30] (Acronis)
R2 DVBVRecorder; C:\Program Files\DVBViewer\DVBVservice.exe [867992 2016-11-14] (CM & V)
S3 Emby; C:\Users\mikelsoft\AppData\Roaming\Emby-Server\system\MediaBrowser.ServerApplication.exe [148448 2017-04-22] ()
R2 FileZilla Server; C:\Program Files\FileZilla Server\FileZilla Server.exe [859304 2017-02-08] (FileZilla Project)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh.inf_x86_772bc7bcc8c1c0c4\igfxCUIService.exe [261072 2016-08-27] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [737576 2016-07-26] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-20] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3303888 2017-01-20] (Malwarebytes)
R2 mmsminisrv; C:\Program Files\Common Files\Acronis\Infrastructure\mms_mini.exe [4795288 2017-02-13] (Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [2908352 2017-01-06] (Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files\Acronis\TrueImageHome\mobile_backup_status_server.exe [1617520 2017-04-08] ()
R2 NoIPDUCService4; C:\Program Files\No-IP\ducservice.exe [11776 2014-05-03] () [Datei ist nicht signiert]
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [33080 2015-08-04] (The OpenVPN Project)
R2 PlaysService; C:\Program Files\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-02-16] (Copyright (c) 2017 Plays.tv, LLC)
S3 rpcapd; C:\Program Files\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 syncagentsrv; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7014728 2017-03-07] ()
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [7757040 2017-04-06] (TeamViewer GmbH)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [55808 2015-02-17] (Code Sector) [Datei ist nicht signiert]
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
R2 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [3458952 2012-05-29] (RealVNC Ltd)
S3 w7Svc; C:\Program Files\webcam 7\wService.exe [5256512 2013-11-29] (Moonware Studios) [Datei ist nicht signiert]
S3 wampapache; c:\wamp\bin\apache\apache2.4.23\bin\httpd.exe [26112 2016-07-01] (Apache Software Foundation) [Datei ist nicht signiert]
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe [8177664 2012-04-19] () [Datei ist nicht signiert]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [265352 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [82488 2017-03-18] (Microsoft Corporation)
S3 wlpasvc; C:\WINDOWS\System32\lpasvc.dll [842752 2017-03-18] (Microsoft Corporation)
S4 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [Datei ist nicht signiert]
S2 AMD FUEL Service; "C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService [X]
S4 RemShutDownSvc; C:\Windows\System32\remsdnsv.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [17608 2016-02-26] (Advanced Micro Devices, Inc.)
S0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [73928 2015-03-30] (Advanced Micro Devices)
S0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [36040 2015-03-30] (Advanced Micro Devices)
S3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [124504 2013-05-19] (SlySoft, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [50400 2014-02-11] (Advanced Micro Devices)
R3 BthLEEnum; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [78848 2017-03-18] (Microsoft Corporation)
R3 DDBaseNg; C:\WINDOWS\system32\DRIVERS\DDBaseNg.sys [70528 2017-01-17] (Digital Devices GmbH)
R3 DDCapture; C:\WINDOWS\system32\DRIVERS\DDCapture.sys [14848 2017-01-17] (Digital Devices GmbH)
R3 DDTuner; C:\WINDOWS\system32\DRIVERS\DDTuner.sys [192384 2017-01-17] (Digital Devices GmbH)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-08-10] (Disc Soft Ltd)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [367448 2017-04-19] (Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [284504 2017-04-19] (Acronis International GmbH)
S3 HWiNFO32; C:\Users\mikelsoft\AppData\Local\Temp\HWiNFO32.SYS [23840 2017-04-22] (REALiX(tm)) <==== ACHTUNG
S3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh.inf_x86_772bc7bcc8c1c0c4\igdkmd32.sys [9666512 2016-08-27] (Intel Corporation)
S3 intaud_WaveExtensible; C:\WINDOWS\system32\drivers\intelaud.sys [46584 2015-12-07] (Intel Corporation)
R3 iwdbus; C:\WINDOWS\System32\drivers\iwdbus.sys [37880 2015-12-07] (Intel Corporation)
R3 LEqdUsb; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [42648 2011-09-02] (Logitech, Inc.)
R3 LHidEqd; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [12184 2011-09-02] (Logitech, Inc.)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [220088 2017-04-27] (Malwarebytes)
R3 MEI; C:\WINDOWS\System32\drivers\TeeDriverW8.sys [177760 2016-09-22] (Intel Corporation)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [795656 2016-08-23] (Realtek                                            )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [23040 2014-11-05] (The OpenVPN Project)
R3 teamviewervpn; C:\WINDOWS\System32\drivers\teamviewervpn.sys [25088 2011-11-11] (TeamViewer GmbH)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [828248 2017-04-19] (Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [166232 2017-04-19] (Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [472920 2017-04-19] (Acronis International GmbH)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [248664 2017-04-19] (Acronis International GmbH)
R1 vncmirror; C:\WINDOWS\system32\DRIVERS\vncmirror.sys [4608 2011-08-18] (RealVNC Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37464 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [243104 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [96672 2017-03-18] (Microsoft Corporation)
R2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; C:\Program Files\CyberLink\PowerDVD16\Common\NavFilter\000.fcl [24504 2016-03-14] (CyberLink Corp.)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [26824 2014-08-12] (CyberLink Corp.)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-29 19:48 - 2017-04-29 19:48 - 00031296 _____ C:\Users\mikelsoft\Desktop\FRST.txt
2017-04-27 17:24 - 2017-04-27 17:22 - 01663672 _____ (Malwarebytes) C:\Users\mikelsoft\Desktop\JRT.exe
2017-04-27 17:14 - 2017-04-27 17:14 - 00220088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\325A2073.sys
2017-04-27 17:09 - 2017-04-27 17:09 - 00001264 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-04-27 17:09 - 2017-04-27 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-04-27 17:09 - 2017-04-27 17:09 - 00000000 ____D C:\Program Files\VS Revo Group
2017-04-27 17:09 - 2017-04-27 16:57 - 04102600 _____ C:\Users\mikelsoft\Desktop\adwcleaner_6.046.exe
2017-04-27 17:09 - 2017-04-27 15:50 - 00602112 _____ (OldTimer Tools) C:\Users\mikelsoft\Desktop\OTL.exe
2017-04-26 20:12 - 2017-04-26 20:12 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Xbmccustomregis
2017-04-26 20:10 - 2017-04-26 20:10 - 00000000 ____D C:\WINDOWS\ShellNew
2017-04-26 20:10 - 2017-04-26 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2017-04-26 20:10 - 2017-04-26 20:10 - 00000000 ____D C:\Program Files\AutoHotkey
2017-04-26 16:56 - 2017-04-26 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2017-04-23 14:31 - 2017-04-23 14:31 - 00000000 ____D C:\Program Files\DigitalDevices
2017-04-22 19:07 - 2017-04-22 19:07 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Emby
2017-04-22 19:07 - 2017-04-22 19:07 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Emby-Server
2017-04-22 19:06 - 2017-04-22 19:06 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Emby-InstallLogs
2017-04-22 17:50 - 2017-04-22 17:50 - 00000000 ____D C:\wamp
2017-04-20 19:44 - 2017-03-18 20:18 - 00954600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winloadp.exe
2017-04-20 19:43 - 2017-04-01 02:38 - 05862296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnx.exe
2017-04-20 19:27 - 2017-04-20 19:27 - 00000000 ____D C:\Patch
2017-04-20 18:25 - 2017-04-20 19:11 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-04-20 17:26 - 2017-04-20 17:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-04-20 17:21 - 2017-04-20 17:21 - 00017310 _____ C:\WINDOWS\system32\results.xml
2017-04-20 17:20 - 2017-04-23 22:41 - 00000000 __SHD C:\Users\mikelsoft\IntelGraphicsProfiles
2017-04-20 16:53 - 2017-04-20 16:53 - 00000000 ____D C:\Program Files\Common Files\Intel
2017-04-20 16:53 - 2017-04-20 16:53 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-04-20 16:52 - 2017-04-20 17:20 - 00000000 ____D C:\Intel
2017-04-20 16:09 - 2016-08-23 04:19 - 00795656 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x86.sys
2017-04-20 16:09 - 2016-08-23 04:19 - 00085616 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp32.dll
2017-04-20 16:07 - 2017-04-20 16:53 - 00000000 ____D C:\Program Files\Intel
2017-04-20 16:07 - 2017-04-20 16:08 - 00000000 ____D C:\ProgramData\Intel
2017-04-20 16:07 - 2017-04-20 16:07 - 00000000 ____D C:\Users\mikelsoft\Intel
2017-04-20 16:07 - 2017-04-20 16:07 - 00000000 ____D C:\Program Files\Common Files\PostureAgent
2017-04-20 16:06 - 2017-04-20 16:06 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-04-20 16:06 - 2017-04-20 16:06 - 00000000 ____D C:\WINDOWS\system32\RTCOM
2017-04-20 16:06 - 2017-04-20 16:06 - 00000000 ____D C:\WINDOWS\system32\DAX3
2017-04-20 16:06 - 2017-04-20 16:06 - 00000000 ____D C:\WINDOWS\system32\DAX2
2017-04-20 16:06 - 2017-03-30 01:36 - 01279312 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo32.dll
2017-04-20 16:06 - 2017-03-30 01:36 - 00562416 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo32.dll
2017-04-20 16:06 - 2017-03-30 01:36 - 00390936 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo32.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 02800320 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech32.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 01400800 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 01074048 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 00860512 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo2.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 00794792 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo32.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 00401040 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 00357152 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSXT.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 00341144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 00196008 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSHD.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 00183608 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP360.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 00150552 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 00144680 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 00067744 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\TepeqAPO.dll
2017-04-20 16:06 - 2017-03-30 01:32 - 00232744 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp32.dll
2017-04-20 16:05 - 2017-04-20 16:09 - 00000000 ____D C:\Program Files\Realtek
2017-04-20 16:05 - 2017-04-20 16:07 - 00000000 ___HD C:\Program Files\Temp
2017-04-20 16:05 - 2017-03-30 01:34 - 03173736 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt32.dll
2017-04-20 16:05 - 2017-03-30 01:34 - 02558352 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApoApi.dll
2017-04-20 16:05 - 2017-03-30 01:34 - 00936608 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2017-04-20 16:05 - 2017-03-30 01:34 - 00911080 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo32.dll
2017-04-20 16:05 - 2017-03-30 01:34 - 00876400 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF32.dll
2017-04-20 16:05 - 2017-03-30 01:34 - 00740560 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA32.dll
2017-04-20 16:05 - 2017-03-30 01:34 - 00736936 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN32.dll
2017-04-20 16:05 - 2017-03-30 01:34 - 00480792 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO32.dll
2017-04-20 16:05 - 2017-03-30 01:34 - 00225040 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK.dll
2017-04-20 16:05 - 2017-03-30 01:34 - 00083632 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM.dll
2017-04-20 16:05 - 2017-03-30 01:34 - 00078480 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 03082024 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 01531672 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 01313120 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00688224 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00645816 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00615864 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00471280 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00371808 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP32A.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00364016 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED32A.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00363416 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00327944 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00316424 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00307232 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT32.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00307232 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA32.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00221904 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00214664 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00214664 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00200728 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00181224 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED32A.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00116648 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL32A.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00101616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA32A.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00088272 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL32A.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00074376 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG32A.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00071704 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG32A.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 72520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes.dat
2017-04-20 16:05 - 2017-03-30 01:32 - 07170864 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP32A.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 07053688 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP32A.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 04397056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHDA.sys
2017-04-20 16:05 - 2017-03-30 01:32 - 04244224 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 02946560 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSndMgr.cpl
2017-04-20 16:05 - 2017-03-30 01:32 - 02906624 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkPgExt.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 02156032 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoInstII.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 01824912 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 01512312 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD32A.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 01239800 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 01225568 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 01104832 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 01024008 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00881152 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00669584 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00402064 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00387616 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00367352 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00322056 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00285624 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO32A.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00232416 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA32.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00229584 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00229584 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00229032 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00130296 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00101320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00096600 _____ C:\WINDOWS\system32\audioLibVc.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00022152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR.dll
2017-04-20 16:05 - 2017-03-30 01:31 - 00197432 _____ C:\WINDOWS\system32\AcpiServiceVnA.dll
2017-04-20 16:05 - 2017-03-29 20:08 - 12733323 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-04-20 16:05 - 2017-03-29 20:08 - 05804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2017-04-20 16:05 - 2016-09-22 08:55 - 02839520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2017-04-20 00:45 - 2017-04-20 00:45 - 00000218 _____ C:\Users\mikelsoft\AppData\Local\recently-used.xbel
2017-04-20 00:31 - 2017-04-20 00:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenshotCaptor
2017-04-19 21:19 - 2017-04-19 21:19 - 00000000 ____D C:\Users\mikelsoft\Desktop\TrueImageReadme
2017-04-19 21:11 - 2017-04-19 21:11 - 00000000 ____D C:\Program Files\Bonjour
2017-04-19 21:10 - 2017-04-19 21:10 - 00367448 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_protector.sys
2017-04-19 21:10 - 2017-04-19 21:10 - 00284504 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys
2017-04-19 21:10 - 2017-04-19 21:10 - 00000000 ____D C:\ProgramData\Acronis Mobile Backup Data
2017-04-19 21:09 - 2017-04-19 21:09 - 00828248 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib1192.sys
2017-04-19 21:09 - 2017-04-19 21:09 - 00472920 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys
2017-04-19 21:09 - 2017-04-19 21:09 - 00271704 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman2542.sys
2017-04-19 21:09 - 2017-04-19 21:09 - 00248664 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file.sys
2017-04-19 21:09 - 2017-04-19 21:09 - 00166232 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2017-04-19 21:09 - 2017-04-19 21:09 - 00139096 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv2275.sys
2017-04-19 21:09 - 2017-04-19 21:09 - 00001244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk
2017-04-19 21:09 - 2017-04-19 21:09 - 00001232 _____ C:\Users\Public\Desktop\Acronis True Image.lnk
2017-04-19 21:09 - 2017-04-19 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2017-04-19 21:07 - 2017-04-19 22:14 - 00000000 ____D C:\ProgramData\Acronis
2017-04-19 20:52 - 2017-04-19 20:52 - 00220088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\77665653.sys
2017-04-19 01:19 - 2017-04-19 01:19 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\{1EB528E9-3A1D-4451-5785-61B973ED9D21}
2017-04-19 01:13 - 2017-04-19 01:13 - 00002301 _____ C:\Users\Public\Desktop\CyberLink PowerDVD 17.lnk
2017-04-19 01:13 - 2017-04-19 01:13 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 17
2017-04-19 01:06 - 2017-04-19 01:06 - 00000000 ____D C:\ProgramData\install_backup
2017-04-19 00:47 - 2017-04-19 00:47 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\CyberLink
2017-04-19 00:34 - 2017-04-19 00:34 - 00002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD.lnk
2017-04-19 00:34 - 2017-04-19 00:34 - 00002301 _____ C:\Users\Public\Desktop\CyberLink PowerDVD 16.lnk
2017-04-15 12:32 - 2017-04-26 17:21 - 00000000 ____D C:\WINDOWS\Minidump
2017-04-13 17:36 - 2017-04-13 17:36 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\DBG
2017-04-12 18:04 - 2017-04-12 18:04 - 00000320 _____ C:\Users\mikelsoft\Desktop\MyHarmony.appref-ms
2017-04-12 18:04 - 2017-04-12 18:04 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logitech
2017-04-12 18:04 - 2017-04-12 18:04 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Logitech
2017-04-12 18:03 - 2017-04-22 19:06 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\Deployment
2017-04-12 00:00 - 2017-04-12 00:00 - 00000020 ___SH C:\Users\Acronis Agent User\ntuser.ini
2017-04-11 20:39 - 2017-04-01 02:57 - 01432296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-11 20:39 - 2017-04-01 02:57 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-11 20:39 - 2017-04-01 02:57 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-11 20:39 - 2017-04-01 02:38 - 05862296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-11 20:39 - 2017-04-01 02:30 - 02023320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-11 20:39 - 2017-04-01 02:30 - 00341920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-11 20:39 - 2017-04-01 02:29 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-11 20:39 - 2017-04-01 02:29 - 00169376 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-04-11 20:39 - 2017-04-01 02:28 - 01520032 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-04-11 20:39 - 2017-04-01 02:25 - 06756920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-11 20:39 - 2017-04-01 02:25 - 00986592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-11 20:39 - 2017-04-01 02:11 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-11 20:39 - 2017-04-01 02:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-11 20:39 - 2017-04-01 02:09 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-11 20:39 - 2017-04-01 02:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-11 20:39 - 2017-04-01 02:09 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-11 20:39 - 2017-04-01 02:08 - 19334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-11 20:39 - 2017-04-01 02:04 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-04-11 20:39 - 2017-04-01 02:02 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-04-11 20:39 - 2017-04-01 02:02 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-04-11 20:39 - 2017-04-01 02:01 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-04-11 20:39 - 2017-04-01 01:59 - 11869696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-11 20:39 - 2017-04-01 01:58 - 06296064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-11 20:39 - 2017-04-01 01:58 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-11 20:39 - 2017-04-01 01:56 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-04-11 20:39 - 2017-04-01 01:55 - 01127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-04-11 20:39 - 2017-04-01 01:54 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-04-11 20:39 - 2017-04-01 01:52 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-11 20:39 - 2017-04-01 01:52 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-11 20:39 - 2017-03-31 23:01 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-04-10 15:31 - 2017-04-10 15:31 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-04-10 15:27 - 2017-04-10 15:27 - 00000020 ___SH C:\Users\mikelsoft\ntuser.ini
2017-04-09 23:18 - 2017-04-09 23:18 - 00286624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-04-09 23:18 - 2017-03-17 22:45 - 05739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2017-04-09 23:18 - 2017-03-17 22:43 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2017-04-09 23:18 - 2017-03-17 22:35 - 05484544 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2017-04-09 23:17 - 2017-04-09 23:17 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-04-09 23:17 - 2017-04-09 22:35 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-04-09 23:15 - 2017-04-19 21:44 - 00000000 ____D C:\WINDOWS\system32\msmq
2017-04-09 23:15 - 2017-04-09 23:15 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2017-04-09 23:15 - 2017-04-09 23:15 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-04-09 23:15 - 2017-04-09 23:15 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-04-09 23:15 - 2017-04-09 23:15 - 00000000 ____D C:\Program Files\MSBuild
2017-04-09 23:15 - 2017-04-09 23:15 - 00000000 ____D C:\inetpub
2017-04-09 23:14 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-04-09 23:14 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-04-09 23:14 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-04-09 22:56 - 2017-04-09 23:01 - 00019053 _____ C:\WINDOWS\diagwrn.xml
2017-04-09 22:56 - 2017-04-09 23:01 - 00019053 _____ C:\WINDOWS\diagerr.xml
2017-04-09 22:49 - 2017-04-27 18:56 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-09 22:35 - 2017-04-09 22:35 - 00001487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-04-09 22:34 - 2017-04-09 22:34 - 00000000 ____D C:\ProgramData\USOShared
2017-04-09 22:31 - 2017-04-09 22:31 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-04-09 22:30 - 2017-04-09 22:30 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-04-09 22:25 - 2017-04-27 19:01 - 02958494 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-09 22:25 - 2017-04-26 19:39 - 00000000 ____D C:\Users\mikelsoft
2017-04-09 22:25 - 2017-04-20 16:04 - 00000000 ____D C:\ProgramData\AMD
2017-04-09 22:25 - 2017-04-12 00:00 - 00000000 ____D C:\Users\Acronis Agent User
2017-04-09 22:25 - 2017-04-09 22:47 - 00000000 ____D C:\Users\DefaultAppPool
2017-04-09 22:25 - 2017-04-09 22:40 - 00000000 ____D C:\Users\fhem
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\Vorlagen
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\Startmenü
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\Netzwerkumgebung
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\Lokale Einstellungen
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\Eigene Dateien
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\Druckumgebung
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\Documents\Eigene Videos
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\Documents\Eigene Musik
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\Documents\Eigene Bilder
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\AppData\Local\Verlauf
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\AppData\Local\Anwendungsdaten
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\Anwendungsdaten
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\Vorlagen
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\Startmenü
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\Netzwerkumgebung
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\Lokale Einstellungen
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\Eigene Dateien
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\Druckumgebung
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\Documents\Eigene Videos
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\Documents\Eigene Musik
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\Documents\Eigene Bilder
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\AppData\Local\Verlauf
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\AppData\Local\Anwendungsdaten
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\Anwendungsdaten
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\Vorlagen
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\Startmenü
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\Netzwerkumgebung
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\Lokale Einstellungen
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\Eigene Dateien
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\Druckumgebung
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\Documents\Eigene Videos
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\Documents\Eigene Musik
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\Documents\Eigene Bilder
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\AppData\Local\Verlauf
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\AppData\Local\Anwendungsdaten
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\Anwendungsdaten
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 ____D C:\Program Files\ATI Technologies
2017-04-09 22:24 - 2017-04-25 11:04 - 00000000 ____D C:\Program Files\AMD
2017-04-09 22:24 - 2017-04-20 16:08 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-09 22:24 - 2017-04-09 22:24 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-04-09 22:24 - 2017-04-09 22:24 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-04-09 22:24 - 2017-04-09 22:24 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2017-04-09 22:23 - 2017-04-29 17:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-09 22:23 - 2017-04-27 18:56 - 00232264 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-09 20:51 - 2017-04-10 15:28 - 00000000 ___DC C:\WINDOWS\Panther
2017-04-07 19:38 - 2017-04-29 19:48 - 00000000 ____D C:\FRST
2017-04-07 17:37 - 2017-04-22 20:42 - 00161216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-04-07 17:36 - 2017-04-22 20:42 - 00096704 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-04-07 17:36 - 2017-04-22 20:42 - 00073664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-04-07 17:36 - 2017-04-22 20:42 - 00039360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-04-07 17:35 - 2017-04-12 20:59 - 00059904 _____ C:\WINDOWS\system32\Drivers\mbae.sys
2017-04-07 17:35 - 2017-04-09 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-04-07 17:35 - 2017-04-07 17:35 - 00002097 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-04-07 17:35 - 2017-04-07 17:35 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-07 17:27 - 2017-04-07 17:27 - 00000000 ____D C:\Program Files\McAfee
2017-04-07 17:26 - 2017-04-29 10:47 - 01768448 _____ (Farbar) C:\Users\mikelsoft\Desktop\FRST.exe
2017-04-07 17:15 - 2017-04-09 20:51 - 00000036 _____ C:\WINDOWS\progress.ini
2017-04-07 16:39 - 2017-04-10 15:27 - 00000000 ___HD C:\$GetCurrent
2017-04-07 16:39 - 2017-04-10 15:27 - 00000000 ____D C:\Windows10Upgrade
2017-04-07 16:39 - 2017-04-09 19:20 - 00000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Upgrade-Assistent.lnk
2017-04-07 16:39 - 2017-04-09 19:20 - 00000719 _____ C:\Users\mikelsoft\Desktop\Windows 10-Upgrade-Assistent.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-29 15:32 - 2013-03-23 13:05 - 00000000 ____D C:\Program Files\BubbleUPnP Server
2017-04-29 13:18 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-29 12:25 - 2011-12-30 19:44 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\deluge
2017-04-28 22:15 - 2016-11-21 14:53 - 00000000 ____D C:\Users\mikelsoft\AppData\LocalLow\Mozilla
2017-04-28 16:18 - 2015-01-23 17:23 - 00002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-28 16:18 - 2015-01-23 17:23 - 00002198 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-27 19:01 - 2017-03-19 10:57 - 01363676 _____ C:\WINDOWS\system32\perfh007.dat
2017-04-27 19:01 - 2017-03-19 10:57 - 00330916 _____ C:\WINDOWS\system32\perfc007.dat
2017-04-27 18:56 - 2014-03-26 13:28 - 00220088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-27 18:56 - 2011-12-25 19:00 - 00000000 ____D C:\Temp
2017-04-27 18:50 - 2017-03-18 08:02 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-04-27 18:49 - 2011-12-25 21:01 - 00000000 ____D C:\Program Files\TeamViewer
2017-04-27 17:14 - 2013-09-14 19:56 - 00000000 ____D C:\AdwCleaner
2017-04-27 17:14 - 2012-12-11 15:20 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-04-27 17:09 - 2008-05-30 23:09 - 00731136 _____ C:\Users\mikelsoft\Desktop\avenger.exe
2017-04-27 14:56 - 2017-03-18 20:23 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-26 20:20 - 2014-12-23 17:06 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Kodi
2017-04-26 17:21 - 2011-12-25 18:47 - 01172701 ____N C:\WINDOWS\Minidump\042617-17609-01.dmp
2017-04-26 17:10 - 2013-04-10 16:08 - 00000625 _____ C:\Users\mikelsoft\advancedsettings.xml
2017-04-26 16:56 - 2014-12-23 17:03 - 00000000 ____D C:\Program Files\Kodi
2017-04-26 14:54 - 2014-02-15 21:27 - 00000600 _____ C:\Users\mikelsoft\AppData\Roaming\winscp.rnd
2017-04-26 03:55 - 2017-03-18 20:14 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-25 11:00 - 2012-01-26 13:31 - 00000000 ____D C:\AMD
2017-04-23 22:50 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-23 17:32 - 2015-10-20 18:48 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\AIMP
2017-04-23 14:31 - 2017-03-18 20:21 - 00000000 ____D C:\WINDOWS\INF
2017-04-23 14:22 - 2016-09-24 01:43 - 00016400 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2017-04-22 20:55 - 2011-12-25 18:47 - 01168077 ____N C:\WINDOWS\Minidump\042217-24156-01.dmp
2017-04-22 20:49 - 2011-12-25 18:47 - 01167565 ____N C:\WINDOWS\Minidump\042217-21046-01.dmp
2017-04-22 20:42 - 2011-12-25 18:47 - 01170765 ____N C:\WINDOWS\Minidump\042217-24000-01.dmp
2017-04-22 20:10 - 2014-12-23 17:14 - 00005398 _____ C:\Users\mikelsoft\sources.xml
2017-04-22 17:55 - 2016-05-29 16:16 - 00001462 _____ C:\Users\Public\Desktop\Wampserver32.lnk
2017-04-22 17:52 - 2016-05-29 16:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wampserver32
2017-04-20 19:11 - 2013-06-04 20:48 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-04-20 17:28 - 2016-08-30 19:31 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\PlaysTV
2017-04-20 17:28 - 2015-08-02 22:14 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Raptr
2017-04-20 17:26 - 2011-12-25 20:04 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\AMD
2017-04-20 16:51 - 2009-10-14 21:00 - 00000000 ____D C:\my download
2017-04-20 16:09 - 2011-12-25 22:43 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-04-20 00:32 - 2015-02-19 22:59 - 00000058 _____ C:\Users\mikelsoft\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2017-04-20 00:31 - 2011-12-25 21:29 - 00000000 ____D C:\Program Files\ScreenshotCaptor
2017-04-19 21:10 - 2011-12-25 22:51 - 00000000 ____D C:\Program Files\Common Files\Acronis
2017-04-19 21:09 - 2013-08-31 11:13 - 00828248 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2017-04-19 21:09 - 2013-08-31 11:13 - 00139096 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2017-04-19 21:09 - 2011-12-25 22:52 - 00271704 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2017-04-19 21:08 - 2011-12-25 22:51 - 00000000 ____D C:\Program Files\Acronis
2017-04-19 19:27 - 2011-12-30 22:48 - 00000000 ____D C:\Users\mikelsoft\Documents\CyberLink
2017-04-19 01:13 - 2013-06-30 13:32 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\CyberLink
2017-04-19 01:12 - 2014-10-07 18:26 - 00000000 ____D C:\Program Files\NSIS Uninstall Information
2017-04-19 01:12 - 2013-06-30 13:32 - 00000000 ____D C:\ProgramData\CyberLink
2017-04-19 01:07 - 2013-06-30 13:28 - 00000000 ____D C:\Program Files\CyberLink
2017-04-19 01:06 - 2014-10-07 18:19 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2017-04-19 01:06 - 2011-12-25 22:46 - 00000000 ____D C:\ProgramData\install_clap
2017-04-18 19:10 - 2011-12-25 20:59 - 00000000 ____D C:\ProgramData\Temp
2017-04-16 08:33 - 2016-08-11 07:09 - 00000998 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2017-04-16 08:33 - 2016-08-11 07:09 - 00000986 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2017-04-16 01:04 - 2016-11-20 04:42 - 00000000 _____ C:\ProgramData\CLDShowX.ini
2017-04-15 13:00 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-04-15 12:32 - 2011-12-25 18:47 - 00257199 ____N C:\WINDOWS\Minidump\041517-20968-01.dmp
2017-04-13 18:04 - 2013-07-21 14:27 - 00000000 ____D C:\Program Files\DVBViewer
2017-04-13 18:02 - 2017-03-16 23:28 - 00001934 _____ C:\Users\Public\Desktop\DVBViewer.lnk
2017-04-13 18:02 - 2011-12-30 15:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVBViewer
2017-04-13 15:58 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\rescache
2017-04-11 23:16 - 2013-07-13 13:11 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-04-11 20:52 - 2013-07-13 13:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-11 20:41 - 2013-07-13 13:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-04-11 20:41 - 2011-12-25 19:12 - 145733648 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-11 19:59 - 2016-09-24 02:04 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\ConnectedDevicesPlatform
2017-04-11 19:08 - 2012-08-24 22:20 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\ElevatedDiagnostics
2017-04-11 17:35 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-04-11 15:38 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\appcompat
2017-04-10 15:47 - 2015-08-02 21:20 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\Packages
2017-04-10 15:36 - 2015-08-02 21:27 - 00002441 _____ C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-10 15:36 - 2015-08-02 21:27 - 00000000 ___RD C:\Users\mikelsoft\OneDrive
2017-04-10 15:28 - 2017-03-18 20:23 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-10 15:28 - 2015-08-02 21:20 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-09 23:22 - 2017-03-18 20:23 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-04-09 23:19 - 2017-03-18 20:25 - 00000000 ____D C:\WINDOWS\Setup
2017-04-09 23:18 - 2017-03-19 10:58 - 00000000 ____D C:\WINDOWS\OCR
2017-04-09 23:15 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-04-09 23:15 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-04-09 23:15 - 2017-03-18 20:20 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmpsnap.dll
2017-04-09 23:15 - 2017-03-18 20:20 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\evntwin.exe
2017-04-09 23:15 - 2017-03-18 20:20 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\evntagnt.dll
2017-04-09 23:15 - 2017-03-18 20:20 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmp.exe
2017-04-09 23:15 - 2017-03-18 20:20 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\hostmib.dll
2017-04-09 23:15 - 2017-03-18 20:20 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lmmib2.dll
2017-04-09 23:15 - 2017-03-18 20:20 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\evntcmd.exe
2017-04-09 23:15 - 2017-03-18 20:20 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmpmib.dll
2017-04-09 23:15 - 2017-03-18 20:19 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-04-09 23:15 - 2017-03-18 20:19 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-04-09 23:15 - 2017-03-18 20:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-04-09 23:15 - 2017-03-18 20:19 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-04-09 23:15 - 2017-03-18 20:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-04-09 23:15 - 2017-03-18 20:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-04-09 23:15 - 2017-03-18 20:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00973312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dplayx.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2017-04-09 23:15 - 2017-03-18 20:18 - 00107882 _____ C:\WINDOWS\system32\mib_ii.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2017-04-09 23:15 - 2017-03-18 20:18 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2017-04-09 23:15 - 2017-03-18 20:18 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2017-04-09 23:15 - 2017-03-18 20:18 - 00048593 _____ C:\WINDOWS\system32\hostmib.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpwsockx.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2017-04-09 23:15 - 2017-03-18 20:18 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2017-04-09 23:15 - 2017-03-18 20:18 - 00034317 _____ C:\WINDOWS\system32\msiprip2.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00030448 _____ C:\WINDOWS\system32\mcastmib.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00026236 _____ C:\WINDOWS\system32\wins.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00026100 _____ C:\WINDOWS\system32\lmmib2.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2017-04-09 23:15 - 2017-03-18 20:18 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpmodemx.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-04-09 23:15 - 2017-03-18 20:18 - 00022462 _____ C:\WINDOWS\system32\rfc2571.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00021271 _____ C:\WINDOWS\system32\http.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dplaysvr.exe
2017-04-09 23:15 - 2017-03-18 20:18 - 00015799 _____ C:\WINDOWS\system32\ipforwd.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00015032 _____ C:\WINDOWS\system32\authserv.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00014032 _____ C:\WINDOWS\system32\accserv.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00013767 _____ C:\WINDOWS\system32\msipbtp.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2017-04-09 23:15 - 2017-03-18 20:18 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00006179 _____ C:\WINDOWS\system32\ftp.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00004597 _____ C:\WINDOWS\system32\dhcp.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00004411 _____ C:\WINDOWS\system32\smi.mib
2017-04-09 23:02 - 2017-03-18 20:23 - 00000000 ____D C:\Program Files\Windows NT
2017-04-09 23:01 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-04-09 23:01 - 2017-03-18 08:02 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-04-09 22:55 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\Registration
2017-04-09 22:54 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-04-09 22:49 - 2015-08-02 21:18 - 00021628 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-04-09 22:48 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\Media
2017-04-09 22:47 - 2017-03-18 20:23 - 00000000 __RHD C:\Users\Public\Libraries
2017-04-09 22:36 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2017-04-09 22:35 - 2017-03-20 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter
2017-04-09 22:35 - 2017-03-20 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
2017-04-09 22:35 - 2017-03-16 23:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MDAPI_Plus
2017-04-09 22:35 - 2017-03-02 01:25 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music
2017-04-09 22:35 - 2017-02-17 23:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2017-04-09 22:35 - 2016-10-06 22:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2017-04-09 22:35 - 2016-09-24 01:43 - 00000000 ____D C:\Program Files\Common Files\logishrd
2017-04-09 22:35 - 2016-05-06 00:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-BE
2017-04-09 22:35 - 2016-04-26 19:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-04-09 22:35 - 2016-04-11 18:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BubbleUPnP Server
2017-04-09 22:35 - 2016-04-11 17:49 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sichbo Interactive
2017-04-09 22:35 - 2016-02-07 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-04-09 22:35 - 2015-10-20 18:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-04-09 22:35 - 2015-08-10 11:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2017-04-09 22:35 - 2015-08-06 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY
2017-04-09 22:35 - 2015-08-06 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2017-04-09 22:35 - 2015-08-02 22:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2017-04-09 22:35 - 2015-05-20 19:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YoutubeDLG
2017-04-09 22:35 - 2015-05-04 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2017-04-09 22:35 - 2015-05-03 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player Classic - Home Cinema
2017-04-09 22:35 - 2015-03-31 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2017-04-09 22:35 - 2015-03-30 23:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayClaw 5
2017-04-09 22:35 - 2015-03-30 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmbiBox
2017-04-09 22:35 - 2015-03-24 20:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla Server
2017-04-09 22:35 - 2015-03-19 22:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2017-04-09 22:35 - 2015-03-13 20:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2017-04-09 22:35 - 2015-01-23 17:27 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2017-04-09 22:35 - 2015-01-05 15:28 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2017-04-09 22:35 - 2014-12-15 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WampServer
2017-04-09 22:35 - 2014-10-30 21:52 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2017-04-09 22:35 - 2014-10-07 18:26 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 14
2017-04-09 22:35 - 2014-05-09 18:15 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2017-04-09 22:35 - 2014-02-14 01:12 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2017-04-09 22:35 - 2014-01-08 21:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prismatik
2017-04-09 22:35 - 2013-11-29 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\webcam 7
2017-04-09 22:35 - 2012-07-31 12:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealVNC
2017-04-09 22:35 - 2012-02-12 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2017-04-09 22:35 - 2012-01-05 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
2017-04-09 22:35 - 2011-12-30 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
2017-04-09 22:35 - 2011-12-25 23:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Netzwerk
2017-04-09 22:35 - 2011-12-25 23:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Appz
2017-04-09 22:34 - 2017-03-18 20:23 - 00000000 ____D C:\ProgramData\USOPrivate
2017-04-09 22:34 - 2017-03-18 20:23 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-09 22:31 - 2017-03-18 20:23 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-04-09 22:31 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\system32\spool
2017-04-09 22:31 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\system32\IME
2017-04-09 22:31 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\System
2017-04-09 22:31 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\schemas
2017-04-09 22:31 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-04-09 22:31 - 2017-03-18 20:23 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-09 22:31 - 2016-10-06 22:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2017-04-09 22:31 - 2016-04-26 19:04 - 00000000 ____D C:\WINDOWS\system32\Adobe
2017-04-09 22:31 - 2015-08-06 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2017-04-09 22:31 - 2015-06-02 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-04-09 22:31 - 2015-05-04 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2017-04-09 22:31 - 2014-12-17 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAVIGON
2017-04-09 22:31 - 2014-02-17 23:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-04-09 22:31 - 2013-09-15 15:52 - 00000000 ____D C:\WINDOWS\system32\oodag
2017-04-09 22:31 - 2013-07-01 14:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft
2017-04-09 22:31 - 2011-12-25 23:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Brennen
2017-04-09 22:31 - 2011-12-25 21:10 - 00000000 ____D C:\WINDOWS\system32\SPReview
2017-04-09 22:31 - 2011-12-25 21:09 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2017-04-09 22:27 - 2017-03-15 23:50 - 00000000 ____D C:\Users\fhem\AppData\Local\Packages
2017-04-09 22:24 - 2017-03-18 08:02 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-04-08 20:19 - 2011-12-25 19:01 - 00430248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-04-07 20:11 - 2016-07-20 17:08 - 00000000 ____D C:\Program Files\Yahoo!
2017-04-07 19:54 - 2013-05-17 17:11 - 00000000 ____D C:\Program Files\AIMP3
2017-04-07 17:48 - 2012-12-11 17:56 - 00000000 ____D C:\Program Files\stinger
2017-04-07 17:35 - 2014-03-26 13:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-03 18:56 - 2017-03-18 20:25 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-04-03 18:56 - 2017-03-18 20:25 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-01-08 21:20 - 2014-01-08 21:20 - 17067056 _____ (Sytexis Software                                            ) C:\Program Files\playclaw5.3045.exe
2014-04-06 13:06 - 2015-01-29 22:03 - 0000000 _____ () C:\Users\mikelsoft\AppData\Roaming\FoxitReaderUpdateInfo.txt
2016-07-05 18:50 - 2016-07-05 18:50 - 3172883 _____ () C:\Users\mikelsoft\AppData\Roaming\sb125.dat
2016-07-22 13:39 - 2016-07-22 13:39 - 2842131 _____ () C:\Users\mikelsoft\AppData\Roaming\sb250.dat
2016-08-31 18:43 - 2016-08-31 18:43 - 2433555 _____ () C:\Users\mikelsoft\AppData\Roaming\sb390.dat
2016-08-16 14:51 - 2016-08-16 14:51 - 2658836 _____ () C:\Users\mikelsoft\AppData\Roaming\sb546.dat
2016-07-22 13:39 - 2016-07-22 13:39 - 0352256 _____ () C:\Users\mikelsoft\AppData\Roaming\Setup49278.exe
2016-08-16 14:51 - 2016-08-16 14:51 - 0337920 _____ () C:\Users\mikelsoft\AppData\Roaming\Setup53579.exe
2016-08-31 18:43 - 2016-08-31 18:43 - 0220672 _____ () C:\Users\mikelsoft\AppData\Roaming\Setup67515.exe
2014-10-24 00:27 - 2016-09-30 00:27 - 0000330 _____ () C:\Users\mikelsoft\AppData\Roaming\WB.CFG
2014-02-15 21:27 - 2017-04-26 14:54 - 0000600 _____ () C:\Users\mikelsoft\AppData\Roaming\winscp.rnd
2012-01-11 00:14 - 2015-05-04 15:39 - 0034304 _____ () C:\Users\mikelsoft\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-19 22:59 - 2017-04-20 00:32 - 0000058 _____ () C:\Users\mikelsoft\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2012-12-11 18:06 - 2012-12-11 18:06 - 0000001 _____ () C:\Users\mikelsoft\AppData\Local\llftool.4.25.agreement
2017-04-20 00:45 - 2017-04-20 00:45 - 0000218 _____ () C:\Users\mikelsoft\AppData\Local\recently-used.xbel
2013-07-01 14:39 - 2016-04-25 20:17 - 0000040 ___SH () C:\ProgramData\.zreglib
2016-11-20 04:42 - 2017-04-16 01:04 - 0000000 _____ () C:\ProgramData\CLDShowX.ini
2013-07-21 14:23 - 2015-08-04 00:02 - 23086499 _____ () C:\ProgramData\CMUV.7z
2017-04-20 16:06 - 2017-04-20 16:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-02-20 18:39 - 2017-02-20 18:39 - 0000000 _____ () C:\ProgramData\osd.log

Einige Dateien in TEMP:
====================
2014-09-24 00:42 - 2014-09-24 00:42 - 0013824 _____ () C:\Users\mikelsoft\AppData\Local\Temp\gkey.exe
2015-03-02 14:25 - 2015-03-02 14:25 - 0027648 _____ () C:\Users\mikelsoft\AppData\Local\Temp\pkeyui.exe
2017-04-20 17:26 - 2017-04-20 17:27 - 59432328 _____ () C:\Users\mikelsoft\AppData\Local\Temp\raptrpatch.exe
2017-04-20 17:26 - 2017-04-20 17:26 - 0221632 _____ () C:\Users\mikelsoft\AppData\Local\Temp\raptr_stub.exe
2015-03-01 19:09 - 2017-04-20 13:49 - 0048848 _____ () C:\Users\mikelsoft\AppData\Local\Temp\wabk.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


nointegritychecks: ==> "IntegrityChecks" ist deaktiviert. <===== ACHTUNG

LastRegBack: 2017-04-21 02:10

==================== Ende vom FRST.txt ============================
         

Alt 29.04.2017, 21:27   #10
inesa394
 
Mirai botnet Brief vom Telekom Sicherheitswarnung - Standard

Mirai botnet Brief vom Telekom Sicherheitswarnung



Rechner 2 Adition

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 27-04-2017
durchgeführt von mikelsoft (29-04-2017 19:49:17)
Gestartet von C:\Users\mikelsoft\Desktop
Microsoft Windows 10 Home Version 1703 (X86) (2017-04-10 13:27:23)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Acronis Agent User (S-1-5-21-2866739208-1381630699-1568876280-1005 - Limited - Enabled) => C:\Users\Acronis Agent User
Administrator (S-1-5-21-2866739208-1381630699-1568876280-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2866739208-1381630699-1568876280-503 - Limited - Disabled)
fhem (S-1-5-21-2866739208-1381630699-1568876280-1038 - Limited - Enabled) => C:\Users\fhem
Gast (S-1-5-21-2866739208-1381630699-1568876280-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2866739208-1381630699-1568876280-1045 - Limited - Enabled)
inesa (S-1-5-21-2866739208-1381630699-1568876280-1040 - Limited - Disabled)
mikelsoft (S-1-5-21-2866739208-1381630699-1568876280-1001 - Administrator - Enabled) => C:\Users\mikelsoft

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKLM\...\uTorrent) (Version: 3.1.2 - )
7-Zip 15.09 beta (HKLM\...\7-Zip) (Version: 15.09 - Igor Pavlov)
AC3Filter 2.6.0b (HKLM\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Acronis Disk Director 11 Advanced Bootable Media Builder (HKLM\...\{8EF18153-2F5C-4511-9C05-2BF39F5A241A}) (Version: 11.0.12077 - Acronis)
Acronis Disk Director 11 Advanced* Agent (HKLM\...\{53B91797-7CC8-41AA-999E-C33DAEC63A1A}) (Version: 11.0.12077 - Acronis)
Acronis Disk Director 11 Advanced*Management*Console (HKLM\...\{AFDDB79D-3FB6-4E82-832C-728F73FAC327}) (Version: 11.0.12077 - Acronis)
Acronis True Image (HKLM\...\{5AFD274C-A033-46BE-829A-464595F009FD}Visible) (Version: 21.0.6206 - Acronis)
Acronis True Image (Version: 21.0.6206 - Acronis) Hidden
Adobe Flash Player 25 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\{C1F3739C-D31D-4062-8788-29261C4A2A68}) (Version: 12.2.4.194 - Adobe Systems, Inc)
AIMP (HKLM\...\AIMP) (Version: v4.13.1893, 06.04.2017 - AIMP DevTeam)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.0 - Sereby Corporation)
Amazon Music (HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\...\Amazon Amazon Music) (Version: 5.3.5.1704 - Amazon Services LLC)
AmbiBox (HKLM\...\{EBC9D10B-7560-4CA0-9492-8928CED133EA}_is1) (Version: 2.1.7 - AmbiBox)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
AnyDVD (HKLM\...\AnyDVD) (Version: 7.2.0.0 - SlySoft)
Arduino (HKLM\...\Arduino) (Version: 1.0.5 - Arduino LLC)
AutoHotkey 1.0.48.05 (HKLM\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Bonjour-Druckdienste (HKLM\...\{D6BCB0B1-9AC8-407B-B679-F925A01F2B2C}) (Version: 2.0.0.36 - Apple Inc.)
BubbleUPnP Server (HKLM\...\BubbleUPnP Server) (Version:  - )
CameraHelperMsi (Version: 13.51.815.0 - Logitech) Hidden
chip 1-click download service (HKLM\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Civilization VI Digital Deluxe Edition MULTi2 1.0 (HKLM\...\Civilization VI Digital Deluxe Edition MULTi2 1.0) (Version:  - )
CMD Prompt Here as Administrator PowerToy for Windows Vista v1.0.2 (Uninstall only) (HKLM\...\CmdHereAsAdmin) (Version: 1.0.2 - )
CMD Prompt Here PowerToy v1.0.3 (Uninstall only) (HKLM\...\CmdHere) (Version: 1.0.3 - )
CyberLink PowerDVD 14 (HKLM\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.4412.58 - CyberLink Corp.)
CyberLink PowerDVD 16 (HKLM\...\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}) (Version: 16.0.1510.60 - CyberLink Corp.)
CyberLink PowerDVD 17 (HKLM\...\{D15BFD7F-6BBA-49A7-A6B1-14C00DCA6842}) (Version: 17.0.1201.60 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Deluge 1.3.6 (HKLM\...\Deluge) (Version:  - )
Digital Devices DVB Driver 2.6.5.142 (HKLM\...\{EB417B58-7814-475A-99A1-F17435380004}) (Version: 2.6.5.142 - Digital Devices GmbH)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
Dungeon Keeper 2 (HKLM\...\{4f94b43a-8a00-4ac4-bb94-269cf24aef97}.sdb) (Version:  - )
Dungeon Keeper 2 (HKLM\...\Dungeon Keeper 2_is1) (Version:  - GOG.com)
DVBViewer Pro (HKLM\...\DVBViewer Pro_is1) (Version: 6.0.0 - CM&V)
DVBViewer Recording Service (HKLM\...\DVBViewer Recording Service_is1) (Version: 1.33.02.01 - CM&V)
Emby Server (HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\...\Emby Server) (Version: 3.2 - Emby Team)
erLT (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
FileHippo App Manager (HKLM\...\FileHippo.com) (Version:  - FileHippo.com)
FileZilla Client 3.16.0 (HKLM\...\FileZilla Client) (Version: 3.16.0 - Tim Kosse)
FileZilla Server (HKLM\...\FileZilla Server) (Version: beta 0.9.60 - FileZilla Project)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.1.3.321 - Foxit Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 59.0.3071.29 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.33.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GTK2-Runtime (HKLM\...\GTK2-Runtime) (Version: 2.16.6-2010-05-12-ash - Alexander Shaduri)
HDD Regenerator (HKLM\...\{97A39919-9FEA-48B7-AB2B-4F99212D1E98}) (Version: 20.11.0011 - Abstradrome)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1036 - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4508 - Intel Corporation)
Java 8 Update 101 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kodi (HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\...\Kodi) (Version:  - XBMC-Foundation)
LG United Mobile Driver (HKLM\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.14.1 - LG Electronics)
Logitech Webcam-Software (HKLM\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MDAPI_Plus (HKLM\...\MDAPI_Plus) (Version: 0.9.0.0 - Alexander Plyas)
Media Control  6.0.8 (HKLM\...\Media Control_is1) (Version:  - Damien Bain-Thouverez)
MediaInfo 0.7.92 (HKLM\...\MediaInfo) (Version: 0.7.92 - MediaArea.net)
Microsoft Baseline Security Analyzer 2.3 (HKLM\...\{9CB185CC-EDD4-45C5-A4E1-29B766E7B189}) (Version: 2.3.2211 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE) (Version:  - Microsoft Corporation)
MKVcleaver (HKLM\...\{00A7BE0D-0E8C-4FC5-8889-98930366DC2C}) (Version: 6.0.2 - Ilia Bakhmoutski (sheck))
MKVToolNix 9.8.0 (32bit) (HKLM\...\MKVToolNix) (Version: 9.8.0 - Moritz Bunkus)
Mozilla Firefox 53.0 (x86 de) (HKLM\...\Mozilla Firefox 53.0 (x86 de)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.0.6312 - Mozilla)
MPC-BE 1.5.1.2345 (HKLM\...\{903D098F-DD50-4342-AD23-DA868FCA3126}_is1) (Version: 1.5.1.2345 - MPC-BE Team)
MPC-HC 1.7.10.28 (0115ec4) Nightly (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.10.28 - MPC-HC Team)
MyHarmony (HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
MySQL Tools for 5.0 (HKLM\...\{FCB10DE3-E190-4A7E-B06A-FAC61567ABFC}) (Version: 5.0.17 - MySQL AB, Sun Microsystems, Inc.)
NAVIGON Fresh 3.5.1 (HKLM\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
No-IP DUC (HKLM\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM\...\Notepad++) (Version: 6.9 - Notepad++ Team)
OpenVPN 2.3.8-I601  (HKLM\...\OpenVPN) (Version: 2.3.8-I601 - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PlayClaw 5 (HKLM\...\PlayClaw 5_is1) (Version: 5 - )
PlayClaw 5 fast codec (HKLM\...\PlayClaw 5 fast codec_is1) (Version: 5 - )
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PlaysTV (HKLM\...\PlaysTV) (Version: 1.19.0-r120634-release - Plays.tv, LLC)
Potplayer (HKLM\...\PotPlayer) (Version:  - Kakao Corp.)
Prismatik (remove only) (HKLM\...\{2175EE1B-0160-4862-9096-C522B1B99042}_is1) (Version: 5.9.6 - Pixelkit LLC)
PuTTY release 0.65 (HKLM\...\PuTTY_is1) (Version: 0.65 - Simon Tatham)
Python 2.7.13 (HKLM\...\{4A656C6C-D24A-473F-9747-3A8D00907A03}) (Version: 2.7.13150 - Python Software Foundation)
Raptr (HKLM\...\Raptr) (Version: 5.2.8-r120085-release - Raptr, Inc)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8105 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Screenshot Captor 4.20.1 (HKLM\...\ScreenshotCaptor_is1) (Version:  - )
Shark007 ADVANCED Codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 7.3.1 - Shark007)
SichboPVR (HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\...\7c6b090ee13ed70a) (Version: 3.0.0.159 - Sichbo Interactive)
Skype™ 7.3 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
TeamViewer 11 (HKLM\...\TeamViewer) (Version: 11.0.76421 - TeamViewer)
TechPowerUp GPU-Z (HKLM\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
TeraCopy 3.0 alfa 3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
TP-LINK PLC Utility (HKLM\...\{B0E80E49-FBC8-4A5B-B04C-222CBD95B2F6}) (Version: 2.1.2309 - TP-LINK)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
VNC Mirror Driver 1.8.0 (HKLM\...\VNCMirror_is1) (Version: 1.8.0 - RealVNC Ltd.)
VNC Printer Driver 1.8.0 (HKLM\...\VNCPrinter_is1) (Version: 1.8.0 - RealVNC Ltd.)
VNC Server 5.0.0 (HKLM\...\RealVNC_is1) (Version: 5.0.0 - RealVNC Ltd)
VNC Viewer 5.0.0 (HKLM\...\RealVNCViewer_is1) (Version: 5.0.0 - RealVNC Ltd)
Wampserver32 3.0.6 (HKLM\...\{wampserver32}_is1) (Version: 3.0.6 - Dominique Ottello aka Otomatic)
webcam 7 (HKLM\...\webcam 7) (Version: 1.2.0.0 - Moonware Studios)
Windows 10-Upgrade-Assistent (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17384 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinSCP 5.7.7 (HKLM\...\winscp3_is1) (Version: 5.7.7 - Martin Prikryl)
XBMCCustomregis 2.80.01 (HKLM\...\XBMCCustomregis) (Version: 2.80.01 - Elitegamer360)
YoutubeDLG Version 0.3.7 (HKLM\...\{3C455028-FC99-4846-8E04-4FCD87D85613}_is1) (Version: 0.3.7 - Sotiris Papadopoulos)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2866739208-1381630699-1568876280-1001_Classes\CLSID\{c200b111-2f40-4eb0-8187-c5553fc3df6f}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {14006FF0-4225-4071-B7AE-C1084C64ACB6} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel(R) Corporation)
Task: {1DA5A2AF-BB8E-436B-B95F-6CA45CFE41EE} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe 
Task: {2CA96575-A54E-4D27-B3C7-F6037B2C009E} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin\InstallManagerApp.exe [2016-02-26] (Advanced Micro Devices, Inc.)
Task: {31E5C949-1E29-4040-87CE-D09BFCEFEA79} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {33B784D7-32F4-4CDA-8CDC-A3A49CCCA078} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {3FC63559-0C10-4956-A445-EF493AA2A976} - \Microsoft\Windows\Setup\gwx\runappraiser -> Keine Datei <==== ACHTUNG
Task: {412035D4-F0B8-4E1C-A54B-53C09BFEA250} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {650E4F84-26C4-4D60-85C3-8C9A3B7BCA77} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-11] (Adobe Systems Incorporated)
Task: {6DEA71CC-1560-47A7-9E9F-E69B77B88F30} - System32\Tasks\CrystalDiskInfo => C:\systemtest\CrystalDiskInfo6_5_2\DiskInfo.exe [2015-06-14] (Crystal Dew World)
Task: {7CB57919-CBCE-474A-A296-2BF91DC2D4E2} - System32\Tasks\S-1-5-21-2866739208-1381630699-1568876280-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation)
Task: {8B85AFF4-293F-4812-B824-95F08AB243B6} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files\Microsoft Security Client\MpCmdRun.exe 
Task: {A869F295-3A39-4546-A7DB-84B6DE672776} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {C64D0B95-293A-429E-BEEE-1629179AADFD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe 
Task: {D46D9F9C-6EB3-4041-86F6-65F91AAF99EA} - System32\Tasks\{7BBE25DE-2E1E-4A56-8485-6F1A4F73D77E} => C:\Program Files\CyberLink\PowerDVD12\PDVDLaunchPolicy.exe 
Task: {DB544697-B336-4D84-9F7B-0116A17317D1} - System32\Tasks\{156E78B4-2289-4815-B0F4-222EBBA0D664} => pcalua.exe -a C:\Users\mikelsoft\AppData\Roaming\istartsurf\UninstallManager.exe -c  -ptid=smt
Task: {DD654313-CDE6-4B42-A576-53E96248F099} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {E1D0E22A-29BE-47C7-A6FA-612A300EBD3A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {EBC84DDC-BDB9-4047-9EFD-B6C11B2197B5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-04-11] (Microsoft Corporation)
Task: {EFECB985-9FD2-4157-B52B-42BE3A748F84} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Emby\Emby Server Dashboard.lnk -> hxxp://localhost:8096/web/dashboard.htm

ShortcutWithArgument: C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Codebender App.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=magknjdfniglanojbpadmpjlglepnlko
ShortcutWithArgument: C:\Users\mikelsoft\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\efa07ab808c27a35\Google Chrome.lnk -> G:\MyDownloads\chrome32\chrome.exe (Google Inc.) -> --profile-directory=Default

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-06-22 10:47 - 2011-06-22 10:47 - 00024064 _____ () C:\WINDOWS\System32\ssp6ml3.dll
2017-03-05 11:18 - 2017-04-06 16:32 - 00019184 _____ () C:\WINDOWS\system32\spool\PRTPROCS\W32X86\TeamViewer_PrintProcessor.dll
2014-07-24 10:49 - 2014-07-24 10:49 - 00420352 _____ () C:\Program Files\BubbleUPnP Server\BubbleUPnPServer.exe
2016-10-11 12:34 - 2016-10-11 12:34 - 02386352 _____ () C:\Program Files\Common Files\Acronis\ActiveProtection\xerces_c.dll
2016-08-29 21:16 - 2016-08-29 21:16 - 00685488 _____ () C:\Program Files\Common Files\Acronis\Home\sqlite3.dll
2016-10-12 19:14 - 2016-10-12 19:14 - 00277538 _____ () C:\Program Files\Common Files\Acronis\ActiveProtection\LIBMAGIC.dll
2016-11-23 14:41 - 2016-11-23 14:41 - 00160168 _____ () C:\Program Files\Common Files\Acronis\Home\libevent.dll
2016-11-01 22:35 - 2016-11-01 22:35 - 00263592 _____ () C:\Program Files\Common Files\Acronis\Home\onig.dll
2017-04-08 14:59 - 2017-04-08 14:59 - 01060328 _____ () C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
2017-04-19 21:10 - 2017-04-19 21:10 - 06086232 _____ () C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
2017-04-07 17:35 - 2017-04-12 20:59 - 01736992 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-08 15:47 - 2017-04-08 15:47 - 03638232 _____ () C:\Program Files\Common Files\Acronis\Infrastructure\atih_mms_addon.dll
2017-04-08 15:46 - 2017-04-08 15:46 - 01315464 _____ () C:\Program Files\Common Files\Acronis\Infrastructure\services_mms_addon.dll
2017-04-08 15:45 - 2017-04-08 15:45 - 20914296 _____ () C:\Program Files\Acronis\TrueImageHome\ti_managers.dll
2017-04-08 14:58 - 2017-04-08 14:58 - 00397232 _____ () C:\Program Files\Common Files\Acronis\Home\resource.dll
2016-08-15 11:28 - 2016-08-15 11:28 - 00129968 _____ () C:\Program Files\Acronis\TrueImageHome\afcdpapi.dll
2017-03-07 11:48 - 2017-03-07 11:48 - 00248240 _____ () C:\Program Files\Common Files\Acronis\Home\sync_agent_api.dll
2014-05-03 00:58 - 2014-05-03 00:58 - 00011776 _____ () C:\Program Files\No-IP\ducservice.exe
2014-05-03 00:55 - 2014-05-03 00:55 - 00071680 _____ () C:\Program Files\No-IP\ducapi.dll
2017-02-16 04:19 - 2017-02-16 04:19 - 00033280 _____ () C:\Program Files\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 00103424 _____ () C:\Program Files\Raptr Inc\PlaysTV\win32api.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 00111616 _____ () C:\Program Files\Raptr Inc\PlaysTV\pywintypes35.dll
2017-02-16 04:19 - 2017-02-16 04:19 - 00041984 _____ () C:\Program Files\Raptr Inc\PlaysTV\win32process.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 00405504 _____ () C:\Program Files\Raptr Inc\PlaysTV\pythoncom35.dll
2017-02-16 04:19 - 2017-02-16 04:19 - 00173568 _____ () C:\Program Files\Raptr Inc\PlaysTV\win32gui.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 01934336 _____ () C:\Program Files\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 00077824 _____ () C:\Program Files\Raptr Inc\PlaysTV\sip.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 01780736 _____ () C:\Program Files\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 00505856 _____ () C:\Program Files\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 03812864 _____ () C:\Program Files\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2016-10-20 01:28 - 2016-10-20 01:28 - 01243936 _____ () C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-03-07 11:57 - 2017-03-07 11:57 - 07014728 _____ () C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
2016-08-29 23:57 - 2016-08-29 23:57 - 00444336 _____ () C:\Program Files\Common Files\Acronis\Home\ulxmlrpcpp.dll
2016-08-29 21:16 - 2016-08-29 21:16 - 00115632 _____ () C:\Program Files\Common Files\Acronis\Home\expat.dll
2017-03-18 20:19 - 2017-03-18 20:19 - 00116824 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-02 11:41 - 2017-03-02 11:41 - 05245552 _____ () C:\Program Files\Acronis\TrueImageHome\tishell.dll
2016-02-29 12:25 - 2016-02-29 12:25 - 00048816 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2015-09-09 13:35 - 2015-04-21 21:55 - 02308608 _____ () C:\Program Files\TeraCopy\TeraCopyExt.dll
2016-02-21 23:38 - 2016-02-21 23:38 - 00267952 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2017-04-19 01:14 - 2016-11-16 03:10 - 00051712 _____ () C:\ProgramData\CyberLink\PowerDVD17\OpenWith\PDVD_Shell.dll
2012-09-04 17:17 - 2015-04-21 22:11 - 01063936 _____ () C:\Program Files\TeraCopy\TeraCopy.dll
2017-03-18 20:19 - 2017-03-19 10:58 - 01456128 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-04-26 06:57 - 2017-04-26 06:58 - 00067584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x86__kzf8qxf38zg5c\SkypeHost.exe
2017-04-26 06:57 - 2017-04-26 06:58 - 00162304 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-26 06:57 - 2017-04-26 06:58 - 30891008 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x86__kzf8qxf38zg5c\SkyWrap.dll
2017-04-26 06:57 - 2017-04-26 06:58 - 01737216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x86__kzf8qxf38zg5c\skypert.dll
2017-04-08 14:59 - 2017-04-08 14:59 - 00589104 _____ () C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
2012-09-13 01:38 - 2012-09-13 01:38 - 02144104 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 07955304 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00341352 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00028008 _____ () C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00127336 _____ () C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2017-04-08 15:55 - 2017-04-08 15:55 - 05110240 _____ () C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
2017-04-08 14:58 - 2017-04-08 14:58 - 07996848 _____ () C:\Program Files\Acronis\TrueImageHome\qt_resources.dll
2017-04-08 14:58 - 2017-04-08 14:58 - 00049584 _____ () C:\Program Files\Common Files\Acronis\Home\rpc_client.dll
2015-06-25 16:02 - 2015-06-25 16:02 - 00012288 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:03 - 2015-06-25 16:03 - 00690176 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:02 - 2015-06-25 16:02 - 00012288 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:03 - 2015-06-25 16:03 - 00057856 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:47 - 2015-06-25 15:47 - 00010240 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:46 - 2015-06-25 15:46 - 01601536 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2014-05-03 00:55 - 2014-05-03 00:55 - 00346624 _____ () C:\Program Files\No-IP\DUC40.exe
2009-09-25 20:57 - 2009-09-25 20:57 - 00245248 _____ () C:\Program Files\AutoHotkey\AutoHotkey.exe
2017-04-05 22:20 - 2017-04-05 22:20 - 06578176 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x86__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-04-05 22:20 - 2017-04-05 22:20 - 01677312 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x86__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2017-04-05 22:20 - 2017-04-05 22:20 - 00615936 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x86__8wekyb3d8bbwe\WinStore.Vui.dll
2017-03-16 23:27 - 2013-04-12 14:23 - 00612664 _____ () C:\Program Files\DVBViewer\sqlite3.dll
2013-02-25 19:50 - 2013-02-25 19:50 - 00033792 _____ () G:\Deluge\deluge.exe
2010-08-24 20:47 - 2010-08-24 20:47 - 00040448 _____ () G:\Deluge\_socket.pyd
2010-08-24 20:48 - 2010-08-24 20:48 - 00720896 _____ () G:\Deluge\_ssl.pyd
2011-02-26 19:33 - 2011-02-26 19:33 - 00096768 _____ () G:\Deluge\win32api.pyd
2011-02-27 18:12 - 2011-02-27 18:12 - 00110080 _____ () G:\Deluge\pywintypes26.dll
2011-04-09 10:58 - 2011-04-09 10:58 - 00058368 _____ () G:\Deluge\glib._glib.pyd
2011-04-09 10:58 - 2011-04-09 10:58 - 00113152 _____ () G:\Deluge\gobject._gobject.pyd
2012-12-15 02:20 - 2012-12-15 02:20 - 00019968 _____ () G:\Deluge\zope.interface._zope_interface_coptimizations.pyd
2012-12-15 02:20 - 2012-12-15 02:20 - 00006656 _____ () G:\Deluge\twisted.python._initgroups.pyd
2011-09-02 13:55 - 2011-09-02 13:55 - 00056320 _____ () G:\Deluge\OpenSSL.crypto.pyd
2011-09-02 13:55 - 2011-09-02 13:55 - 00010752 _____ () G:\Deluge\OpenSSL.rand.pyd
2011-09-02 13:55 - 2011-09-02 13:55 - 00043520 _____ () G:\Deluge\OpenSSL.SSL.pyd
2010-08-24 20:48 - 2010-08-24 20:48 - 00073728 _____ () G:\Deluge\_ctypes.pyd
2011-02-26 19:32 - 2011-02-26 19:32 - 00035840 _____ () G:\Deluge\win32process.pyd
2010-08-24 20:48 - 2010-08-24 20:48 - 00011776 _____ () G:\Deluge\select.pyd
2011-02-26 19:31 - 2011-02-26 19:31 - 00112128 _____ () G:\Deluge\win32file.pyd
2011-02-26 19:31 - 2011-02-26 19:31 - 00017408 _____ () G:\Deluge\win32event.pyd
2011-02-26 19:33 - 2011-02-26 19:33 - 00167424 _____ () G:\Deluge\win32gui.pyd
2011-04-09 11:00 - 2011-04-09 11:00 - 01882624 _____ () G:\Deluge\gtk._gtk.pyd
2012-02-09 01:43 - 2012-02-09 01:43 - 00100352 _____ () G:\Deluge\zlib1.dll
2012-02-09 01:43 - 2012-02-09 01:43 - 00230529 _____ () G:\Deluge\libpng14-14.dll
2012-02-09 01:43 - 2012-02-09 01:43 - 01294335 _____ () G:\Deluge\libcairo-2.dll
2012-02-09 01:43 - 2012-02-09 01:43 - 00279059 _____ () G:\Deluge\libfontconfig-1.dll
2012-02-09 01:43 - 2012-02-09 01:43 - 00538324 _____ () G:\Deluge\freetype6.dll
2012-02-09 01:43 - 2012-02-09 01:43 - 00143096 _____ () G:\Deluge\libexpat-1.dll
2010-11-02 22:34 - 2010-11-02 22:34 - 00069632 _____ () G:\Deluge\cairo._cairo.pyd
2011-04-09 10:58 - 2011-04-09 10:58 - 00263168 _____ () G:\Deluge\gio._gio.pyd
2011-04-09 11:01 - 2011-04-09 11:01 - 00111616 _____ () G:\Deluge\pango.pyd
2011-04-09 11:01 - 2011-04-09 11:01 - 00208384 _____ () G:\Deluge\atk.pyd
2011-04-09 11:01 - 2011-04-09 11:01 - 00017920 _____ () G:\Deluge\pangocairo.pyd
2011-04-09 11:01 - 2011-04-09 11:01 - 00018944 _____ () G:\Deluge\gtk.glade.pyd
2012-02-09 01:43 - 2012-02-09 01:43 - 00168833 _____ () G:\Deluge\libglade-2.0-0.dll
2012-02-09 01:43 - 2012-02-09 01:43 - 01225225 _____ () G:\Deluge\libxml2-2.dll
2010-08-24 20:48 - 2010-08-24 20:48 - 00286208 _____ () G:\Deluge\_hashlib.pyd
2011-02-26 19:32 - 2011-02-26 19:32 - 00023552 _____ () G:\Deluge\win32pipe.pyd
2013-02-25 19:50 - 2013-02-25 19:50 - 00156686 _____ () G:\Deluge\lib\gtk-2.0\2.10.0\engines\libmurrine.dll
2012-02-09 01:43 - 2012-02-09 01:43 - 00062248 _____ () G:\Deluge\lib\gtk-2.0\2.10.0\engines\libpixmap.dll
2012-02-22 03:43 - 2012-02-22 03:43 - 01949184 _____ () G:\Deluge\libtorrent.pyd
2013-04-06 13:26 - 2013-04-05 22:26 - 01679360 _____ () C:\WINDOWS\SYSTEM32\ac3filter.acm
2017-04-13 17:59 - 2008-02-15 21:17 - 00022816 _____ () C:\Program Files\DVBViewer\Plugins\EPGplus.dll
2017-04-13 17:58 - 2005-11-05 11:11 - 00042496 _____ () C:\Program Files\DVBViewer\Plugins\myMCE2005.dll
2017-04-13 17:59 - 2005-11-01 20:28 - 00042496 _____ () C:\Program Files\DVBViewer\Plugins\myMCEIr.dll
2017-03-20 20:17 - 2013-04-05 22:26 - 02106368 _____ () C:\Program Files\AC3Filter\ac3filter.ax
2017-03-20 20:17 - 2013-04-05 22:27 - 01021440 _____ () C:\Program Files\AC3Filter\ac3filter_intl.dll
2017-04-13 18:00 - 2013-04-18 22:50 - 04254720 _____ () C:\Program Files\DVBViewer\Plugins\EPGplus.exe

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\CLDShowX.ini:Update.CL [5122]
AlternateDataStreams: C:\ProgramData\Temp:B755D674 [136]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-02-07 21:48 - 2017-04-19 21:20 - 00566820 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1  localhost
127.0.0.1 hh-software.com 
127.0.0.1 www.hh-software.com 


Da befinden sich 12436 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "PlaysTV"

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [{C680C081-2410-43F8-829B-139F6FB7FD26}] => (Allow) C:\Program Files\DVBViewer\DVBVservice.exe
FirewallRules: [{A6CE6AF9-C281-4E87-9199-96B21CEE6E1B}] => (Allow) C:\Program Files\DVBViewer\DVBVservice.exe
FirewallRules: [{8026E338-4CF5-4638-9FB7-D9EFB0FBB897}] => (Allow) C:\Program Files\DVBViewer\DVBViewer.exe
FirewallRules: [{210947E3-1270-4687-978A-80507BD9F3E1}] => (Allow) C:\Program Files\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{EF3B3C6B-D9F2-4181-AA81-7E54E5168A39}] => (Allow) C:\Program Files\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{08AD3E95-DA01-4F3E-BE6E-69721CA8FB23}] => (Allow) C:\Program Files\DVBViewer\DVBViewer.exe
FirewallRules: [UDP Query User{ADB20143-2EE7-44FF-9696-64BF6530CBD5}C:\users\mikelsoft\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\mikelsoft\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [TCP Query User{CD0DF7ED-285D-4E8C-ABB9-320C8D8F692C}C:\users\mikelsoft\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\mikelsoft\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [UDP Query User{74BE6746-828C-42E2-BC2E-47B7B4B99868}G:\mydownloads\chrome32\chrome.exe] => (Block) G:\mydownloads\chrome32\chrome.exe
FirewallRules: [TCP Query User{1C9A4435-0A5E-4CBA-8CC8-FF93E41D67F0}G:\mydownloads\chrome32\chrome.exe] => (Block) G:\mydownloads\chrome32\chrome.exe
FirewallRules: [UDP Query User{4A262176-6AF6-41A2-A821-0590D7C28BAF}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files\tp-link\tp-link plc utility\tpplc.exe
FirewallRules: [TCP Query User{8FED74D7-0996-417B-A67E-8120179635CA}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files\tp-link\tp-link plc utility\tpplc.exe
FirewallRules: [{5E31B134-F0A1-4E30-A0DD-F9871BB552D9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D0C8E4F5-4A08-4F99-A3C9-42AC902618C6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{823B33EB-50AD-4560-B535-37E086579653}] => (Allow) C:\Program Files\Raptr\raptr_im.exe
FirewallRules: [{4A9AB71B-86CB-4815-8CA1-774B3213A1A7}] => (Allow) C:\Program Files\Raptr\raptr_im.exe
FirewallRules: [{5C60F8FD-ED2C-4924-A5A0-FD59739BD8BA}] => (Allow) C:\Program Files\Raptr\raptr.exe
FirewallRules: [{0CC9AF0E-7545-4D1B-967B-6CD2F3C6D0ED}] => (Allow) C:\Program Files\Raptr\raptr.exe
FirewallRules: [UDP Query User{A73BB4A8-F0C7-42CE-96F1-CD960C910D1D}G:\download\hfs285.exe] => (Allow) G:\download\hfs285.exe
FirewallRules: [TCP Query User{30B9B641-87D8-4C08-B4E7-70E94F8690BA}G:\download\hfs285.exe] => (Allow) G:\download\hfs285.exe
FirewallRules: [{0D53E0DE-865F-4841-81C8-9A2858C8F9EA}] => (Allow) %SystemDrive%\Programme\DVBViewer\DVBVservice.exe
FirewallRules: [{ADF28217-4D1B-46E0-B6D7-9169C5E35662}] => (Allow) %SystemDrive%\Programme\DVBViewer\dvbviewer.exe
FirewallRules: [{435B440A-9DE4-4303-AD05-6DBCFACC91A8}] => (Allow) %SystemDrive%\Programme\DVBViewer\dvbviewer.exe
FirewallRules: [{4D1F9998-B17E-4385-8745-03817039F172}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{F2FEF067-6246-43E0-B9E9-71F8095A3B10}] => (Allow) LPort=3306
FirewallRules: [TCP Query User{9D45A228-75D7-4A0D-AAFC-83E3BC72A703}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{7A423006-E67C-4C89-BB50-4A6282B2BED8}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{632C7F50-DE03-4B85-AC3F-5E6899E228FB}] => (Allow) C:\Program Files\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{F2722436-2A3D-4B69-84DA-B96576A05EF2}] => (Allow) C:\Program Files\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{5A2087CF-27B5-4F8D-B064-D93B41C6BB2D}] => (Allow) C:\Program Files\Acronis\DiskDirectorAdvanced\mms.exe
FirewallRules: [{694B6FDA-78FB-416E-ABBB-1DEB5BF64D4B}] => (Allow) C:\Program Files\Acronis\DiskDirectorAdvanced\mms.exe
FirewallRules: [TCP Query User{0BA91ADF-4E26-4465-8FB4-3F7DD76F5BF4}G:\deluge\deluge.exe] => (Allow) G:\deluge\deluge.exe
FirewallRules: [UDP Query User{D5F398AF-4EBA-4590-A1D8-EA4C7381589E}G:\deluge\deluge.exe] => (Allow) G:\deluge\deluge.exe
FirewallRules: [{78093FE6-AA9A-4364-AFBB-654D6984BAB0}] => (Allow) LPort=21
FirewallRules: [TCP Query User{B9AEF3FB-D2E7-48B8-9D9D-CAFF1590032B}G:\deluge\deluge.exe] => (Allow) G:\deluge\deluge.exe
FirewallRules: [UDP Query User{B64685AE-9D79-4AC7-A16D-79F483BD474E}G:\deluge\deluge.exe] => (Allow) G:\deluge\deluge.exe
FirewallRules: [{ED1F4936-BB16-42A2-901D-69FBF8B0CA06}] => (Allow) %SystemDrive%\Programme\Kodi\Kodi.exe
FirewallRules: [{FE19566B-3931-4C00-AF5D-89194436DFB4}] => (Allow) G:\torrentq\uTorrent.exe
FirewallRules: [{A4FF37CB-7660-4696-AD2A-5651A47A44AA}] => (Allow) G:\torrentq\uTorrent.exe
FirewallRules: [TCP Query User{50341A0B-6129-4238-A794-0F5947C9D58A}G:\deluge\deluged.exe] => (Allow) G:\deluge\deluged.exe
FirewallRules: [UDP Query User{A3DF94DE-42B8-4ABD-BA52-D2DC09AEB3F7}G:\deluge\deluged.exe] => (Allow) G:\deluge\deluged.exe
FirewallRules: [{31BFD31D-465F-4682-A337-9EDCE90622CB}] => (Allow) LPort=8089
FirewallRules: [{2DB55745-7047-4993-8034-31C3225EFB68}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{8EF39283-3B9F-4BB1-8A2C-F4F08F258FD5}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{38AABD1A-E9FD-4357-8B45-4CCCDABBBCAA}] => (Allow) LPort=34000
FirewallRules: [TCP Query User{21AB57A5-63D3-4485-A3CF-9148DE45C7F5}C:\program files\webcam 7\wlite.exe] => (Allow) C:\program files\webcam 7\wlite.exe
FirewallRules: [UDP Query User{D95B4384-DA54-4A81-9AFA-700795057F2C}C:\program files\webcam 7\wlite.exe] => (Allow) C:\program files\webcam 7\wlite.exe
FirewallRules: [{F2BAF6DD-3A62-4D87-AAED-B17D524E784C}] => (Block) %ProgramFiles%\HDD Regenerator\HDD Regenerator.exe
FirewallRules: [{EE7E3D0C-AB1C-415F-9808-48730973438E}] => (Block) %ProgramFiles%\HDD Regenerator\hddreg.exe
FirewallRules: [{FBA0286D-8149-4DAF-8A0E-BD8AA383F4C3}] => (Block) %ProgramFiles%\HDD Regenerator\Shell.exe
FirewallRules: [{49A9F8E4-D49B-4A6A-986F-DE3B65324F59}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DE247741-B76D-46BB-A016-F773E3DB587E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{79A5E3B0-25D0-4E3B-99BB-C970CCED3471}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{5AAE740E-C3A7-4E0E-9029-B06FADCC80C7}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{1B322716-0D63-49D4-9033-D3DF90628167}] => (Allow) C:\Program Files\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{596C2785-8F07-497E-B920-34B9736D8CF7}] => (Allow) C:\Program Files\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{EBC9DF68-9B3B-4BB9-B978-63A0F92F65A5}] => (Allow) C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{BBAAE3FD-88C6-45A8-92B5-F396AB9386D4}] => (Allow) C:\Program Files\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{5949AC1A-77A4-4463-8C6D-A1A07CB598E4}] => (Allow) C:\Program Files\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{B093CFAB-8298-49BF-A1DA-601A95826AF7}] => (Allow) C:\Program Files\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{E37D9D83-6D5A-48A6-9D65-A840CBEE57DD}] => (Block) %ProgramFiles%\CyberLink\PowerDVD12\Activate.exe
FirewallRules: [{6EF7E097-3F43-4F31-B8D4-18C6B13CFCBB}] => (Block) %ProgramFiles%\CyberLink\PowerDVD12\PDVDLaunchPolicy.exe
FirewallRules: [{4381B70E-11E4-4D16-922D-833B468C5C21}] => (Block) %ProgramFiles%\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{C763C561-250F-4762-99A7-D1D77B7D278D}] => (Block) %ProgramFiles%\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{1D064B7A-08B3-43D8-9B8F-9C83E757097F}] => (Block) %ProgramFiles%\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{6730A0EE-3C06-400B-988A-BEA4AE1F2BF9}] => (Block) %ProgramFiles%\CyberLink\PowerDVD12\OLRSubmission\OLRSubmission.exe
FirewallRules: [TCP Query User{1E8F15C2-9CFB-44A4-AA2C-12D91C4385C6}C:\program files\ps3 media server\jre\bin\javaw.exe] => (Allow) C:\program files\ps3 media server\jre\bin\javaw.exe
FirewallRules: [UDP Query User{9C302410-962E-4F39-B800-D30444C2F82E}C:\program files\ps3 media server\jre\bin\javaw.exe] => (Allow) C:\program files\ps3 media server\jre\bin\javaw.exe
FirewallRules: [TCP Query User{97C19907-1283-43D3-A093-A967E2C64A91}G:\mydownloads\oo.defrag.professional.v16.0.139.portable.preactivated\o&o defrag\local\stubexe\0x91e85def82427929\oodag.exe] => (Allow) G:\mydownloads\oo.defrag.professional.v16.0.139.portable.preactivated\o&o defrag\local\stubexe\0x91e85def82427929\oodag.exe
FirewallRules: [UDP Query User{385C02C6-0462-4F20-9D7D-745FCC54E094}G:\mydownloads\oo.defrag.professional.v16.0.139.portable.preactivated\o&o defrag\local\stubexe\0x91e85def82427929\oodag.exe] => (Allow) G:\mydownloads\oo.defrag.professional.v16.0.139.portable.preactivated\o&o defrag\local\stubexe\0x91e85def82427929\oodag.exe
FirewallRules: [TCP Query User{81AD0904-5734-4E11-8046-014AE582B297}C:\program files\deluge\deluge.exe] => (Allow) C:\program files\deluge\deluge.exe
FirewallRules: [UDP Query User{972ECDA5-1933-4831-91D3-A85E13CFD95B}C:\program files\deluge\deluge.exe] => (Allow) C:\program files\deluge\deluge.exe
FirewallRules: [{EA3D57DC-560E-47EC-91CC-FCE4A4E84261}] => (Allow) %SystemDrive%\Programme\DVBViewer\DVBVservice.exe
FirewallRules: [{1EFA9EBA-E40C-48A4-A41B-CBEE2739F748}] => (Allow) %ProgramFiles%\DVBViewer\dvbviewer.exe
FirewallRules: [TCP Query User{881BDB96-6810-4631-B605-7AAC7259E52D}G:\downloads\hfs285.exe] => (Allow) G:\downloads\hfs285.exe
FirewallRules: [TCP Query User{807DBE3E-D74B-438D-BC57-7A90BE909593}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{ED9C6457-EDB0-4702-8E6A-2A739CBB94B7}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{DD06B0D3-5610-40A6-AFD9-5D7D26A4B888}C:\program files\freesshd\freesshdservice.exe] => (Allow) C:\program files\freesshd\freesshdservice.exe
FirewallRules: [UDP Query User{A255CA19-88C9-449E-A874-5A0CB1995761}C:\program files\freesshd\freesshdservice.exe] => (Allow) C:\program files\freesshd\freesshdservice.exe
FirewallRules: [TCP Query User{94E4B885-537C-486A-8E10-C3B8F6C57CA2}C:\users\mikelsoft\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\mikelsoft\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{5C23E2F7-E266-49E5-847B-8599FEFAA767}C:\users\mikelsoft\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\mikelsoft\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [PotPlayer(PotPlayerMini.exe)] => (Allow) C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe
FirewallRules: [{8612FF47-5880-4177-9ED4-07A56EF44ADC}] => (Allow) C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe
FirewallRules: [TCP Query User{0AE48706-C87D-4EB0-A47E-32A1737A669A}G:\downloads\hfs285.exe] => (Allow) G:\downloads\hfs285.exe
FirewallRules: [{5E6CA01F-5E45-4804-940D-05AFB21EB48B}] => (Allow) C:\Program Files\webcam 7\wLite.exe
FirewallRules: [{49BB4D10-0B38-4943-B918-B8500BE07744}] => (Allow) C:\Program Files\webcam 7\wLite.exe
FirewallRules: [{3B1C783E-216B-4E4E-B543-C412E9ACE8AF}] => (Allow) C:\Program Files\webcam 7\wService.exe
FirewallRules: [{23B2F347-8747-46E5-8E08-133D19BE6937}] => (Allow) C:\Program Files\webcam 7\wService.exe
FirewallRules: [TCP Query User{311A14EB-0DFC-4D23-BDDB-C5D64D46CA36}C:\program files\dvbviewer\httpserver.exe] => (Allow) C:\program files\dvbviewer\httpserver.exe
FirewallRules: [UDP Query User{4BA8D9C1-C490-4F17-8D6C-1A47863C1E0A}C:\program files\dvbviewer\httpserver.exe] => (Allow) C:\program files\dvbviewer\httpserver.exe
FirewallRules: [TCP Query User{7B507B35-351B-4202-828F-C9F9FC707463}C:\program files\ambibox\ambibox.exe] => (Allow) C:\program files\ambibox\ambibox.exe
FirewallRules: [UDP Query User{23ED0DB2-9F07-48CA-8564-A69761DC19E8}C:\program files\ambibox\ambibox.exe] => (Allow) C:\program files\ambibox\ambibox.exe
FirewallRules: [TCP Query User{FEB968C3-E960-4EC3-92BF-80104F877085}C:\program files\prismatik\prismatik.exe] => (Allow) C:\program files\prismatik\prismatik.exe
FirewallRules: [UDP Query User{C7F04A6F-C89F-4D27-A224-AB0E756B139A}C:\program files\prismatik\prismatik.exe] => (Allow) C:\program files\prismatik\prismatik.exe
FirewallRules: [TCP Query User{745FCC82-A109-4B91-8574-B3211E87C6FF}G:\mydownloads\adalight\processing-2.1-windows32\processing-2.1\java\bin\java.exe] => (Allow) G:\mydownloads\adalight\processing-2.1-windows32\processing-2.1\java\bin\java.exe
FirewallRules: [UDP Query User{DC93C5DD-D829-4DCB-9F77-471289EB8800}G:\mydownloads\adalight\processing-2.1-windows32\processing-2.1\java\bin\java.exe] => (Allow) G:\mydownloads\adalight\processing-2.1-windows32\processing-2.1\java\bin\java.exe
FirewallRules: [TCP Query User{AC4CC51E-CC28-45D1-8B45-D7395C9F8BAF}C:\program files\dvbviewer\plugins\plugins1\acamdmonitor.exe] => (Allow) C:\program files\dvbviewer\plugins\plugins1\acamdmonitor.exe
FirewallRules: [UDP Query User{098F08E5-B994-426C-AA9F-19C23C0DBBBD}C:\program files\dvbviewer\plugins\plugins1\acamdmonitor.exe] => (Allow) C:\program files\dvbviewer\plugins\plugins1\acamdmonitor.exe
FirewallRules: [{FE07A888-900D-45BD-A1FB-90A0619F59F1}] => (Allow) C:\Program Files\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{C1094119-D454-4DE8-A970-21EA9A7A6AFA}] => (Allow) C:\Program Files\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{CFF3544B-4B5A-4A36-825C-8E16AD0701A2}] => (Allow) C:\Program Files\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{10391ABB-FF24-4745-9C60-FFD273669436}] => (Allow) C:\Program Files\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{741AF286-46CC-4AB3-86F3-2AB7B2FF879C}] => (Allow) C:\Program Files\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{E6A4BE9B-4360-400A-8578-54AC300CAADD}] => (Block) %ProgramFiles%\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{597F33DB-59FD-4569-BFB9-D5277AB1A3E7}] => (Block) %ProgramFiles%\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{D39461C6-0556-44F3-98F8-11801A202632}] => (Block) %ProgramFiles%\CyberLink\PowerDVD14\PDVDLP.exe
FirewallRules: [{5320B598-A21F-45B5-B876-0CF3DEC465AE}] => (Block) %ProgramFiles%\CyberLink\PowerDVD14\Common\CLMPSvc.exe
FirewallRules: [{9292EEEB-E599-4441-8D0B-3FC7E79146DF}] => (Block) %ProgramFiles%\CyberLink\PowerDVD14\Common\CLMPInst.exe
FirewallRules: [TCP Query User{9CC3B6FE-85B6-4D94-8991-9E24DCCC5F55}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe
FirewallRules: [UDP Query User{420FF2FC-BE44-4701-A64A-AB387D06A84D}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe
FirewallRules: [TCP Query User{745BA75F-E5E3-45E9-BDA3-0CB817420F63}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [UDP Query User{39E998D4-03C0-4360-8812-20FAB95D3438}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [TCP Query User{22FFE0BD-203C-4DE2-B610-40C435FE5B84}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe
FirewallRules: [UDP Query User{DDC9BA0F-05E9-48FE-8453-4D46638B0090}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe
FirewallRules: [{6CAA02E6-E967-483C-8084-DECB74629C98}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{CAB89BC7-171D-41FF-B62E-29BBD8C78E43}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{22E3CE26-441C-4007-AB73-85741B4AE922}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{FBD8EA7E-C5DA-4F13-A185-F1245EA0F112}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{05CF20C9-F211-457F-9C48-C04166DF0264}G:\mydownloads\madvr08721\madhcctrl.exe] => (Allow) G:\mydownloads\madvr08721\madhcctrl.exe
FirewallRules: [UDP Query User{12834DC3-613D-4537-86DC-846537FA7851}G:\mydownloads\madvr08721\madhcctrl.exe] => (Allow) G:\mydownloads\madvr08721\madhcctrl.exe
FirewallRules: [TCP Query User{36797835-AFA2-4009-980A-640735355F6E}C:\program files\media player classic - home cinema\mpc-hc.exe] => (Allow) C:\program files\media player classic - home cinema\mpc-hc.exe
FirewallRules: [UDP Query User{3EA85D57-4A1A-4F03-B289-8FB3E5053064}C:\program files\media player classic - home cinema\mpc-hc.exe] => (Allow) C:\program files\media player classic - home cinema\mpc-hc.exe
FirewallRules: [{0684B793-CBEB-47AD-AE72-5E0050A674AE}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{D5DAFAE4-9EF8-45E0-B262-A1B8288B8F6B}G:\download\hfs285.exe] => (Block) G:\download\hfs285.exe
FirewallRules: [UDP Query User{A1642A60-07E7-4C79-982F-137AD10635AE}G:\download\hfs285.exe] => (Block) G:\download\hfs285.exe
FirewallRules: [TCP Query User{6F515D59-37ED-44CE-9C19-AB28C791D1CF}C:\program files\kodi\kodi.exe] => (Block) C:\program files\kodi\kodi.exe
FirewallRules: [UDP Query User{DD1EE314-E1DA-4B02-A1D8-5142BFDA01D8}C:\program files\kodi\kodi.exe] => (Block) C:\program files\kodi\kodi.exe
FirewallRules: [{A763D636-BA9A-4D23-B635-54A595BFC8A9}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{D088E5B9-A653-4084-97E2-8EE5026F7214}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{E27B43C7-8413-40BF-8AA7-4FCA6397E86F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{ECE6F447-7A2E-4752-8096-1409612C34C5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{71F1E758-CB4C-4C52-A8F4-249D104ECF01}] => (Allow) C:\Program Files\DVBViewer\DVBViewer.exe
FirewallRules: [{EE3E5D18-398A-4192-9EE7-5C3999E0DCDD}] => (Allow) C:\Program Files\DVBViewer\DVBViewer.exe
FirewallRules: [{792DCC58-2FD0-49D1-A496-4BF6F8A0E9AA}] => (Allow) C:\Program Files\BubbleUPnP Server\BubbleUPnPServer.exe
FirewallRules: [TCP Query User{96F9F5D0-814B-4311-BC57-B4F3C8277B35}C:\users\mikelsoft\appdata\local\apps\2.0\8xdly85b.wcz\t8jghpqe.d88\sich..tion_dd8fea481d87ab9c_0003.0000_e5eb66b3c4193511\sichbopvr.exe] => (Allow) C:\users\mikelsoft\appdata\local\apps\2.0\8xdly85b.wcz\t8jghpqe.d88\sich..tion_dd8fea481d87ab9c_0003.0000_e5eb66b3c4193511\sichbopvr.exe
FirewallRules: [UDP Query User{8C4BA999-FA3A-4044-995D-79360630E443}C:\users\mikelsoft\appdata\local\apps\2.0\8xdly85b.wcz\t8jghpqe.d88\sich..tion_dd8fea481d87ab9c_0003.0000_e5eb66b3c4193511\sichbopvr.exe] => (Allow) C:\users\mikelsoft\appdata\local\apps\2.0\8xdly85b.wcz\t8jghpqe.d88\sich..tion_dd8fea481d87ab9c_0003.0000_e5eb66b3c4193511\sichbopvr.exe
FirewallRules: [TCP Query User{30E5FCFF-926C-422C-A124-15D0289FA0E5}C:\wamp\bin\apache\apache2.4.18\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.18\bin\httpd.exe
FirewallRules: [UDP Query User{49FE1622-2DE4-4C7C-9C52-886681AD133E}C:\wamp\bin\apache\apache2.4.18\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.18\bin\httpd.exe
FirewallRules: [{6D185FEC-2621-4F63-BB80-55EE896D7FF2}] => (Allow) C:\Program Files\DVBViewer\DVBViewer.exe
FirewallRules: [{334E9490-F13E-4DB4-B970-72CCE84B8162}] => (Allow) C:\Program Files\DVBViewer\DVBViewer.exe
FirewallRules: [TCP Query User{F47B6828-AB85-4CF1-892F-850971392B96}C:\users\mikelsoft\appdata\local\apps\2.0\8xdly85b.wcz\t8jghpqe.d88\sich..tion_dd8fea481d87ab9c_0003.0000_aacaf54a1cc9ce11\sichbopvr.exe] => (Allow) C:\users\mikelsoft\appdata\local\apps\2.0\8xdly85b.wcz\t8jghpqe.d88\sich..tion_dd8fea481d87ab9c_0003.0000_aacaf54a1cc9ce11\sichbopvr.exe
FirewallRules: [UDP Query User{B81308F7-AE53-4B7D-B9F6-9173EAFCD72E}C:\users\mikelsoft\appdata\local\apps\2.0\8xdly85b.wcz\t8jghpqe.d88\sich..tion_dd8fea481d87ab9c_0003.0000_aacaf54a1cc9ce11\sichbopvr.exe] => (Allow) C:\users\mikelsoft\appdata\local\apps\2.0\8xdly85b.wcz\t8jghpqe.d88\sich..tion_dd8fea481d87ab9c_0003.0000_aacaf54a1cc9ce11\sichbopvr.exe
FirewallRules: [{3BCD47E4-E34C-4F59-A177-68451821C478}] => (Allow) C:\Users\mikelsoft\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{C07E2404-99BE-4301-95D8-F984A930BA4E}] => (Allow) C:\Program Files\DVBViewer\DVBViewer.exe
FirewallRules: [{6B6184EB-DE9F-4824-8D72-E0B4A07540E6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{E3E2D83A-04F6-428D-AE6C-96E288F39C9F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{B3FDDFD5-B96A-44F3-A1ED-80DAB256EC4F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F1898D70-3406-401D-9E66-464053C72877}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F0B07B8D-469E-4B6A-9BDB-96B0C892DA95}] => (Allow) C:\Program Files\CyberLink\PowerDVD16\PowerDVD.exe
FirewallRules: [{674F598A-42A4-4431-8D3A-D42E4F7E38CE}] => (Allow) C:\Program Files\CyberLink\PowerDVD16\Kernel\DMS\CLMSServerPDVD16.exe
FirewallRules: [{42E1483C-EA2E-4861-A451-A577EDC7A879}] => (Allow) C:\Program Files\CyberLink\PowerDVD16\PowerDVD16Agent.exe
FirewallRules: [{F1C10B25-9083-4B5F-B98E-9C6E60A9F0A4}] => (Allow) C:\Program Files\CyberLink\PowerDVD16\Movie\PowerDVDMovie.exe
FirewallRules: [{38085AD5-816A-47ED-915C-7E45B05708CA}] => (Allow) C:\Program Files\CyberLink\PowerDVD16\CastingStation.exe
FirewallRules: [{AEA786D2-DEAD-4408-83C8-66D6CC0D17F5}] => (Allow) C:\Program Files\CyberLink\PowerDVD17\PowerDVD.exe
FirewallRules: [{CA13C7A1-1399-400F-A69E-1710B5B35BDF}] => (Allow) C:\Program Files\CyberLink\PowerDVD17\Kernel\DMS\CLMSServerPDVD17.exe
FirewallRules: [{DE3591E3-D4A9-4F2B-A4B6-F215187E8F5D}] => (Allow) C:\Program Files\CyberLink\PowerDVD17\PowerDVD17Agent.exe
FirewallRules: [{723DC905-0A69-4741-9086-8B1FF57A0C13}] => (Allow) C:\Program Files\CyberLink\PowerDVD17\Movie\PowerDVDMovie.exe
FirewallRules: [{F11CB595-0B50-460E-AC88-91C1F7685EAF}] => (Allow) C:\Program Files\CyberLink\PowerDVD17\CastingStation.exe
FirewallRules: [{4A3D4B8B-4F9A-40D8-AB42-0B279FFD5DFF}] => (Allow) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{5191A864-FEC9-44D1-8FC2-2C9B6E0AEB27}] => (Allow) C:\Program Files\Common Files\Acronis\Infrastructure\mms_mini.exe
FirewallRules: [{71C761CA-8192-429A-91FA-7B1CA4B95E59}] => (Allow) C:\Program Files\Acronis\TrueImageHome\TrueImage.exe
FirewallRules: [{E4F200D5-4D6F-477D-A3C6-61CED61B8378}] => (Allow) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
FirewallRules: [{D9669033-67BB-4372-808A-1B9512F0EC1B}] => (Allow) C:\Program Files\Acronis\TrueImageHome\TrueImageTools.exe
FirewallRules: [{75D40257-A2FE-474A-97E0-3046EC2ED850}] => (Allow) C:\Program Files\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe
FirewallRules: [{77210919-71B1-4BD4-A738-B22BA9E40A0F}] => (Allow) C:\Program Files\Acronis\TrueImageHome\MediaBuilder.exe
FirewallRules: [{C58F7464-25BD-480C-BA7C-EFCCF8FA21C0}] => (Allow) C:\Program Files\Acronis\TrueImageHome\SystemReport.exe
FirewallRules: [{843ACD32-5C69-4E33-91D7-35CD52FF78AD}] => (Allow) C:\Program Files\Acronis\TrueImageHome\acronis_drive.exe
FirewallRules: [{6A680B61-EBF5-4BA6-ACA9-D3B21F333ADE}] => (Allow) C:\Program Files\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
FirewallRules: [{7D44FFD1-FA59-46D3-9428-4BB0C3EBFAAA}] => (Allow) C:\Program Files\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe
FirewallRules: [{F5F7C004-4967-4A35-923C-96EC99AD9A90}] => (Allow) C:\Program Files\Acronis\TrueImageHome\mobile_backup_status_server.exe
FirewallRules: [{0E107AC9-2F15-45CE-B10B-DBF1FBA7CB21}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7E07BC32-71C3-4EF0-8149-72F30F9F5712}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7ED503AE-EA14-45A2-A782-ED0E7D70F2AF}] => (Block) C:\Program Files\Acronis\TrueImageHome\license_activator.exe
FirewallRules: [{BE4946EF-B639-4D59-9C11-436F8AA030F8}] => (Allow) C:\Program Files\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{69AF0E78-67E5-4A07-9E3A-CE98E30AEB28}] => (Allow) C:\Program Files\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{95E4FFCC-92D8-46E4-BC05-84288E882C89}] => (Allow) C:\Program Files\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{8CFAFD67-5EF1-4784-83A8-192226C1491A}] => (Allow) C:\Program Files\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{32888E4F-AD96-41C7-B424-52E6D7415D2F}C:\wamp\bin\apache\apache2.4.23\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.23\bin\httpd.exe
FirewallRules: [UDP Query User{82E68C9B-2B71-44EC-AA7B-CC075DC9B37C}C:\wamp\bin\apache\apache2.4.23\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.23\bin\httpd.exe
FirewallRules: [TCP Query User{C69ABCB9-0CD5-46FB-843A-DBC9C1294E13}C:\users\mikelsoft\appdata\roaming\emby-server\system\mediabrowser.serverapplication.exe] => (Allow) C:\users\mikelsoft\appdata\roaming\emby-server\system\mediabrowser.serverapplication.exe
FirewallRules: [UDP Query User{C76D7DC6-27DB-42C4-B84D-9AD86C3CF29C}C:\users\mikelsoft\appdata\roaming\emby-server\system\mediabrowser.serverapplication.exe] => (Allow) C:\users\mikelsoft\appdata\roaming\emby-server\system\mediabrowser.serverapplication.exe
FirewallRules: [{D7535F5B-9264-4CF9-94B0-40975580A60C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: PS/2-Standardtastatur
Description: PS/2-Standardtastatur
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/29/2017 03:32:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname mikelsoft-PC.local already in use; will try mikelsoft-PC-2.local instead

Error: (04/29/2017 03:32:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 mikelsoft-PC.local. Addr 192.168.178.41

Error: (04/29/2017 03:32:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.41:5353   16 mikelsoft-PC.local. AAAA FD9E:C0A1:753D:0000:0000:0000:0000:0C96

Error: (04/29/2017 11:18:04 AM) (Source: Acronis Scheduler) (EventID: 1) (User: NT-AUTORITÄT)
Description: Scheduler kann den Task nicht ausführen>"" mit GUID 'A2BB4F95-348C-4590-958E-DF518374D6D4'} wegen Fehler 267> (The directory name is invalid.)

Error: (04/29/2017 04:44:24 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\arduino\drivers\dpinst-amd64.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/29/2017 04:44:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\acronis\bootablecomponents\winpe\files\systeminfo.exe".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/29/2017 04:44:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\acronis\bootablecomponents\winpe\files\mms.exe".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/29/2017 04:44:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\acronis\bootablecomponents\winpe\files\TrueImage.exe".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/29/2017 04:44:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\acronis\bootablecomponents\winpe\files\RecoveryExpert.exe".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/29/2017 04:44:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\acronis\bootablecomponents\winpe\files\DiskDirectorAdvancedService.exe".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


Systemfehler:
=============
Error: (04/29/2017 07:48:41 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definitionsupdate für Windows Defender – KB2267602 (Definition 1.241.744.0)

Error: (04/28/2017 07:39:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/28/2017 07:39:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/28/2017 04:12:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
Unzulässige Funktion.

Error: (04/27/2017 06:56:48 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/27/2017 06:56:48 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/27/2017 06:56:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AMD FUEL Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2 = Das System kann die angegebene Datei nicht finden.

Error: (04/27/2017 06:56:42 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "DMS" ist von folgendem Dienst abhängig: ProtectedStorage. Dieser Dienst ist möglicherweise nicht installiert.

Error: (04/27/2017 06:56:42 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten.

Error: (04/27/2017 06:56:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%50 = Die Anforderung wird nicht unterstützt.


CodeIntegrity:
===================================
  Date: 2017-04-29 19:46:19.995
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-29 19:46:19.993
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-29 12:33:17.936
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-29 12:33:17.935
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-29 12:13:25.355
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-29 12:13:25.354
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-29 11:26:40.450
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-29 11:26:40.449
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-28 22:32:23.034
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-28 22:32:23.032
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU G4560 @ 3.50GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 8156.15 MB
Verfügbarer physikalischer RAM: 5245.92 MB
Summe virtueller Speicher: 9244.15 MB
Verfügbarer virtueller Speicher: 5223.33 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:110.81 GB) (Free:41.65 GB) NTFS
Drive d: (Volume) (Fixed) (Total:7451.91 GB) (Free:3964.86 GB) NTFS
Drive g: (Volume) (Fixed) (Total:2794.39 GB) (Free:378.96 GB) NTFS
Drive i: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 7EF8E762)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 7452 GB) (Disk ID: BBE15D11)

Partition: GPT.

========================================================
Disk: 2 (Size: 2794.5 GB) (Disk ID: B6DE571E)

Partition: GPT.

==================== Ende vom Addition.txt ============================
         
ok geschafft. Was ist mit meinen Linux Rechnern ??


Danke Ines

Alt 29.04.2017, 23:14   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mirai botnet Brief vom Telekom Sicherheitswarnung - Icon32

Mirai botnet Brief vom Telekom Sicherheitswarnung



Deine Linux Rechner spielen keine Rolle. Dafür gibt es keine Bereinigungstools. Weil es keine Schädlinge dafür gibt (wie in der Form für Windows).


Zitat:
JDownloader 0.9
KMSpico
Alles klar.
KMSPico --> illgaler MS-Office-Crack
JDownloader --> war ein Inbegriff für das vereinfachte illegale Downloaden von 1click sharehostern

Wer mit dem Feuer spielt muss sich nun wirklich nicht über merwürdige Briefe vom Provider wundern. Einfach mal die Finger davon lassen wenn man keine Ahnung davon hat.


Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 30.04.2017, 12:19   #12
inesa394
 
Mirai botnet Brief vom Telekom Sicherheitswarnung - Standard

Mirai botnet Brief vom Telekom Sicherheitswarnung



ok Laptop entfernt

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 27-04-2017
durchgeführt von mikelsoft (Administrator) auf MIKELSOFT-LAPTO (30-04-2017 12:03:48)
Gestartet von C:\Users\mikelsoft\Desktop
Geladene Profile: mikelsoft (Verfügbare Profile: mikelsoft)
Platform: Microsoft Windows 10 Home Version 1607 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files\Bluetooth Suite\AdminService.exe
() C:\Program Files\Lenovo\iMController\Service\Lenovo.Modern.ImController.exe
() C:\Program Files\BidCoS Service\rfd.exe
() C:\Program Files\Repetier-Server\bin\RepetierServer.exe
() C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe
(Amazon Services LLC) C:\Users\mikelsoft\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Emurasoft, Inc.) C:\Program Files\EmEditor\emedtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe
() C:\Program Files\No-IP\ducservice.exe
() C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
() C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
() C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
() C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
() C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
() C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x86__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files\Lenovo\System Update\TvsuCommandLauncher.exe
() C:\Program Files\Lenovo\System Update\UNCServer.exe
() C:\Program Files\Lenovo\System Update\TvsuCommandLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12214528 2015-08-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1024256 2015-08-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1024256 2015-08-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1024256 2015-08-22] (Realtek Semiconductor)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [28344536 2017-04-26] (Dropbox, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3519144 2015-06-19] (Synaptics Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [483840 2017-03-28] (Microsoft Corporation)
HKU\S-1-5-21-2548902348-863574374-2724880110-1000\...\Run: [Amazon Music] => C:\Users\mikelsoft\AppData\Local\Amazon Music\Amazon Music Helper.exe [3694056 2017-02-01] (Amazon Services LLC)
HKU\S-1-5-21-2548902348-863574374-2724880110-1000\...\Run: [GoogleChromeAutoLaunch_EEFE44D0258C3D0E520D3E68631825C9] => C:\Program Files\Google\Chrome\Application\chrome.exe [941912 2017-03-29] (Google Inc.)
HKU\S-1-5-21-2548902348-863574374-2724880110-1000\...\MountPoints2: {5e71a359-1bc5-11e7-947c-d05349decf76} - "D:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2548902348-863574374-2724880110-1000\...\MountPoints2: {99c470a0-cd2a-11e6-945b-d05349decf76} - "D:\HiSuiteDownLoader.exe" 
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl)
Startup: C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EmEditor.lnk [2016-07-21]
ShortcutTarget: EmEditor.lnk -> C:\Program Files\EmEditor\emedtray.exe (Emurasoft, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5f9c7367-c98f-4327-af9c-709124af5686}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-2548902348-863574374-2724880110-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\S-1-5-21-2548902348-863574374-2724880110-1000 -> {8FD69A31-5D65-4640-B4F2-581773455D2D} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-28] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-28] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: rthaolbz.default
FF ProfilePath: C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\rthaolbz.default [2017-04-30]
FF Homepage: Mozilla\Firefox\Profiles\rthaolbz.default -> www.google.de
FF Session Restore: Mozilla\Firefox\Profiles\rthaolbz.default -> ist aktiviert.
FF Extension: (Google Translator for Firefox) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\rthaolbz.default\Extensions\translator@zoli.bod.xpi [2017-02-18]
FF Extension: (Flagfox) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\rthaolbz.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2017-04-21]
FF Extension: (PDF Download) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\rthaolbz.default\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2016-04-28]
FF Extension: (Download Status Bar) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\rthaolbz.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2016-10-06]
FF Extension: (NoScript) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\rthaolbz.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-04-30]
FF Extension: (Live HTTP headers) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\rthaolbz.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2016-04-28]
FF Extension: (ImTranslator) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\rthaolbz.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2017-01-06]
FF Extension: (WOT) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\rthaolbz.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-10]
FF Extension: (Adblock Plus) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\rthaolbz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-09]
FF Extension: (DownThemAll!) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\rthaolbz.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-10-06]
FF ProfilePath: C:\Users\mikelsoft\AppData\Roaming\Gapminder Foundation\Gapminder World\Profiles\v8se7xom.default [2017-04-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-11] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [2015-09-07] (Adobe Systems, Inc.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-28] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-02-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-02-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-02-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-02-20] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)

Chrome: 
=======
CHR HomePage: Default -> hxxp://search.orbitdownloader.com/
CHR StartupUrls: Default -> "hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f056386a-ace8-4385-b788-b001646a9ec1&searchtype=hp&installDate=20/05/2013","hxxp://www.google.com/","hxxp://www.istartsurf.com/?type=hp&ts=1438291744&z=835a089035872680a155b5eg1zfcbb0odtdofe7oeq&from=smt&uid=CorsairXForceX3XSSD_11476502000008951204","hxxp://www.istartsurf.com/?type=hppp&ts=1438291805&z=396efe5531988c07fea5102g8z3c4bfo6t8o8e4beb&from=smt&uid=CorsairXForceX3XSSD_11476502000008951204","hxxp://www.google.com"
CHR Profile: C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default [2017-04-30]
CHR Extension: (Google*Übersetzer) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2016-02-14]
CHR Extension: (Google Präsentationen) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-22]
CHR Extension: (h264ify) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleakchihdccplidncghkekgioiakgal [2016-05-16]
CHR Extension: (Google Docs) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-22]
CHR Extension: (Google Drive) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-16]
CHR Extension: (Wetter (Erweiterung)) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2017-03-16]
CHR Extension: (TV) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2016-02-14]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-03-16]
CHR Extension: (YouTube) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-20]
CHR Extension: (Adblock Plus) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-23]
CHR Extension: (Adblock für Youtube™) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-04-20]
CHR Extension: (Google-Suche) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-16]
CHR Extension: (XJZ Survey Remover) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cphljojhgmnabimjemakjleocdheengh [2016-02-14]
CHR Extension: (Google Tabellen) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-22]
CHR Extension: (TabSaver) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmjkkhoegfianolbdbceddpgnidbfpmo [2017-04-27]
CHR Extension: (Uhr) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2016-02-14]
CHR Extension: (Google Docs Offline) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-13]
CHR Extension: (IP-Adresse) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjndloejlcbpkholmagjbddfkjmmploh [2017-04-27]
CHR Extension: (In Google Drive speichern) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2016-02-14]
CHR Extension: (Advanced REST client) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgmloofddffdnphfgcellkdfbfbjeloo [2017-02-25]
CHR Extension: (Google Play Music) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2016-06-09]
CHR Extension: (Chrome to Mobile) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2016-02-14]
CHR Extension: (Dropbox) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2016-02-14]
CHR Extension: (eBay für Chrome) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2016-11-27]
CHR Extension: (Yahoo Partner) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdmjodecdegfglgaapafjleomjjlpnh [2016-11-07]
CHR Extension: (Erweiterte Startseite) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhlflcpjmbmnhfehipheboagibdjgmog [2016-02-14]
CHR Extension: (Skype) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-16]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-04-12]
CHR Extension: (Google Maps) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-02-14]
CHR Extension: (Codebender App) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\magknjdfniglanojbpadmpjlglepnlko [2016-07-21]
CHR Extension: (Google Mail-Checker) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2016-02-14]
CHR Extension: (Downloads) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi [2017-04-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-16]
CHR Extension: (Picasa) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2016-02-14]
CHR Extension: (Google Mail) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-22]
CHR Extension: (Chrome Media Router) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-16]
CHR HKLM\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2548902348-863574374-2724880110-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [279120 2015-06-29] (Windows (R) Win 7 DDK provider)
R2 BidCoS-Service; C:\Program Files\BidCoS Service\rfd.exe [598016 2015-12-07] () [Datei ist nicht signiert]
S3 cphs; C:\WINDOWS\system32\IntelCpHeciSvc.exe [283024 2015-06-08] (Intel Corporation)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-11] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-11] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42288 2017-04-26] (Dropbox, Inc.)
S2 debugregsvc; C:\WINDOWS\System32\debugregsvc.dll [24064 2016-07-15] (Microsoft Corporation)
S3 DeveloperToolsService; C:\WINDOWS\System32\DeveloperToolsSvc.exe [84480 2016-07-15] (Microsoft Corporation)
R2 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [155848 2016-11-25] () [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [297872 2015-06-08] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [33696 2015-08-13] ()
R2 NoIPDUCService4; C:\Program Files\No-IP\ducservice.exe [12288 2015-07-20] () [Datei ist nicht signiert]
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [32384 2016-10-03] (The OpenVPN Project)
R2 RepetierServer; C:\Program Files\Repetier-Server\bin\RepetierServer.exe [5940584 2016-11-27] ()
R3 SshBroker; C:\WINDOWS\System32\SshBroker.dll [276992 2016-07-15] (Microsoft Corporation)
R3 SshProxy; C:\WINDOWS\System32\SshProxy.dll [213504 2016-07-15] (Microsoft Corporation)
S4 SUService; C:\Program Files\Lenovo\System Update\SUService.exe [28544 2016-07-07] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [208552 2015-06-19] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [55808 2015-02-17] (Code Sector) [Datei ist nicht signiert]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2017-03-28] (Microsoft Corporation)
S4 WebManagement; C:\WINDOWS\system32\WebManagement.exe [709120 2016-07-15] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84928 2017-03-28] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ACPIVPC; C:\WINDOWS\System32\drivers\AcpiVpc.sys [36176 2015-08-22] (Lenovo Corporation)
S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus.sys [23424 2016-03-02] (LG Electronics Inc.)
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag.sys [24064 2016-03-02] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem.sys [28672 2016-03-02] (LG Electronics Inc.)
R3 athr; C:\WINDOWS\System32\drivers\athw8.sys [3228672 2016-07-16] (Qualcomm Atheros Communications, Inc.)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [521248 2016-06-26] (Qualcomm Atheros)
S3 CH341SER; C:\WINDOWS\System32\Drivers\CH341SER.SYS [41472 2015-02-06] (www.winchiphead.com)
S3 FTDIBUS; C:\WINDOWS\system32\drivers\ftdibus.sys [96464 2016-10-04] (Future Technology Devices International Ltd.)
S3 FTSER2K; C:\WINDOWS\system32\drivers\ftser2k.sys [74864 2016-10-04] ()
S3 HWiNFO32; C:\Users\mikelsoft\AppData\Local\Temp\HWiNFO32.SYS [23840 2017-04-26] (REALiX(tm)) <==== ACHTUNG
S3 intaud_WaveExtensible; C:\WINDOWS\system32\drivers\intelaud.sys [44096 2015-06-26] (Intel Corporation)
R3 iwdbus; C:\WINDOWS\System32\drivers\iwdbus.sys [35904 2015-06-26] (Intel Corporation)
S3 kmloop; C:\WINDOWS\System32\drivers\loop.sys [12800 2016-07-16] (Microsoft Corporation)
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [42592 2017-01-28] (hxxp://libusb-win32.sourceforge.net)
R3 MEI; C:\WINDOWS\System32\drivers\TeeDriverW8.sys [161056 2015-06-12] (Intel Corporation)
R1 MpKsl9b5a1eb6; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F5EE6617-9CD9-4B16-A418-2522498F5C2F}\MpKsl9b5a1eb6.sys [39168 2017-04-30] (Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
S3 netr28u; C:\WINDOWS\System32\drivers\netr28u.sys [1824256 2016-07-16] (MediaTek Inc.)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [77136 2016-12-15] (Insecure.Com LLC.)
S4 npcap_wifi; C:\WINDOWS\system32\DRIVERS\npcap.sys [77136 2016-12-15] (Insecure.Com LLC.)
R1 npf; C:\WINDOWS\system32\DRIVERS\npf.sys [77136 2016-12-15] (Insecure.Com LLC.)
S4 npf_wifi; C:\WINDOWS\system32\DRIVERS\npf.sys [77136 2016-12-15] (Insecure.Com LLC.)
S3 qcfilter; C:\WINDOWS\System32\drivers\qcusbfilter.sys [39456 2015-09-25] (QUALCOMM Incorporated)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [214560 2015-09-25] (QUALCOMM Incorporated)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2016-07-16] (Realtek                                            )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [301824 2015-08-23] (Realsil Semiconductor Corporation)
S3 silabenm; C:\WINDOWS\system32\DRIVERS\silabenm.sys [16128 2014-11-25] (Silicon Laboratories)
S3 silabser; C:\WINDOWS\system32\DRIVERS\silabser.sys [462432 2015-11-25] (Silicon Laboratories Inc.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [26792 2015-06-19] (Synaptics Incorporated)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [23040 2016-04-21] (The OpenVPN Project)
R3 teamviewervpn; C:\WINDOWS\System32\drivers\teamviewervpn.sys [25088 2015-06-18] (TeamViewer GmbH)
R3 USBPcap; C:\WINDOWS\system32\DRIVERS\USBPcap.sys [33016 2015-10-07] (USBPcap)
S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [102968 2016-07-18] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [165880 2016-07-18] (Oracle Corporation)
R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [516264 2016-10-20] (IDRIX)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [161280 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2016-11-25] (Huawei Technologies Co., Ltd.)
U3 idsvc; kein ImagePath
S3 rtsuvc; \SystemRoot\system32\DRIVERS\rtsuvc.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVC: debugregsvc -> C:\Windows\System32\debugregsvc.dll (Microsoft Corporation)

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-30 12:03 - 2017-04-30 12:04 - 00030805 _____ C:\Users\mikelsoft\Desktop\FRST.txt
2017-04-29 10:47 - 2017-04-29 10:47 - 00000000 ____D C:\Users\mikelsoft\Desktop\FRST-OlderVersion
2017-04-28 06:27 - 2017-04-30 11:31 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-04-28 06:26 - 2017-04-28 13:25 - 00000000 ____D C:\Users\mikelsoft\Desktop\mbar
2017-04-27 17:27 - 2017-04-27 17:27 - 00000816 _____ C:\Users\mikelsoft\Desktop\JRTold.txt
2017-04-27 16:58 - 2017-04-27 16:57 - 04102600 _____ C:\Users\mikelsoft\Desktop\adwcleaner_6.046.exe
2017-04-27 16:48 - 2017-04-27 16:48 - 00001260 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-04-27 15:51 - 2017-04-27 15:50 - 00602112 _____ (OldTimer Tools) C:\Users\mikelsoft\Desktop\OTL.exe
2017-04-27 14:18 - 2017-04-27 14:24 - 00130924 _____ C:\WINDOWS\Minidump\042717-49015-01.dmp
2017-04-27 06:11 - 2017-04-27 06:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-04-26 20:02 - 2017-04-26 20:02 - 00042288 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-04-26 13:02 - 2017-04-26 13:03 - 00000000 ___HD C:\$WINDOWS.~BT
2017-04-26 11:38 - 2017-04-26 12:59 - 00000000 ____D C:\Program Files\Intel Driver Update Utility
2017-04-26 11:38 - 2017-04-26 11:38 - 00001191 _____ C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.7.2.lnk
2017-04-26 11:38 - 2017-04-26 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2017-04-25 11:38 - 2017-04-25 11:44 - 00281612 _____ C:\WINDOWS\Minidump\042517-42234-01.dmp
2017-04-22 21:49 - 2017-04-22 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2017-04-22 21:36 - 2017-04-23 22:44 - 00000000 ____D C:\xampp
2017-04-18 19:00 - 2017-04-18 19:02 - 00281780 _____ C:\WINDOWS\Minidump\041817-34125-01.dmp
2017-04-18 14:55 - 2017-04-18 14:55 - 00000000 __RSD C:\WINDOWS\system32\WindowsDevicePortal
2017-04-18 14:55 - 2017-04-18 14:55 - 00000000 ___RD C:\WINDOWS\WebManagement
2017-04-18 14:55 - 2016-07-15 18:45 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\debugregsvcapi.dll
2017-04-18 14:55 - 2016-07-15 18:45 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperTools.ProxyStub.dll
2017-04-18 14:55 - 2016-07-15 18:44 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevToolsLauncher.exe
2017-04-18 14:55 - 2016-07-15 18:43 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeployUtil.exe
2017-04-18 14:55 - 2016-07-15 18:42 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdp.dll
2017-04-18 14:55 - 2016-07-15 18:42 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshProxy.dll
2017-04-18 14:55 - 2016-07-15 18:42 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperToolsSvc.exe
2017-04-18 14:55 - 2016-07-15 18:42 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\debugregsvc.dll
2017-04-18 14:55 - 2016-07-15 18:41 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshSession.exe
2017-04-18 14:55 - 2016-07-15 18:41 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshSftp.exe
2017-04-18 14:55 - 2016-07-15 18:39 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshBroker.dll
2017-04-18 14:55 - 2016-07-15 18:37 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebManagement.exe
2017-04-18 14:44 - 2017-04-18 14:49 - 00281756 _____ C:\WINDOWS\Minidump\041817-32656-01.dmp
2017-04-16 14:48 - 2017-04-16 14:51 - 00281604 _____ C:\WINDOWS\Minidump\041617-39015-01.dmp
2017-04-12 22:07 - 2017-03-28 08:04 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-04-12 22:07 - 2017-03-28 08:04 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-04-12 22:07 - 2017-03-28 07:58 - 00240992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-04-12 22:07 - 2017-03-28 07:52 - 01966944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-04-12 22:07 - 2017-03-28 07:42 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-12 22:07 - 2017-03-28 07:41 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-12 22:07 - 2017-03-28 07:40 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys
2017-04-12 22:07 - 2017-03-28 07:40 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-12 22:07 - 2017-03-28 07:39 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-04-12 22:07 - 2017-03-28 07:39 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-04-12 22:07 - 2017-03-28 07:38 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-04-12 22:07 - 2017-03-28 07:35 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 22:07 - 2017-03-28 07:35 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2017-04-12 22:07 - 2017-03-28 07:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-12 22:07 - 2017-03-28 07:34 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-04-12 22:07 - 2017-03-28 07:34 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2017-04-12 22:07 - 2017-03-28 07:33 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-04-12 22:07 - 2017-03-28 07:32 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-04-12 22:07 - 2017-03-28 07:32 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-04-12 22:07 - 2017-03-28 07:32 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-04-12 22:07 - 2017-03-28 07:32 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 22:07 - 2017-03-28 07:31 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-04-12 22:07 - 2017-03-28 07:30 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-04-12 22:07 - 2017-03-28 07:30 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-04-12 22:07 - 2017-03-28 07:29 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-04-12 22:07 - 2017-03-28 07:29 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-04-12 22:07 - 2017-03-28 07:25 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-04-12 22:07 - 2017-03-28 07:24 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-04-12 22:07 - 2017-03-28 07:23 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-04-12 22:07 - 2017-03-28 07:15 - 01700864 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-04-12 22:07 - 2017-03-28 07:14 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-04-12 22:07 - 2017-03-28 07:13 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-04-12 22:07 - 2017-03-28 07:13 - 01486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-04-12 22:07 - 2017-03-28 07:12 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-04-12 22:07 - 2017-03-28 07:12 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-04-12 22:07 - 2017-03-28 07:11 - 01887232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-12 22:07 - 2017-03-28 07:09 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-04-12 22:07 - 2017-03-28 07:08 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-04-12 22:07 - 2017-03-28 07:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-04-12 22:06 - 2017-03-28 09:10 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-12 22:06 - 2017-03-28 08:59 - 00448864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-04-12 22:06 - 2017-03-28 08:21 - 00890984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-04-12 22:06 - 2017-03-28 08:20 - 01725136 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-04-12 22:06 - 2017-03-28 08:19 - 05999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-12 22:06 - 2017-03-28 08:19 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-04-12 22:06 - 2017-03-28 08:15 - 02048496 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 22:06 - 2017-03-28 08:13 - 00950624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-04-12 22:06 - 2017-03-28 08:05 - 01896800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-12 22:06 - 2017-03-28 08:05 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-12 22:06 - 2017-03-28 08:05 - 00342880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-12 22:06 - 2017-03-28 08:04 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-04-12 22:06 - 2017-03-28 08:04 - 02262776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-12 22:06 - 2017-03-28 08:04 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-04-12 22:06 - 2017-03-28 08:02 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-04-12 22:06 - 2017-03-28 08:02 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-04-12 22:06 - 2017-03-28 07:59 - 06667520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-12 22:06 - 2017-03-28 07:59 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-04-12 22:06 - 2017-03-28 07:59 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-12 22:06 - 2017-03-28 07:58 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-04-12 22:06 - 2017-03-28 07:58 - 01851688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-12 22:06 - 2017-03-28 07:58 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-04-12 22:06 - 2017-03-28 07:58 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-04-12 22:06 - 2017-03-28 07:58 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-04-12 22:06 - 2017-03-28 07:58 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-04-12 22:06 - 2017-03-28 07:58 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-04-12 22:06 - 2017-03-28 07:58 - 00961192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-12 22:06 - 2017-03-28 07:58 - 00198496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-04-12 22:06 - 2017-03-28 07:58 - 00125792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-04-12 22:06 - 2017-03-28 07:53 - 01412128 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-12 22:06 - 2017-03-28 07:53 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-12 22:06 - 2017-03-28 07:48 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-04-12 22:06 - 2017-03-28 07:45 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-04-12 22:06 - 2017-03-28 07:41 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-04-12 22:06 - 2017-03-28 07:40 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-04-12 22:06 - 2017-03-28 07:39 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2017-04-12 22:06 - 2017-03-28 07:38 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-04-12 22:06 - 2017-03-28 07:37 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-04-12 22:06 - 2017-03-28 07:37 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\apds.dll
2017-04-12 22:06 - 2017-03-28 07:37 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-04-12 22:06 - 2017-03-28 07:37 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-04-12 22:06 - 2017-03-28 07:36 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-04-12 22:06 - 2017-03-28 07:36 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-04-12 22:06 - 2017-03-28 07:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 22:06 - 2017-03-28 07:35 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-04-12 22:06 - 2017-03-28 07:35 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-04-12 22:06 - 2017-03-28 07:35 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-04-12 22:06 - 2017-03-28 07:35 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-04-12 22:06 - 2017-03-28 07:35 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-04-12 22:06 - 2017-03-28 07:34 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-12 22:06 - 2017-03-28 07:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-04-12 22:06 - 2017-03-28 07:34 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-04-12 22:06 - 2017-03-28 07:34 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-04-12 22:06 - 2017-03-28 07:33 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-04-12 22:06 - 2017-03-28 07:33 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-04-12 22:06 - 2017-03-28 07:32 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-04-12 22:06 - 2017-03-28 07:32 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-04-12 22:06 - 2017-03-28 07:32 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-04-12 22:06 - 2017-03-28 07:32 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-04-12 22:06 - 2017-03-28 07:32 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-04-12 22:06 - 2017-03-28 07:32 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-04-12 22:06 - 2017-03-28 07:32 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-04-12 22:06 - 2017-03-28 07:32 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-04-12 22:06 - 2017-03-28 07:31 - 00728064 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-04-12 22:06 - 2017-03-28 07:31 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-04-12 22:06 - 2017-03-28 07:31 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-04-12 22:06 - 2017-03-28 07:31 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-04-12 22:06 - 2017-03-28 07:31 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-12 22:06 - 2017-03-28 07:31 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-12 22:06 - 2017-03-28 07:30 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-04-12 22:06 - 2017-03-28 07:30 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-04-12 22:06 - 2017-03-28 07:30 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-12 22:06 - 2017-03-28 07:30 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-04-12 22:06 - 2017-03-28 07:29 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-04-12 22:06 - 2017-03-28 07:29 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-04-12 22:06 - 2017-03-28 07:29 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-04-12 22:06 - 2017-03-28 07:28 - 01110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-04-12 22:06 - 2017-03-28 07:28 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-04-12 22:06 - 2017-03-28 07:28 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-12 22:06 - 2017-03-28 07:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-04-12 22:06 - 2017-03-28 07:28 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-04-12 22:06 - 2017-03-28 07:27 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-04-12 22:06 - 2017-03-28 07:25 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-12 22:06 - 2017-03-28 07:25 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-04-12 22:06 - 2017-03-28 07:24 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-12 22:06 - 2017-03-28 07:24 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-04-12 22:06 - 2017-03-28 07:24 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-04-12 22:06 - 2017-03-28 07:24 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-04-12 22:06 - 2017-03-28 07:24 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-04-12 22:06 - 2017-03-28 07:23 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-12 22:06 - 2017-03-28 07:23 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-04-12 22:06 - 2017-03-28 07:23 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-12 22:06 - 2017-03-28 07:22 - 01284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-04-12 22:06 - 2017-03-28 07:21 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-04-12 22:06 - 2017-03-28 07:20 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-04-12 22:06 - 2017-03-28 07:20 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-04-12 22:06 - 2017-03-28 07:20 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-12 22:06 - 2017-03-28 07:19 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2017-04-12 22:06 - 2017-03-28 07:19 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-04-12 22:06 - 2017-03-28 07:19 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-04-12 22:06 - 2017-03-28 07:19 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2017-04-12 22:06 - 2017-03-28 07:19 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-04-12 22:06 - 2017-03-28 07:18 - 12181504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-12 22:06 - 2017-03-28 07:18 - 01406976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-04-12 22:06 - 2017-03-28 07:18 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-12 22:06 - 2017-03-28 07:17 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-04-12 22:06 - 2017-03-28 07:17 - 03774464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-04-12 22:06 - 2017-03-28 07:17 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-04-12 22:06 - 2017-03-28 07:17 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2017-04-12 22:06 - 2017-03-28 07:16 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-04-12 22:06 - 2017-03-28 07:16 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-04-12 22:06 - 2017-03-28 07:14 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-04-12 22:06 - 2017-03-28 07:14 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-04-12 22:06 - 2017-03-28 07:14 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-04-12 22:06 - 2017-03-28 07:13 - 06045184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-12 22:06 - 2017-03-28 07:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-04-12 22:06 - 2017-03-28 07:13 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-04-12 22:06 - 2017-03-28 07:13 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-04-12 22:06 - 2017-03-28 07:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-12 22:06 - 2017-03-28 07:12 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-04-12 22:06 - 2017-03-28 07:12 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-12 22:06 - 2017-03-28 07:12 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-12 22:06 - 2017-03-28 07:12 - 01235968 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-04-12 22:06 - 2017-03-28 07:12 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-04-12 22:06 - 2017-03-28 07:12 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-04-12 22:06 - 2017-03-28 07:12 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-04-12 22:06 - 2017-03-28 07:12 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-04-12 22:06 - 2017-03-28 07:12 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-04-12 22:06 - 2017-03-28 07:12 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-04-12 22:06 - 2017-03-28 07:11 - 03596288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-04-12 22:06 - 2017-03-28 07:11 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-12 22:06 - 2017-03-28 07:11 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-04-12 22:06 - 2017-03-28 07:11 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-12 22:06 - 2017-03-28 07:11 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-04-12 22:06 - 2017-03-28 07:11 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-04-12 22:06 - 2017-03-28 07:10 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-12 22:06 - 2017-03-28 07:09 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2017-04-12 22:06 - 2017-03-28 07:08 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-12 22:06 - 2017-03-18 19:28 - 01384704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-04-12 22:06 - 2017-03-18 19:02 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-12 22:06 - 2017-03-18 18:59 - 01378304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-04-12 22:06 - 2017-03-18 18:45 - 01949696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-12 22:06 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-04-12 22:05 - 2017-03-28 09:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-04-12 22:05 - 2017-03-28 08:21 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-04-12 22:05 - 2017-03-28 08:14 - 00583136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-04-12 22:05 - 2017-03-28 08:07 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-04-12 22:05 - 2017-03-28 08:04 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-04-12 22:05 - 2017-03-28 08:02 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-04-12 22:05 - 2017-03-28 07:52 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-04-12 22:05 - 2017-03-28 07:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-04-12 22:05 - 2017-03-28 07:40 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-12 22:05 - 2017-03-28 07:39 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-04-12 22:05 - 2017-03-28 07:39 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-04-12 22:05 - 2017-03-28 07:39 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2017-04-12 22:05 - 2017-03-28 07:39 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-04-12 22:05 - 2017-03-28 07:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-12 22:05 - 2017-03-28 07:38 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-04-12 22:05 - 2017-03-28 07:37 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-04-12 22:05 - 2017-03-28 07:36 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-04-12 22:05 - 2017-03-28 07:36 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-04-12 22:05 - 2017-03-28 07:36 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-04-12 22:05 - 2017-03-28 07:35 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-04-12 22:05 - 2017-03-28 07:35 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-04-12 22:05 - 2017-03-28 07:35 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dxpserver.exe
2017-04-12 22:05 - 2017-03-28 07:35 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-04-12 22:05 - 2017-03-28 07:35 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-04-12 22:05 - 2017-03-28 07:35 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-04-12 22:05 - 2017-03-28 07:35 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-04-12 22:05 - 2017-03-28 07:35 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-04-12 22:05 - 2017-03-28 07:34 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-04-12 22:05 - 2017-03-28 07:34 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-04-12 22:05 - 2017-03-28 07:33 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-04-12 22:05 - 2017-03-28 07:33 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-04-12 22:05 - 2017-03-28 07:32 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-04-12 22:05 - 2017-03-28 07:32 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-04-12 22:05 - 2017-03-28 07:32 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-04-12 22:05 - 2017-03-28 07:32 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 22:05 - 2017-03-28 07:32 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-04-12 22:05 - 2017-03-28 07:31 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-04-12 22:05 - 2017-03-28 07:31 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-04-12 22:05 - 2017-03-28 07:30 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-04-12 22:05 - 2017-03-28 07:29 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-04-12 22:05 - 2017-03-28 07:28 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-04-12 22:05 - 2017-03-28 07:26 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-04-12 22:05 - 2017-03-28 07:26 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-04-12 22:05 - 2017-03-28 07:25 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-04-12 22:05 - 2017-03-28 07:24 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-04-12 22:05 - 2017-03-28 07:23 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-04-12 22:05 - 2017-03-28 07:22 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-04-12 22:05 - 2017-03-28 07:19 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-04-12 22:05 - 2017-03-28 07:16 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-04-12 22:05 - 2017-03-28 07:15 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-04-12 22:05 - 2017-03-28 07:14 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-04-12 22:05 - 2017-03-28 07:12 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-04-12 22:05 - 2017-03-28 07:12 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-12 22:05 - 2017-03-28 07:12 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-04-12 22:05 - 2017-03-28 07:12 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-04-12 22:05 - 2017-03-28 07:12 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-04-12 21:09 - 2017-04-12 21:09 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Logitech
2017-04-12 21:08 - 2017-04-12 21:08 - 00000320 _____ C:\Users\mikelsoft\Desktop\MyHarmony.appref-ms
2017-04-12 21:08 - 2017-04-12 21:08 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logitech
2017-04-12 21:07 - 2017-04-28 13:45 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\Deployment
2017-04-11 21:24 - 2017-04-11 21:24 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Gapminder Foundation
2017-04-11 21:24 - 2017-04-11 21:24 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\Gapminder Foundation
2017-04-11 21:21 - 2017-04-11 21:21 - 00001165 _____ C:\Users\Public\Desktop\LibreOffice 5.3.lnk
2017-04-11 21:21 - 2017-04-11 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.3
2017-04-11 21:20 - 2017-04-11 21:21 - 00000000 ____D C:\Program Files\LibreOffice 5
2017-04-11 21:19 - 2017-04-11 21:19 - 00001263 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gapminder World.lnk
2017-04-11 21:19 - 2017-04-11 21:19 - 00001251 _____ C:\Users\Public\Desktop\Gapminder World.lnk
2017-04-11 21:19 - 2017-04-11 21:19 - 00000000 ____D C:\Program Files\Gapminder World
2017-04-08 14:14 - 2017-04-08 14:14 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2017-04-08 14:06 - 2017-04-08 14:06 - 00001018 _____ C:\Users\Public\Desktop\HiSuite.lnk
2017-04-08 14:06 - 2017-04-08 14:06 - 00000000 ____D C:\Users\mikelsoft\Documents\HiSuite
2017-04-08 14:06 - 2017-04-08 14:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2017-04-08 14:05 - 2017-04-08 14:12 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\Hisuite
2017-04-08 14:05 - 2017-04-08 14:06 - 00000000 ____D C:\Program Files\HiSuite
2017-04-08 14:05 - 2016-11-25 08:15 - 01837296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFUpdate_01009.dll
2017-04-08 14:05 - 2016-11-25 08:15 - 01461992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfCoInstaller01009.dll
2017-04-08 14:05 - 2016-11-25 08:15 - 00851176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winusbcoinstaller2.dll
2017-04-08 14:05 - 2016-11-25 08:15 - 00249856 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbnet.sys
2017-04-08 14:05 - 2016-11-25 08:15 - 00195200 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbmdm.sys
2017-04-08 14:05 - 2016-11-25 08:15 - 00112512 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_cdcacm.sys
2017-04-08 14:05 - 2016-11-25 08:15 - 00102272 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_usbdev.sys
2017-04-08 14:05 - 2016-11-25 08:15 - 00015360 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbccgpfilter.sys
2017-04-07 17:25 - 2017-04-27 17:22 - 01663672 _____ (Malwarebytes) C:\Users\mikelsoft\Desktop\JRT.exe
2017-04-07 17:24 - 2017-04-07 17:28 - 00065993 _____ C:\Users\mikelsoft\Desktop\Additionold.txt
2017-04-07 17:22 - 2017-04-30 12:03 - 00000000 ____D C:\FRST
2017-04-07 17:22 - 2017-04-07 17:28 - 00099866 _____ C:\Users\mikelsoft\Desktop\FRSTold.txt
2017-04-07 17:18 - 2017-04-29 10:47 - 01768448 _____ (Farbar) C:\Users\mikelsoft\Desktop\FRST.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-30 11:32 - 2016-04-11 14:19 - 00000000 ___RD C:\Users\mikelsoft\Dropbox
2017-04-30 11:30 - 2017-02-26 21:29 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-04-30 11:30 - 2016-08-19 18:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-30 11:30 - 2016-08-19 18:09 - 00000000 ____D C:\Users\mikelsoft
2017-04-30 11:30 - 2016-08-19 18:02 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-30 11:30 - 2015-08-22 21:46 - 00000000 __SHD C:\Users\mikelsoft\IntelGraphicsProfiles
2017-04-30 11:29 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\Resources
2017-04-30 02:14 - 2015-10-21 20:54 - 00000000 ____D C:\Users\mikelsoft\.zenmap
2017-04-30 02:14 - 2015-08-22 21:18 - 00000600 _____ C:\Users\mikelsoft\AppData\Roaming\winscp.rnd
2017-04-30 01:44 - 2016-12-02 20:26 - 00000000 ____D C:\Users\mikelsoft\AppData\LocalLow\Mozilla
2017-04-29 21:36 - 2015-08-23 23:30 - 00000600 _____ C:\Users\mikelsoft\AppData\Local\PUTTY.RND
2017-04-29 20:05 - 2015-08-23 10:02 - 00000000 ____D C:\my download
2017-04-29 12:32 - 2015-08-22 19:40 - 00000000 ____D C:\download
2017-04-29 12:07 - 2016-09-20 11:26 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-28 19:41 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-28 06:26 - 2016-09-20 11:24 - 00094936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-04-27 20:59 - 2016-02-14 19:26 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2017-04-27 18:12 - 2016-07-16 04:22 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-04-27 17:56 - 2015-08-23 22:29 - 00000000 ____D C:\Program Files\TeamViewer
2017-04-27 17:13 - 2016-09-15 19:17 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-04-27 17:13 - 2015-10-25 14:53 - 00000000 ____D C:\AdwCleaner
2017-04-27 16:55 - 2016-10-16 11:59 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\Atlassian
2017-04-27 16:55 - 2016-10-16 11:56 - 00000000 ____D C:\ProgramData\Atlassian
2017-04-27 16:48 - 2016-09-20 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-04-27 16:45 - 2016-03-11 14:53 - 00380928 _____ C:\Users\mikelsoft\Desktop\gmer.exe
2017-04-27 15:17 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-27 14:30 - 2016-07-16 10:29 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-27 14:18 - 2016-09-22 17:12 - 459242511 _____ C:\WINDOWS\MEMORY.DMP
2017-04-27 14:18 - 2016-08-23 13:27 - 00000000 ____D C:\WINDOWS\Minidump
2017-04-27 06:12 - 2016-04-11 14:09 - 00000000 ____D C:\Program Files\Dropbox
2017-04-26 13:03 - 2016-08-19 19:00 - 00000000 ___DC C:\WINDOWS\Panther
2017-04-26 13:03 - 2016-08-19 18:31 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2017-04-26 13:03 - 2016-08-19 18:31 - 00001908 _____ C:\WINDOWS\diagerr.xml
2017-04-26 12:53 - 2017-02-26 20:18 - 00000000 ____D C:\Users\mikelsoft\Downloads\Intel Components
2017-04-26 11:38 - 2015-08-22 21:36 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-26 11:21 - 2016-07-16 10:28 - 00000000 ____D C:\WINDOWS\INF
2017-04-24 12:12 - 2015-09-26 05:59 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2017-04-24 12:10 - 2017-02-15 01:10 - 00001974 _____ C:\Users\Public\Desktop\Sonos.lnk
2017-04-24 12:10 - 2015-09-26 06:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2017-04-24 12:10 - 2015-09-26 06:00 - 00000000 ____D C:\Program Files\Sonos
2017-04-24 12:10 - 2015-09-26 05:59 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\Downloaded Installations
2017-04-24 12:03 - 2015-08-22 21:05 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\AIMP
2017-04-22 14:43 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-04-22 14:43 - 2016-07-16 10:19 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-19 22:30 - 2015-08-22 21:07 - 00001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2017-04-19 22:30 - 2015-08-22 21:07 - 00001104 _____ C:\Users\Public\Desktop\WinSCP.lnk
2017-04-19 22:30 - 2015-08-22 21:07 - 00000000 ____D C:\Program Files\WinSCP
2017-04-18 19:31 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\rescache
2017-04-15 11:47 - 2016-07-16 19:27 - 00945224 _____ C:\WINDOWS\system32\perfh007.dat
2017-04-15 11:47 - 2016-07-16 19:27 - 00218010 _____ C:\WINDOWS\system32\perfc007.dat
2017-04-15 11:47 - 2015-08-22 22:41 - 02335380 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-13 19:11 - 2015-08-22 22:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-13 19:08 - 2016-08-23 15:15 - 00270160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-13 19:08 - 2015-08-27 13:43 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-04-13 19:07 - 2016-07-16 10:29 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-04-13 19:07 - 2016-07-16 10:29 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-04-13 19:07 - 2016-07-16 10:29 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-13 19:07 - 2016-07-16 10:29 - 00000000 ___RD C:\Program Files\Windows Defender
2017-04-13 19:07 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\setup
2017-04-13 19:07 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-04-13 19:07 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\Provisioning
2017-04-13 19:07 - 2016-07-16 10:29 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-12 22:35 - 2015-08-22 23:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-12 22:27 - 2015-08-27 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-04-12 22:27 - 2015-08-22 23:04 - 145733648 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-12 13:57 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-04-09 12:36 - 2015-08-22 20:57 - 00430248 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-04-06 16:36 - 2015-08-22 21:25 - 00002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-06 16:36 - 2015-08-22 21:25 - 00002198 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-01 20:52 - 2016-10-14 14:31 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-04-01 20:52 - 2016-10-14 14:31 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-02-15 01:11 - 2017-02-15 01:11 - 0000000 _____ () C:\Users\mikelsoft\AppData\Roaming\1c03d32c-a102-4688-8343-028b0b725a54.storage
2017-02-17 14:44 - 2017-02-17 14:44 - 0000000 _____ () C:\Users\mikelsoft\AppData\Roaming\744c8c86-fbb3-43ee-b2fb-910e33acb9a7.storage
2016-07-17 16:22 - 2016-07-17 20:20 - 0000069 _____ () C:\Users\mikelsoft\AppData\Roaming\advinator.ini
2016-01-30 21:22 - 2016-07-17 20:20 - 0012670 _____ () C:\Users\mikelsoft\AppData\Roaming\advo.tmp
2016-01-29 22:24 - 2016-01-10 11:52 - 0533504 _____ (cURL, hxxp://curl.haxx.se/) C:\Users\mikelsoft\AppData\Roaming\curlchk.exe
2016-07-20 11:45 - 2016-10-29 14:01 - 0002194 _____ () C:\Users\mikelsoft\AppData\Roaming\emm_times.ini
2016-02-02 20:57 - 2016-02-03 15:05 - 0001782 _____ () C:\Users\mikelsoft\AppData\Roaming\ftp.bmp
2016-02-02 20:58 - 2016-02-03 15:04 - 0001782 _____ () C:\Users\mikelsoft\AppData\Roaming\loc.bmp
2016-07-17 16:43 - 2016-07-17 16:43 - 0000069 _____ () C:\Users\mikelsoft\AppData\Roaming\observator.ini
2016-01-30 20:12 - 2016-01-30 19:23 - 0360448 _____ (Simon Tatham) C:\Users\mikelsoft\AppData\Roaming\psftp.exe
2016-02-02 20:29 - 2016-02-03 15:08 - 0001782 _____ () C:\Users\mikelsoft\AppData\Roaming\ssh.bmp
2016-05-11 07:57 - 2016-05-11 07:57 - 0001510 _____ () C:\Users\mikelsoft\AppData\Roaming\tiers3.dat
2015-08-22 21:18 - 2017-04-30 02:14 - 0000600 _____ () C:\Users\mikelsoft\AppData\Roaming\winscp.rnd
2015-08-23 23:30 - 2017-04-29 21:36 - 0000600 _____ () C:\Users\mikelsoft\AppData\Local\PUTTY.RND
2016-02-12 22:11 - 2016-02-12 22:11 - 0000218 _____ () C:\Users\mikelsoft\AppData\Local\recently-used.xbel
2015-08-22 19:40 - 2015-08-22 19:42 - 0013972 _____ () C:\Users\mikelsoft\AppData\Local\WiDiSetupLog.20150822.194042.wdl
2017-02-14 13:46 - 2017-02-14 13:46 - 0000000 _____ () C:\Users\mikelsoft\AppData\Local\zenmap.exe.log
2016-08-19 18:05 - 2016-08-19 18:05 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
2014-09-24 00:42 - 2014-09-24 00:42 - 0013824 _____ () C:\Users\mikelsoft\AppData\Local\Temp\gkey.exe
2016-10-20 19:26 - 2016-10-20 19:26 - 2458672 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\mikelsoft\AppData\Local\Temp\libeay32.dll
2016-10-20 19:26 - 2016-10-20 19:26 - 0970912 _____ (Microsoft Corporation) C:\Users\mikelsoft\AppData\Local\Temp\msvcr120.dll
2015-03-02 14:25 - 2015-03-02 14:25 - 0027648 _____ () C:\Users\mikelsoft\AppData\Local\Temp\pkeyui.exe
2016-10-20 19:26 - 2016-10-20 19:26 - 0772672 _____ () C:\Users\mikelsoft\AppData\Local\Temp\sqlite3.dll
2015-03-01 19:09 - 2017-04-20 13:20 - 0048848 _____ () C:\Users\mikelsoft\AppData\Local\Temp\wabk.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


nointegritychecks: ==> "IntegrityChecks" ist deaktiviert. <===== ACHTUNG

LastRegBack: 2017-04-22 18:45

==================== Ende vom FRST.txt ============================
         
Mirai Bot basiert auf Linux und da ich viele Internet der Dinge hier habe
wie Kameras und anderes die speziell diesen Attacken ausgesetzt sind dachte ich mir wäre
das schon relevant.
Kameras habe ich auf jedenfall erst mal auf Werksreset rückgestellt und komplett
gesperrt. Außerdem logge ich meinen Netzwerktraffic nach draußen dazu habe ich
einige AP angelegt wo ich die verdächtigen Objekte über diesen AP laufen lasse um so den Traffic mitzuschneiden.
Mir ist nur nicht klar wie man das wieder losbekommt.Angeblich durch Neustart da nur im Arbeitsspeicher??
Jedenfalls deutet einiges dahin das ich den mir wirklich eingefangen habe
wie WLAN Störungen sehr langsam teilweise.

Ines

Alt 30.04.2017, 12:20   #13
inesa394
 
Mirai botnet Brief vom Telekom Sicherheitswarnung - Standard

Mirai botnet Brief vom Telekom Sicherheitswarnung



Laptop AdditionFRST Additions Logfile:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 27-04-2017
durchgeführt von mikelsoft (30-04-2017 12:05:23)
Gestartet von C:\Users\mikelsoft\Desktop
Microsoft Windows 10 Home Version 1607 (X86) (2016-08-19 16:34:26)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2548902348-863574374-2724880110-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2548902348-863574374-2724880110-503 - Limited - Disabled)
Gast (S-1-5-21-2548902348-863574374-2724880110-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2548902348-863574374-2724880110-1006 - Limited - Enabled)
inesa (S-1-5-21-2548902348-863574374-2724880110-1003 - Limited - Enabled)
mikelsoft (S-1-5-21-2548902348-863574374-2724880110-1000 - Administrator - Enabled) => C:\Users\mikelsoft
Sonos (S-1-5-21-2548902348-863574374-2724880110-1004 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

. . . (Version: 2.7.2.4 - Intel) Hidden
7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\{E38C529D-DD73-4002-8489-E09CEBD9BF32}) (Version: 12.2.0.162 - Adobe Systems, Inc)
AIMP (HKLM\...\AIMP) (Version: v4.10.1827, 08.08.2016 - AIMP DevTeam)
Air Monitor 2.44.0 (HKLM\...\REHAU Air Monitor_is1) (Version:  - )
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.4.0 - Sereby Corporation)
Amazon Music (HKU\S-1-5-21-2548902348-863574374-2724880110-1000\...\Amazon Amazon Music) (Version: 5.3.5.1704 - Amazon Services LLC)
Android SDK Tools (HKLM\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Arduino (HKLM\...\Arduino) (Version: 1.6.10 - Arduino LLC)
AVR Burn-O-Mat 2.1.2 (HKLM\...\{B9F41D01-DB28-4595-B93C-2732A54CBEA2}_is1) (Version:  - Torsten Brischalle)
BidCoS Service (HKLM\...\BidCoS Service) (Version: 1.520.0 - eQ-3 Entwicklung GmbH)
BidCoS Service (Version: 1.520.0 - eQ-3 Entwicklung GmbH) Hidden
calibre (HKLM\...\{C94D271E-A338-48CD-A4F6-F031E928BC1F}) (Version: 2.80.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
CrystalDiskInfo 7.0.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.0.0 - Crystal Dew World)
Cura 15.04.6 (HKLM\...\Cura_15.04.6) (Version:  - )
Cura 2.4 (HKLM\...\Cura 2.4) (Version: 2.4.0-BETA - Ultimaker)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
Dropbox (HKLM\...\Dropbox) (Version: 24.4.17 - Dropbox, Inc.)
Dropbox Update Helper (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
DVBViewer Pro (HKLM\...\DVBViewer Pro_is1) (Version: 5.6.4 - CM&V)
EmEditor (32-bit) (HKLM\...\{CA360FEE-642A-4BDE-8C17-10950C90FF7E}) (Version: 16.1.1 - Emurasoft, Inc.)
Eye4 1.3.0.87 (HKLM\...\{DE24BB52-3A46-4ED1-8E57-41E724F6BC74}_is1) (Version:  - Shenzhen VStarcam Technology Co., Ltd)
FileZilla Client 3.19.0 (HKLM\...\FileZilla Client) (Version: 3.19.0 - Tim Kosse)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.3.6.321 - Foxit Software Inc.)
FreeCAD 0.16 - A free open source CAD system (HKLM\...\FreeCAD 0.16) (Version: 0.16.6700 - Juergen Riegel)
FreeFileSync 7.8 (HKLM\...\FreeFileSync) (Version: 7.8 - www.FreeFileSync.org)
Gapminder World 0.0.7 (x86 en-US) (HKLM\...\Gapminder World 0.0.7 (x86 en-US)) (Version: 0.0.7 - Gapminder Foundation)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Drive (HKLM\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.33.5 - Google Inc.) Hidden
gpedt.msc 1.0 (HKLM\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version:  - Richard)
Greenshot 1.2.9.129 (HKLM\...\Greenshot_is1) (Version: 1.2.9.129 - Greenshot)
HiSuite (HKLM\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HM-1X_Aid_v01 (HKU\S-1-5-21-2548902348-863574374-2724880110-1000\...\eb209edbb3db51c1) (Version: 1.0.0.1 - HM-1X_Aid_v01)
HomeMatic Config (HKLM\...\HomeMatic Config) (Version: 1.520.0 - eQ-3 Entwicklung GmbH)
HomeMatic Config (Version: 1.520.0 - eQ-3 Entwicklung GmbH) Hidden
HomeMatic Firmware Update Tool (HKLM\...\HomeMatic Firmware Update Tool) (Version: 1.2 - eQ-3 Entwicklung GmbH)
HomeMatic Firmware Update Tool (Version: 1.2 - eQ-3 Entwicklung GmbH) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel® Driver Update Utility (HKLM\...\{954190cd-c66c-4650-bd15-f3dd85f2ae15}) (Version: 2.7.2.4 - Intel)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Kodi (HKU\S-1-5-21-2548902348-863574374-2724880110-1000\...\Kodi) (Version:  - XBMC-Foundation)
Lenovo EasyCamera (HKLM\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10269 - Realtek Semiconductor Corp.)
Lenovo System Interface Foundation (HKLM\...\{884BAF97-AC8D-463E-846A-47DD41866A19}) (Version: 1.0.044.00 - Lenovo)
Lenovo System Update (HKLM\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0032 - Lenovo)
LG Mobile Driver (HKLM\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.1.1 - LG Electronics)
LG PC Suite (HKLM\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics)
LibreOffice 5.3.2.2 (HKLM\...\{8DA98699-6AD4-49CF-A9A0-B5E7B7981BE6}) (Version: 5.3.2.2 - The Document Foundation)
Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.8.6.8 - Hermann Schinagl)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
moDiag 2.8.602 (HKLM\...\moDiag_is1) (Version: 2.8.602 - Matthias Tieben)
Mozilla Firefox 51.0 (x86 de) (HKLM\...\Mozilla Firefox 51.0 (x86 de)) (Version: 51.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 51.0 - Mozilla)
MPC-HC 1.7.9 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.9 - MPC-HC Team)
MyHarmony (HKU\S-1-5-21-2548902348-863574374-2724880110-1000\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
Nmap 7.40 (HKLM\...\Nmap) (Version: 7.40 - )
No-IP DUC (HKLM\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC)
Notepad++ (32-bit x86) (HKLM\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
Npcap 0.78 r5 (HKLM\...\NpcapInst) (Version: 0.78 r5 - Nmap Project)
OpenVPN 2.3.12-I602  (HKLM\...\OpenVPN) (Version: 2.3.12-I602 - )
Oracle VM VirtualBox 5.0.26 (HKLM\...\{7A5DA8D4-D4C7-4E60-A4F6-053B7B745901}) (Version: 5.0.26 - Oracle Corporation)
PuTTY release 0.68 (HKLM\...\{55717628-7AE6-4BCF-A046-FA2768945E76}) (Version: 0.68.0.0 - Simon Tatham)
Python 2.7.12 (HKLM\...\{9DA28CE5-0AA5-429E-86D8-686ED898C665}) (Version: 2.7.12150 - Python Software Foundation)
Qualcomm Atheros Bluetooth Suite (HKLM\...\{A76CC483-4AAB-4DDF-9920-ADBEA8CCDBA2}) (Version: 10.0.1.1 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realterm 2.0.0.70_SignedWrapper (HKLM\...\Realterm) (Version: 2.0.0.70_SignedWrapper - Broadcast Equipment)
Repetier-Host GEEEtech Version 0.90D (HKLM\...\{97593A53-AD51-459B-AA1A-F9ADC826A177}_is1) (Version: 0.90D - )
Repetier-Host Version 1.6.2 (HKLM\...\{1143F758-929B-4EEB-8784-46CCB622F037}_is1) (Version: 1.6.2 - repetier)
Repetier-Server (HKLM\...\Repetier-Server) (Version: 0.80.2 - Hot-World GmbH & Co. KG)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
ScanMaster-ELM 2.1.104.771 (HKLM\...\ScanMaster-ELM_is1) (Version: 2.1.104.771 - WGSoft.de)
ScanMaster-ELM 4.0.0.2065 DEMO (HKLM\...\{76E1EA66-989B-475A-92AF-F950B49E711E}_is1) (Version: 4.0.0.2065 - WGSoft.de)
Shark007 ADVANCED Codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 5.3.5 - Shark007)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.30 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.103 - Skype Technologies S.A.)
Sonos Controller (HKLM\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 35.3.39010 - Sonos, Inc.)
Strawberry Perl (HKLM\...\{A9F555F9-7368-1014-A275-8A8131843670}) (Version: 5.24.1 - strawberryperl.com project)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.13.0 - Synaptics Incorporated)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamViewer 12 (HKLM\...\TeamViewer) (Version: 12.0.75813 - TeamViewer)
TeraCopy 3.0 alfa 3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
TP-LINK PLC Utility (HKLM\...\{B0E80E49-FBC8-4A5B-B04C-222CBD95B2F6}) (Version: 2.1.2309 - TP-LINK)
Universal Adb Driver (HKLM\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
USBPcap 1.1.0.0-g794bf26 (HKLM\...\USBPcap) (Version:  - )
VeraCrypt (HKLM\...\VeraCrypt) (Version: 1.19 - IDRIX)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.5 - VideoLAN)
WinAVR 20100110 (remove only) (HKLM\...\WinAVR-20100110) (Version: 20100110 - )
Windows 10-Upgrade-Assistent (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
Windows Driver Package - Arduino LLC (www.arduino.cc) Arduino USB Driver (01/04/2013 1.0.0.0) (HKLM\...\124CD00616895BFBEA8CB26599398B83F46A34C2) (Version: 01/04/2013 1.0.0.0 - Arduino LLC (www.arduino.cc))
Windows Driver Package - Arduino LLC (www.arduino.cc) Arduino USB Driver (01/04/2013 1.0.0.0) (HKLM\...\1E3EA5624DD04BEFECF3FFF6D3A21CCE9CD70A91) (Version: 01/04/2013 1.0.0.0 - Arduino LLC (www.arduino.cc))
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (12/06/2010 4.0.0000.00000) (HKLM\...\FE6F385A54D12F7C8459466625BE8A478BA59D47) (Version: 12/06/2010 4.0.0000.00000 - Google, Inc.)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows-Treiberpaket - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
Windows-Treiberpaket - Silicon Laboratories Inc. (silabser) Ports  (11/20/2015 6.7.2.200) (HKLM\...\F189C013BFD9D0C73BEC97AD2CFF0CF7CAD1E670) (Version: 11/20/2015 6.7.2.200 - Silicon Laboratories Inc.)
WinSCP 5.9.5 (HKLM\...\winscp3_is1) (Version: 5.9.5 - Martin Prikryl)
Wireshark 2.0.1 (32-bit) (HKLM\...\Wireshark) (Version: 2.0.1 - The Wireshark developer community, hxxps://www.wireshark.org)
XAMPP (HKLM\...\xampp) (Version: 7.1.1-0 - Bitnami)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2548902348-863574374-2724880110-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0377F02E-3498-4667-B82E-826A885113DE} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => %ProgramFiles%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe 
Task: {06237F7B-F668-4676-8E8C-E25B7436678A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe 
Task: {12C5C19E-0885-4EA7-909F-026A1548AF6D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {1867A585-2F52-4D38-8E86-F86EB32197D8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {1A5ED7B2-111C-47A5-A96B-DB25C69C9490} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-04-11] (Dropbox, Inc.)
Task: {1F902CFC-1124-4724-91DE-A353953457EB} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {292FCDD1-9D5C-49ED-B718-0FE8E678BA9C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {2B62041A-4FF0-4B3C-A1FA-C2672742675A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {32CBE677-2C37-4473-ADC1-1CB119634BAD} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {38E23F37-D469-4049-B105-1A8340E7DEDD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {4CE1A7EB-231B-4886-B425-7538255561D5} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {61525B3A-0D5C-42F4-8E8E-0DFFD1164FB8} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {655B0218-B3CC-4D9F-9EE4-D88810D8CAC2} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-12] (Adobe Systems Incorporated)
Task: {65BAC873-C05D-4DF9-BB29-88E302DA43D2} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe 
Task: {6FA20866-D02D-430A-946E-33C1890D2957} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo)
Task: {79FF03A4-0AE0-44EA-A244-905978B93F45} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {7A6D1F88-3A2C-45FC-B59B-D4FEF7544F2E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {7A804AA4-37B0-4C6E-80E2-85FE188711CF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {7B10773D-8702-467F-8AC8-D29BE949B8F2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {8089CE3A-8F1B-4838-B52A-432223D02DF8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-04-12] (Microsoft Corporation)
Task: {8257A8FF-3FB4-4199-AB0A-8ACD0248239F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe 
Task: {877EFC97-A0F2-4DA4-85D8-92EEA6FFEBB4} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe 
Task: {8DD50DFB-7505-4E45-83DF-52E6F58F1502} - System32\Tasks\{BF72A7F3-5D5F-467E-8689-F6DDECD9B042} => pcalua.exe -a "C:\Program Files\HHD Software\Free Serial Port Monitor\Device Monitor.exe" -d C:\WINDOWS\system32
Task: {8FEC6C1E-BEA9-47CD-800D-2E69E1484065} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {965B5063-C134-4D6D-8B7F-C5074EA8CC36} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe [2017-04-12] (Adobe Systems Incorporated)
Task: {97F98AD6-6CAA-4B7F-AA59-BCFCC30B667F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {A3B7F2EE-A44E-4D0D-9810-C6864D8F7F43} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-04-11] (Dropbox, Inc.)
Task: {AC2D2009-08D5-4CF6-AA65-4EAFCBF70D18} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe 
Task: {B3EFB582-2F42-43EB-83D5-5DF76200226E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {CA600D2D-67EE-4155-9EB3-6FCCCD8D62BD} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {E5142F3B-8817-4014-9629-1FB94A04A2A5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {E6191B27-A255-4DFD-AD90-8477DE4B1DF4} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {E8A89E63-9557-48F1-845A-1A36659B9F18} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {EF0FBDAC-78B6-4C1C-80D4-C615A272681B} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {F41A1E5F-5B26-44D6-9593-8AA87BCBEC66} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files\Lenovo\System Update\tvsuShim.exe [2016-07-07] ()
Task: {F6CE5A4B-88C1-4CDD-BC3D-73FD36CC782A} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files\Lenovo\System Update\tvsuShim.exe [2016-07-07] ()
Task: {FC61C30F-702E-407E-A5C6-FF9D4A9C968A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {FEBC1984-C596-4261-B534-58EB147BE31A} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => sc control iMControllerService 128

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Link Shell Extension\Donate.lnk -> hxxp://schinagl.priv.at/nt/hardlinkshellext/linkshellextension.htm

ShortcutWithArgument: C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Advanced REST client.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hgmloofddffdnphfgcellkdfbfbjeloo
ShortcutWithArgument: C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Codebender App.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=magknjdfniglanojbpadmpjlglepnlko

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 10:25 - 2016-07-16 10:25 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-12 22:06 - 2017-03-28 08:15 - 02048496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-23 00:02 - 2015-08-23 00:02 - 00216992 _____ () C:\Windows\System32\iMDriverHelper.dll
2016-09-20 11:37 - 2017-03-17 15:49 - 00019184 _____ () C:\WINDOWS\system32\spool\PRTPROCS\W32X86\TeamViewer_PrintProcessor.dll
2015-08-13 21:24 - 2015-08-13 21:24 - 00033696 _____ () C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
2015-12-07 17:29 - 2015-12-07 17:29 - 00598016 _____ () C:\Program Files\BidCoS Service\rfd.exe
2015-12-07 17:18 - 2015-12-07 17:18 - 00137216 _____ () C:\Program Files\BidCoS Service\xmlrpc.dll
2015-12-07 17:24 - 2015-12-07 17:24 - 00245248 _____ () C:\Program Files\BidCoS Service\libhsscomm.dll
2015-12-07 17:23 - 2015-12-07 17:23 - 00093184 _____ () C:\Program Files\BidCoS Service\elvutils.dll
2015-12-07 17:18 - 2015-12-07 17:18 - 00028160 _____ () C:\Program Files\BidCoS Service\xmlparser.dll
2015-12-07 17:18 - 2015-12-07 17:18 - 00027648 _____ () C:\Program Files\BidCoS Service\pthread.dll
2016-11-27 17:53 - 2016-11-27 17:53 - 05940584 _____ () C:\Program Files\Repetier-Server\bin\RepetierServer.exe
2016-11-25 08:16 - 2016-11-25 08:16 - 00155848 _____ () C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe
2017-04-12 22:06 - 2017-03-28 08:15 - 02048496 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2015-08-23 09:19 - 2015-04-21 21:55 - 02308608 _____ () C:\Program Files\TeraCopy\TeraCopyExt.dll
2004-09-30 19:09 - 2004-09-30 19:09 - 00155648 _____ () C:\Program Files\LinkShellExtension\RockallDLL.dll
2017-02-13 00:31 - 2017-02-13 00:31 - 00267952 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2016-08-19 20:38 - 2016-08-19 20:38 - 00679624 _____ () C:\Users\mikelsoft\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\ClientTelemetry.dll
2016-06-27 17:25 - 2016-06-27 17:25 - 00048816 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2016-07-16 10:25 - 2016-07-16 10:25 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 23:59 - 2017-03-04 08:24 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 23:58 - 2017-03-04 08:04 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 23:58 - 2017-03-04 07:58 - 01150464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-22 12:46 - 2016-08-06 05:21 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-12 22:06 - 2017-03-28 07:10 - 01724928 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-12 22:06 - 2017-03-28 07:11 - 03158016 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-04-27 06:10 - 2017-04-26 19:59 - 00870720 _____ () C:\Program Files\Dropbox\Client\dropbox_watchdog.dll
2017-04-27 06:10 - 2017-03-29 01:54 - 00035792 _____ () C:\Program Files\Dropbox\Client\_multiprocessing.pyd
2017-04-27 06:10 - 2017-03-29 01:54 - 00100296 _____ () C:\Program Files\Dropbox\Client\_ctypes.pyd
2017-04-27 06:10 - 2017-03-29 01:54 - 00018888 _____ () C:\Program Files\Dropbox\Client\select.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00019776 _____ () C:\Program Files\Dropbox\Client\tornado.speedups.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00020824 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-04-27 06:10 - 2017-03-29 01:54 - 00123856 _____ () C:\Program Files\Dropbox\Client\_cffi_backend.pyd
2017-04-27 06:10 - 2017-03-29 01:54 - 00694224 _____ () C:\Program Files\Dropbox\Client\unicodedata.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 01729360 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00020816 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-04-27 06:10 - 2017-03-29 01:54 - 00145864 _____ () C:\Program Files\Dropbox\Client\pyexpat.pyd
2017-04-27 06:10 - 2017-03-29 01:54 - 00019408 _____ () C:\Program Files\Dropbox\Client\faulthandler.pyd
2017-04-27 06:10 - 2017-03-29 01:54 - 00116688 _____ () C:\Program Files\Dropbox\Client\pywintypes27.dll
2017-04-27 06:10 - 2017-03-29 01:56 - 00105928 _____ () C:\Program Files\Dropbox\Client\win32api.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00022864 _____ () C:\Program Files\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00060736 _____ () C:\Program Files\Dropbox\Client\psutil._psutil_windows.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00038712 _____ () C:\Program Files\Dropbox\Client\fastpath.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00024528 _____ () C:\Program Files\Dropbox\Client\win32event.pyd
2017-04-27 06:10 - 2017-03-29 01:54 - 00392656 _____ () C:\Program Files\Dropbox\Client\pythoncom27.dll
2017-04-27 06:10 - 2017-03-29 01:56 - 00020936 _____ () C:\Program Files\Dropbox\Client\mmapfile.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00116176 _____ () C:\Program Files\Dropbox\Client\win32security.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00392512 _____ () C:\Program Files\Dropbox\Client\win32com.shell.shell.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00124880 _____ () C:\Program Files\Dropbox\Client\win32file.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00026456 _____ () C:\Program Files\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00024016 _____ () C:\Program Files\Dropbox\Client\win32clipboard.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00175560 _____ () C:\Program Files\Dropbox\Client\win32gui.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00030160 _____ () C:\Program Files\Dropbox\Client\win32pipe.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00043472 _____ () C:\Program Files\Dropbox\Client\win32process.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00048592 _____ () C:\Program Files\Dropbox\Client\win32service.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00057808 _____ () C:\Program Files\Dropbox\Client\win32evtlog.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00024016 _____ () C:\Program Files\Dropbox\Client\win32profile.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00246608 _____ () C:\Program Files\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00027488 _____ () C:\Program Files\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-04-27 06:10 - 2017-03-29 01:55 - 00241104 _____ () C:\Program Files\Dropbox\Client\_jpegtran.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00022336 _____ () C:\Program Files\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00025432 _____ () C:\Program Files\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00028616 _____ () C:\Program Files\Dropbox\Client\win32ts.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 01826104 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtCore.pyd
2017-04-27 06:10 - 2017-03-29 01:54 - 00083912 _____ () C:\Program Files\Dropbox\Client\sip.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 01972024 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtGui.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 03928896 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00171336 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00042816 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00531264 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00133432 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00224064 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00207680 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00060880 _____ () C:\Program Files\Dropbox\Client\win32print.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00054608 _____ () C:\Program Files\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00022864 _____ () C:\Program Files\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00069968 _____ () C:\Program Files\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00022872 _____ () C:\Program Files\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00021848 _____ () C:\Program Files\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00022872 _____ () C:\Program Files\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-04-27 06:10 - 2017-03-29 01:56 - 00349128 _____ () C:\Program Files\Dropbox\Client\winxpgui.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00103232 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00023896 _____ () C:\Program Files\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00025936 _____ () C:\Program Files\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-04-27 06:10 - 2017-03-29 01:52 - 00036296 _____ () C:\Program Files\Dropbox\Client\librsync.dll
2017-04-27 06:10 - 2017-04-26 20:02 - 00033112 _____ () C:\Program Files\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-04-27 06:10 - 2017-03-22 19:47 - 00293392 _____ () C:\Program Files\Dropbox\Client\EnterpriseDataAdapter.dll
2017-04-27 06:10 - 2017-04-26 20:02 - 00084288 _____ () C:\Program Files\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-04-27 06:10 - 2017-04-26 20:02 - 00030536 _____ () C:\Program Files\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-04-27 06:10 - 2017-03-29 02:00 - 00017864 _____ () C:\Program Files\Dropbox\Client\libEGL.dll
2017-04-27 06:10 - 2017-03-29 02:00 - 01631184 _____ () C:\Program Files\Dropbox\Client\libGLESv2.dll
2017-04-27 06:10 - 2017-04-26 20:02 - 00357688 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQml.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00026456 _____ () C:\Program Files\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-04-27 06:10 - 2017-04-26 20:02 - 00546104 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQuick.pyd
2016-06-29 05:13 - 2016-06-29 05:13 - 01708072 _____ () C:\Program Files\EmEditor\emedres.dll
2016-06-29 19:24 - 2016-06-29 19:24 - 00444456 _____ () C:\Program Files\EmEditor\mui\1031\emedloc.dll
2017-04-06 16:36 - 2017-03-29 04:04 - 02187096 _____ () C:\Program Files\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-04-06 16:36 - 2017-03-29 04:04 - 00086360 _____ () C:\Program Files\Google\Chrome\Application\57.0.2987.133\libegl.dll
2015-07-20 17:34 - 2015-07-20 17:34 - 00012288 _____ () C:\Program Files\No-IP\ducservice.exe
2015-07-20 17:34 - 2015-07-20 17:34 - 00073728 _____ () C:\Program Files\No-IP\ducapi.dll
2015-08-13 21:24 - 2015-08-13 21:24 - 00033696 _____ () C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
2016-07-28 11:13 - 2016-07-20 23:41 - 00161736 _____ () C:\ProgramData\Lenovo\iMController\Plugins\LenovoAudioPlugin\x86\QualityStatsRevInterop.dll
2017-04-26 11:00 - 2017-04-26 11:01 - 00067584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x86__kzf8qxf38zg5c\SkypeHost.exe
2017-04-26 11:00 - 2017-04-26 11:01 - 00162304 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-26 11:00 - 2017-04-26 11:01 - 30891008 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x86__kzf8qxf38zg5c\SkyWrap.dll
2017-04-26 11:00 - 2017-04-26 11:01 - 01737216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x86__kzf8qxf38zg5c\skypert.dll
2016-07-07 15:21 - 2016-07-07 15:21 - 00025472 _____ () C:\Program Files\Lenovo\System Update\TvsuCommandLauncher.exe
2016-07-07 15:21 - 2016-07-07 15:21 - 00031104 _____ () C:\Program Files\Lenovo\System Update\UNCServer.exe

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:C68DE4A3 [215]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2548902348-863574374-2724880110-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4B7C5D91-CE31-4EB0-926A-060DC43C463D}] => (Block) C:\program files\arduino\java\bin\javaw.exe
FirewallRules: [{25A90115-178A-42BD-9D22-0A0EF91F31FD}] => (Block) C:\program files\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{2A6FABB8-A310-4FF9-9908-A693DD97B8D9}C:\program files\arduino\java\bin\javaw.exe] => (Allow) C:\program files\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{49CA917D-535A-4DB9-A42B-2FBB2FC1C498}C:\program files\arduino\java\bin\javaw.exe] => (Allow) C:\program files\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{C8015BE9-D2C5-49D8-B8A8-856F3D195F31}C:\my download\hootoo\ipcsearch-windows pc search software\ipcsearch.exe] => (Allow) C:\my download\hootoo\ipcsearch-windows pc search software\ipcsearch.exe
FirewallRules: [TCP Query User{284C2AC7-1527-4A07-9B75-F1C3F9335198}C:\my download\hootoo\ipcsearch-windows pc search software\ipcsearch.exe] => (Allow) C:\my download\hootoo\ipcsearch-windows pc search software\ipcsearch.exe
FirewallRules: [{FC2E5481-2F87-4313-8D7F-0084B1D31A57}] => (Block) %ProgramFiles%\EmEditor\EmEditor.exe
FirewallRules: [{9B90E0E6-572F-4E00-A241-E3D52CC69F26}] => (Block) %ProgramFiles%\EmEditor\EEAdmin.exe
FirewallRules: [{CD9DF409-1068-433B-952A-3C7BAA4B2DA2}] => (Allow) C:\Program Files\DVBViewer\DVBViewer.exe
FirewallRules: [UDP Query User{B2316DE8-3664-4F1E-9AC0-62F0B4C6EF4F}C:\program files\homematic firmware update tool\lanif_config_gui.exe] => (Allow) C:\program files\homematic firmware update tool\lanif_config_gui.exe
FirewallRules: [TCP Query User{9A5F8E85-2F4F-4EAA-909F-743117458428}C:\program files\homematic firmware update tool\lanif_config_gui.exe] => (Allow) C:\program files\homematic firmware update tool\lanif_config_gui.exe
FirewallRules: [UDP Query User{C3D68551-8DDA-48BC-B6CE-6A21B10257C9}C:\program files\sonos\sonos.exe] => (Allow) C:\program files\sonos\sonos.exe
FirewallRules: [TCP Query User{527B5744-D6CA-4FBE-81EF-F3A334E3DEA5}C:\program files\sonos\sonos.exe] => (Allow) C:\program files\sonos\sonos.exe
FirewallRules: [UDP Query User{4BA570F0-50E4-4B14-A687-EEDAD39F95EE}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{11389AF6-F482-4371-AC91-C79B321FB8DE}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{7432CD3A-381D-489C-A1FA-39A6EE46F731}C:\program files\bidcos service\rfd.exe] => (Allow) C:\program files\bidcos service\rfd.exe
FirewallRules: [TCP Query User{34563280-4E8A-4B48-9423-8FD1C6074CA1}C:\program files\bidcos service\rfd.exe] => (Allow) C:\program files\bidcos service\rfd.exe
FirewallRules: [UDP Query User{D3F5C7C4-38AA-4090-A4D0-6EBF2E4C78F2}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe
FirewallRules: [TCP Query User{F2143A7F-E505-4EBD-9735-21D4075CA9B8}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe
FirewallRules: [UDP Query User{BF88E184-94A6-4CFD-91DA-1C8226BD4ED8}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{86F7E1CF-84AA-47CC-85FE-E3A081E30FE8}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{22DF8DF2-C1B3-4C58-A079-8DD182734669}C:\my download\app-pnp-upgrade.exe] => (Allow) C:\my download\app-pnp-upgrade.exe
FirewallRules: [TCP Query User{BBB86216-A5B8-4BCE-929B-BE687F9D5F39}C:\my download\app-pnp-upgrade.exe] => (Allow) C:\my download\app-pnp-upgrade.exe
FirewallRules: [UDP Query User{C6EEC503-8351-49E9-A34C-ACD198A7DA92}C:\program files\eye cloud\superipcam.exe] => (Allow) C:\program files\eye cloud\superipcam.exe
FirewallRules: [TCP Query User{7A28E7F7-7115-4E2F-B08D-BCDD2AA9D227}C:\program files\eye cloud\superipcam.exe] => (Allow) C:\program files\eye cloud\superipcam.exe
FirewallRules: [UDP Query User{DBD5AF06-115F-4C2C-BCA3-0105DF7D583F}C:\program files\bel\realterm\realterm.exe] => (Allow) C:\program files\bel\realterm\realterm.exe
FirewallRules: [TCP Query User{70A6EE6E-7445-4B34-B9E2-45C8C831F0CA}C:\program files\bel\realterm\realterm.exe] => (Allow) C:\program files\bel\realterm\realterm.exe
FirewallRules: [UDP Query User{3AD8B6FF-98B6-4D4D-B5C4-565B92DAB07B}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{97FDDA5D-7EAF-4150-AF15-DA01332D85F5}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{7E92F895-7B5F-4063-A05B-44E98C7DD891}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{3464B5E6-A77A-4C47-ABAF-CCDFF6F0DB74}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{E489BD1F-416B-47D5-BDF8-B1A06BCDB805}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{BE23353D-689D-478C-9601-1300CC4A2ED5}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{5D3C9633-A847-4848-A312-C4BD4ACC0921}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2FCE2165-AB9D-4247-A3DD-09D977242B31}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6C7E1546-64E3-4A59-A0CD-01B57382E25E}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{48DF1B7F-E338-497D-8565-050EDF39EAB6}] => (Allow) C:\Program Files\DVBViewer\dvbviewer.exe
FirewallRules: [{C1E29778-E45A-47E2-B73C-8F0618B4CD70}] => (Allow) C:\Program Files\DVBViewer\dvbviewer.exe
FirewallRules: [{A00C6113-EEFB-48B4-B87E-4DCB60B9144D}] => (Allow) %ProgramFiles%\DVBViewer\dvbviewer.exe
FirewallRules: [{9AC755CD-4FB2-45DF-9D7B-1996178A35F3}] => (Allow) LPort=8089
FirewallRules: [{C49BEC67-BD54-4EED-BA37-DA2CFA3F2CEE}] => (Allow) LPort=8089
FirewallRules: [TCP Query User{D7631753-F20B-46A6-B0BD-E4460041DD6B}C:\program files\sonos\sonos.exe] => (Allow) C:\program files\sonos\sonos.exe
FirewallRules: [UDP Query User{81A88F54-D151-4F5B-9FF9-D3ED40C3909C}C:\program files\sonos\sonos.exe] => (Allow) C:\program files\sonos\sonos.exe
FirewallRules: [TCP Query User{5D4370F8-6274-4626-AF2D-7570A221F64C}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{91E5357A-885C-4AEE-B75B-FD0896486D4D}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [{6C290331-8F4C-4CC3-BD86-7920A26F2961}] => (Allow) C:\Program Files\BidCoS Service\lanif_config.exe
FirewallRules: [{7BEC1A79-2440-4861-A94D-F252F0252BD6}] => (Allow) C:\Program Files\BidCoS Service\lanif_config_gui.exe
FirewallRules: [{BEEBEA70-7806-445C-A5CD-9C6D26778A73}] => (Allow) C:\Program Files\BidCoS Service\lanif_config.exe
FirewallRules: [{484BEEE0-9D5D-4526-977C-AA1B43A7DB67}] => (Allow) C:\Program Files\BidCoS Service\lanif_config_gui.exe
FirewallRules: [{3491F92F-170C-4FFA-BFC5-B3E339092A09}] => (Allow) C:\Program Files\HomeMatic Config\lanif_config_gui.exe
FirewallRules: [{C80F8CE1-F224-48BD-85E8-5437939E4832}] => (Allow) C:\Program Files\HomeMatic Config\rfd.exe
FirewallRules: [{B7D86E20-870E-41C4-9D60-CD289C908DAC}] => (Allow) C:\Program Files\HomeMatic Config\hm_config.exe
FirewallRules: [{23FFC881-F2EB-4716-86E7-E8D63095B30A}] => (Allow) C:\Program Files\HomeMatic Config\tclsh85t.exe
FirewallRules: [{47D3F39F-4E22-4B6C-90C3-56088C52D346}] => (Allow) C:\Program Files\HomeMatic Config\hm_config.exe
FirewallRules: [{5D16CDCC-818F-4235-8473-CA91A11529B4}] => (Allow) C:\Program Files\HomeMatic Config\lanif_config_gui.exe
FirewallRules: [{9E61B4B2-6726-44A8-A69C-04AC4060F667}] => (Allow) C:\Program Files\HomeMatic Config\tclsh85t.exe
FirewallRules: [{BA1997AA-ABFE-44D5-98C9-5655EC302D81}] => (Allow) C:\Program Files\HomeMatic Config\rfd.exe
FirewallRules: [{98EF2316-D886-489C-8F79-A9050631DDCD}] => (Allow) C:\Program Files\Lenovo\System Update\uncserver.exe
FirewallRules: [{BD181A1E-187B-47F4-A0CB-E2BB79EF9612}] => (Allow) C:\Program Files\Lenovo\System Update\uncserver.exe
FirewallRules: [TCP Query User{B3737FE3-9F57-4002-90EF-0F34C010CC8B}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files\tp-link\tp-link plc utility\tpplc.exe
FirewallRules: [UDP Query User{227C35E3-7729-4B34-99F7-CBC2136DA7AA}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files\tp-link\tp-link plc utility\tpplc.exe
FirewallRules: [TCP Query User{B59FF07D-215B-4058-9A0B-7F1AA137B83C}C:\program files\cura 2.3\cura.exe] => (Allow) C:\program files\cura 2.3\cura.exe
FirewallRules: [UDP Query User{2F3E32C9-8DEF-42CE-BA6F-DE94D0A35CEB}C:\program files\cura 2.3\cura.exe] => (Allow) C:\program files\cura 2.3\cura.exe
FirewallRules: [{039F2A76-2AE9-4C68-85E4-4693439DA6C5}] => (Allow) C:\Program Files\Repetier-Server\bin\RepetierServer.exe
FirewallRules: [{2CD590FD-E08E-4165-B751-435C4015F475}] => (Allow) C:\Program Files\Repetier-Server\bin\RepetierServer.exe
FirewallRules: [{BE1B4D9E-A2F1-4456-BAC3-F153CAB77DE0}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{D4FA499F-E783-4762-9136-84EFB862B3FC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{098502C5-C944-4D76-9216-2D3E7698FA94}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{79C78CB2-77CA-40B8-B946-C0B9D1358021}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{C32D134F-D4D0-4593-A3D9-E364C28B1E8B}C:\users\mikelsoft\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\mikelsoft\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [UDP Query User{4AADD78B-1BC2-463D-AF9E-D140BEDAB835}C:\users\mikelsoft\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\mikelsoft\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [{0393C0A7-1AA4-4072-90D0-95F41FEA6098}] => (Block) C:\users\mikelsoft\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [{10BEDF9D-EFD5-4251-941E-71EA87312A47}] => (Block) C:\users\mikelsoft\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [{839AA6C4-5853-4EA5-9700-34119B2AC9DC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{C782AA57-5485-497D-B983-EEFEC5227F10}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{5E5B0DAE-F45D-40BB-A15C-7585E8D3206F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{574A02A5-B3B4-4E5A-9851-D9DC4993AE19}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{77A2996D-4EB8-461C-8F17-FF703B2252DA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{CE11FF57-BC87-4E0F-94E7-93EAFD01BA9C}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{88D82540-0EBE-4552-818E-0A1EACA772DD}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{13C29023-23C3-4350-90E0-85871909C035}] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{CF9940F1-656F-4450-AFD4-AD65D1853FE7}] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{DB26DFD9-7672-4BB8-9C40-C21D555E2E2E}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe

==================== Wiederherstellungspunkte =========================

11-04-2017 21:19:00 Installed LibreOffice 5.3.2.2
21-04-2017 20:32:15 Geplanter Prüfpunkt
26-04-2017 11:37:11 Intel® Driver Update Utility
27-04-2017 16:52:42 Removed SourceTree
27-04-2017 17:23:34 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Npcap Loopback Adapter
Description: Microsoft Loopbackadapter für KM-TEST
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kmloop
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: High Definition Audio-Gerät
Description: High Definition Audio-Gerät
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HdAudAddService
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/30/2017 11:42:36 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\crystaldiskinfo\DiskInfo64.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/30/2017 11:41:46 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\freefilesync\bin\FreeFileSync_x64.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/30/2017 11:41:45 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\freefilesync\bin\RealtimeSync_x64.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/30/2017 11:41:14 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\arduino\drivers\dpinst-amd64.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/30/2017 11:39:44 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Cura 2.4\arduino\dpinst64.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/30/2017 11:38:29 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Cura_15.04.6\drivers\dpinst64.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/29/2017 11:59:03 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Fehler bei der Installation des Kaufnachweises. 0xC004E016
Teil-Pkey=6CKHM
ACID=?
Genauer Fehler[?]

Error: (04/29/2017 10:29:11 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\crystaldiskinfo\DiskInfo64.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/29/2017 10:28:15 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\freefilesync\bin\FreeFileSync_x64.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/29/2017 10:28:15 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\freefilesync\bin\RealtimeSync_x64.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


Systemfehler:
=============
Error: (04/30/2017 11:46:42 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FHEM",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{5F9C7367-C98F-4327-AF9C-709124AF5686}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (04/30/2017 11:34:35 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Übermittlungsoptimierung" wurde nicht richtig gestartet.

Error: (04/30/2017 11:30:45 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/30/2017 11:30:43 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/30/2017 11:30:43 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/30/2017 11:30:15 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎30.‎04.‎2017 um 02:14:18 unerwartet heruntergefahren.

Error: (04/30/2017 02:15:20 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Appinfo erreicht.

Error: (04/29/2017 09:09:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definitionsupdate für Windows Defender – KB2267602 (Definition 1.241.745.0)

Error: (04/29/2017 10:30:28 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
Unzulässige Funktion.

Error: (04/27/2017 07:21:17 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2017-02-22 19:16:56.233
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-22 19:16:56.227
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-22 19:16:56.207
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-20 16:13:46.443
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-20 16:13:46.439
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-20 16:13:46.395
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-18 21:39:54.294
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-18 21:39:54.290
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-18 21:39:54.225
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-17 15:57:59.106
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 8108.36 MB
Verfügbarer physikalischer RAM: 5036.41 MB
Summe virtueller Speicher: 16300.36 MB
Verfügbarer virtueller Speicher: 12468.83 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:464.34 GB) (Free:277.45 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=1000 MB) - (Type=0B)
Partition 2: (Not Active) - (Size=464.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Ende vom Addition.txt ============================
         
--- --- ---

Alt 30.04.2017, 13:06   #14
inesa394
 
Mirai botnet Brief vom Telekom Sicherheitswarnung - Standard

Mirai botnet Brief vom Telekom Sicherheitswarnung



Rechner 2 FRST
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 27-04-2017
durchgeführt von mikelsoft (Administrator) auf MIKELSOFT-PC (30-04-2017 13:01:41)
Gestartet von C:\Users\mikelsoft\Desktop
Geladene Profile: mikelsoft (Verfügbare Profile: mikelsoft & Acronis Agent User & fhem & DefaultAppPool)
Platform: Microsoft Windows 10 Home Version 1703 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_x86_772bc7bcc8c1c0c4\igfxCUIService.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acronis International GmbH) C:\Program Files\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
() C:\Program Files\BubbleUPnP Server\BubbleUPnPServer.exe
() C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
() C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(CM & V) C:\Program Files\DVBViewer\DVBVservice.exe
(FileZilla Project) C:\Program Files\FileZilla Server\FileZilla Server.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Acronis International GmbH) C:\Program Files\Common Files\Acronis\Infrastructure\mms_mini.exe
() C:\Program Files\No-IP\ducservice.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files\Raptr Inc\PlaysTV\plays_service.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x86__kzf8qxf38zg5c\SkypeHost.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(FileZilla Project) C:\Program Files\FileZilla Server\FileZilla Server Interface.exe
(Logitech Inc.) C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Acronis International GmbH) C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
() C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
() C:\Program Files\No-IP\DUC40.exe
(CM&V Hackbart) C:\Program Files\DVBViewer\DVBVCtrl.exe
() C:\Program Files\AutoHotkey\AutoHotkey.exe
(rejetto) G:\download\hfs285.exe
(Crystal Dew World) C:\systemtest\CrystalDiskInfo6_5_2\DiskInfo.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [485280 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [589104 2017-04-08] ()
HKLM\...\Run: [FileZilla Server Interface] => C:\Program Files\FileZilla Server\FileZilla Server Interface.exe [2770088 2017-02-08] (FileZilla Project)
HKLM\...\Run: [LWS] => C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM\...\Run: [PowerDVD16Agent] => C:\Program Files\CyberLink\PowerDVD16\PowerDVD16Agent.exe [516296 2016-03-14] (CyberLink Corp.)
HKLM\...\Run: [AcronisTibMounterMonitor] => C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425864 2017-02-14] (Acronis International GmbH)
HKLM\...\Run: [TrueImageMonitor.exe] => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [5110240 2017-04-08] ()
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [8156672 2017-03-30] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4360392 2016-02-26] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Raptr] => C:\Program Files\Raptr Inc\Raptr\raptrstub.exe [58584 2017-02-01] (Raptr, Inc)
HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\...\Run: [NoIPDUCv4] => C:\Program Files\No-IP\DUC40.exe [346624 2014-05-03] ()
HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\...\Run: [DVBV Service Ctrl] => C:\Program Files\DVBViewer\DVBVCtrl.exe [84120 2016-11-14] (CM&V Hackbart)
ShellIconOverlayIdentifiers: [     AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2017-03-02] ()
ShellIconOverlayIdentifiers: [     AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2017-03-02] ()
ShellIconOverlayIdentifiers: [     AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2017-03-02] ()
ShellIconOverlayIdentifiers: [     AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2017-03-02] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Deluge.lnk [2014-12-16]
ShortcutTarget: Deluge.lnk -> G:\Deluge\deluge.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GSB_Script_AllinOne.ahk [2014-12-27] ()
Startup: C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HFS.lnk [2015-01-01]
ShortcutTarget: HFS.lnk -> G:\download\hfs285.exe (rejetto)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 07 C:\Windows\system32\wlidnsp.dll [43008 2017-03-18] (Microsoft Corporation)
Winsock: Catalog5 08 C:\Windows\system32\wlidnsp.dll [43008 2017-03-18] (Microsoft Corporation)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{60df89d1-1065-4913-84d6-e1accae2cad5}: [NameServer] 192.168.178.1
Tcpip\..\Interfaces\{d007382c-8e5a-4211-a963-c95fb310769c}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2866739208-1381630699-1568876280-1001 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2866739208-1381630699-1568876280-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-20] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-20] (Oracle Corporation)
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab

Edge: 
======
Edge Session Restore: HKU\S-1-5-21-2866739208-1381630699-1568876280-1001 -> ist aktiviert.
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_1.11.0.0_neutral__c1wakc4j0nefm [2017-02-17]
Edge Extension: (Pin It Button) -> EdgeExtension_PinterestPinItButton_xnkra2w3aecd0 => C:\Program Files\WindowsApps\Pinterest.PinItButton_1.39.5.0_neutral__xnkra2w3aecd0 [2016-10-03]
Edge Extension: (Translator For Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.16.0_neutral__8wekyb3d8bbwe [2016-10-13]
Edge Extension: (Amazon Assistant) -> xxx_AmazoncomAmazonAssistant_343d40qqvtj1t => C:\Program Files\WindowsApps\Amazon.com.AmazonAssistant_10.1608.26.0_neutral__343d40qqvtj1t [2016-10-03]

FireFox:
========
FF ProfilePath: C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default [2017-04-30]
FF Homepage: Mozilla\Firefox\Profiles\sm15rvc6.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\sm15rvc6.default -> ist aktiviert.
FF Extension: (Forecastfox) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2016-05-10]
FF Extension: (Flagfox) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2017-04-19]
FF Extension: (PDF Download) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2016-04-27]
FF Extension: (Gmail Manager) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{582195F5-92E7-40a0-A127-DB71295901D7}.xpi [2016-05-10]
FF Extension: (Download Status Bar) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2016-09-27]
FF Extension: (NoScript) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-04-22]
FF Extension: (ImTranslator) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2017-01-07]
FF Extension: (WOT) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-10]
FF Extension: (Video DownloadHelper) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-12-30]
FF Extension: (Adblock Plus) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF Extension: (Download Statusbar) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2016-05-10]
FF Extension: (Tab Mix Plus) - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-01-15]
FF SearchPlugin: C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\searchplugins\suche.xml [2014-01-22]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-11] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 -> C:\Program Files\Winamp Detect\npwachk.dll [2013-08-22] (Nullsoft, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f056386a-ace8-4385-b788-b001646a9ec1&searchtype=hp&installDate=20/05/2013","hxxp://www.google.com/","hxxp://www.istartsurf.com/?type=hp&ts=1438291744&z=835a089035872680a155b5eg1zfcbb0odtdofe7oeq&from=smt&uid=CorsairXForceX3XSSD_11476502000008951204","hxxp://www.istartsurf.com/?type=hppp&ts=1438291805&z=396efe5531988c07fea5102g8z3c4bfo6t8o8e4beb&from=smt&uid=CorsairXForceX3XSSD_11476502000008951204","hxxp://www.google.com"
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default [2017-04-27]
CHR Extension: (Google*Übersetzer) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2016-03-17]
CHR Extension: (Google Präsentationen) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-06]
CHR Extension: (h264ify) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleakchihdccplidncghkekgioiakgal [2016-08-17]
CHR Extension: (Google Docs) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (Google Drive) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-17]
CHR Extension: (Wetter (Erweiterung)) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2017-03-19]
CHR Extension: (TV) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2015-01-23]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-03-31]
CHR Extension: (YouTube) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-17]
CHR Extension: (Adblock Plus) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-31]
CHR Extension: (Webseiten-Screenshot - Webpage Screenshot) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2015-01-23]
CHR Extension: (Adblock für Youtube™) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-04-23]
CHR Extension: (Google-Suche) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-17]
CHR Extension: (XJZ Survey Remover) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cphljojhgmnabimjemakjleocdheengh [2015-01-23]
CHR Extension: (Google Tabellen) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-06]
CHR Extension: (Uhr) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2015-01-23]
CHR Extension: (Google Docs Offline) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-25]
CHR Extension: (AdBlock) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-23]
CHR Extension: (In Google Drive speichern) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2015-01-23]
CHR Extension: (Google Play Music) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2016-08-17]
CHR Extension: (Chrome to Mobile) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2015-01-23]
CHR Extension: (Dropbox) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-08-02]
CHR Extension: (Yahoo Partner) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdmjodecdegfglgaapafjleomjjlpnh [2017-03-19]
CHR Extension: (Erweiterte Startseite) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhlflcpjmbmnhfehipheboagibdjgmog [2015-08-02]
CHR Extension: (Google Maps) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-03-17]
CHR Extension: (Codebender App) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\magknjdfniglanojbpadmpjlglepnlko [2016-08-17]
CHR Extension: (Google Mail-Checker) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-01-23]
CHR Extension: (Radio Receiver) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\miieomcelenidlleokajkghmifldohpo [2016-08-17]
CHR Extension: (Downloads) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi [2017-04-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-31]
CHR Extension: (Picasa) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2015-01-23]
CHR Extension: (Google Mail) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR Extension: (Chrome Media Router) - C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-23]
CHR HKLM\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AcronisActiveProtectionService; C:\Program Files\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [1492904 2017-03-24] (Acronis International GmbH)
S3 AcronisAgent; C:\Program Files\Common Files\Acronis\Agent\agent.exe [1914768 2010-11-30] (Acronis)
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [1060328 2017-04-08] ()
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [6086232 2017-04-19] ()
R2 BubbleUPnP Server; C:\Program Files\BubbleUPnP Server\BubbleUPnPServer.exe [420352 2014-07-24] () [Datei ist nicht signiert]
S4 chip1click; C:\Program Files\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
S3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh.inf_x86_772bc7bcc8c1c0c4\IntelCpHeciSvc.exe [284112 2016-08-27] (Intel Corporation)
S3 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh.inf_x86_772bc7bcc8c1c0c4\IntelCpHDCPSvc.exe [359888 2016-08-27] (Intel Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd)
S2 DMS; C:\Program Files\Acronis\DiskDirectorAdvanced\mms.exe [4638352 2010-11-30] (Acronis)
R2 DVBVRecorder; C:\Program Files\DVBViewer\DVBVservice.exe [867992 2016-11-14] (CM & V)
S3 Emby; C:\Users\mikelsoft\AppData\Roaming\Emby-Server\system\MediaBrowser.ServerApplication.exe [148448 2017-04-22] ()
R2 FileZilla Server; C:\Program Files\FileZilla Server\FileZilla Server.exe [859304 2017-02-08] (FileZilla Project)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh.inf_x86_772bc7bcc8c1c0c4\igfxCUIService.exe [261072 2016-08-27] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [737576 2016-07-26] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-20] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3303888 2017-01-20] (Malwarebytes)
R2 mmsminisrv; C:\Program Files\Common Files\Acronis\Infrastructure\mms_mini.exe [4795288 2017-02-13] (Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [2908352 2017-01-06] (Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files\Acronis\TrueImageHome\mobile_backup_status_server.exe [1617520 2017-04-08] ()
R2 NoIPDUCService4; C:\Program Files\No-IP\ducservice.exe [11776 2014-05-03] () [Datei ist nicht signiert]
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [33080 2015-08-04] (The OpenVPN Project)
R2 PlaysService; C:\Program Files\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-02-16] (Copyright (c) 2017 Plays.tv, LLC)
S3 rpcapd; C:\Program Files\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 syncagentsrv; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7014728 2017-03-07] ()
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [7757040 2017-04-06] (TeamViewer GmbH)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [55808 2015-02-17] (Code Sector) [Datei ist nicht signiert]
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
R2 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [3458952 2012-05-29] (RealVNC Ltd)
S3 w7Svc; C:\Program Files\webcam 7\wService.exe [5256512 2013-11-29] (Moonware Studios) [Datei ist nicht signiert]
S3 wampapache; c:\wamp\bin\apache\apache2.4.23\bin\httpd.exe [26112 2016-07-01] (Apache Software Foundation) [Datei ist nicht signiert]
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe [8177664 2012-04-19] () [Datei ist nicht signiert]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [265352 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [82488 2017-03-18] (Microsoft Corporation)
S3 wlpasvc; C:\WINDOWS\System32\lpasvc.dll [842752 2017-03-18] (Microsoft Corporation)
S4 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [Datei ist nicht signiert]
S2 AMD FUEL Service; "C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService [X]
S4 RemShutDownSvc; C:\Windows\System32\remsdnsv.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [17608 2016-02-26] (Advanced Micro Devices, Inc.)
S0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [73928 2015-03-30] (Advanced Micro Devices)
S0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [36040 2015-03-30] (Advanced Micro Devices)
S3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [124504 2013-05-19] (SlySoft, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [50400 2014-02-11] (Advanced Micro Devices)
R3 BthLEEnum; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [78848 2017-03-18] (Microsoft Corporation)
R3 DDBaseNg; C:\WINDOWS\system32\DRIVERS\DDBaseNg.sys [70528 2017-01-17] (Digital Devices GmbH)
R3 DDCapture; C:\WINDOWS\system32\DRIVERS\DDCapture.sys [14848 2017-01-17] (Digital Devices GmbH)
R3 DDTuner; C:\WINDOWS\system32\DRIVERS\DDTuner.sys [192384 2017-01-17] (Digital Devices GmbH)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-08-10] (Disc Soft Ltd)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [367448 2017-04-19] (Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [284504 2017-04-19] (Acronis International GmbH)
S3 HWiNFO32; C:\Users\mikelsoft\AppData\Local\Temp\HWiNFO32.SYS [23840 2017-04-22] (REALiX(tm)) <==== ACHTUNG
S3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh.inf_x86_772bc7bcc8c1c0c4\igdkmd32.sys [9666512 2016-08-27] (Intel Corporation)
S3 intaud_WaveExtensible; C:\WINDOWS\system32\drivers\intelaud.sys [46584 2015-12-07] (Intel Corporation)
R3 iwdbus; C:\WINDOWS\System32\drivers\iwdbus.sys [37880 2015-12-07] (Intel Corporation)
R3 LEqdUsb; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [42648 2011-09-02] (Logitech, Inc.)
R3 LHidEqd; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [12184 2011-09-02] (Logitech, Inc.)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [220088 2017-04-30] (Malwarebytes)
R3 MEI; C:\WINDOWS\System32\drivers\TeeDriverW8.sys [177760 2016-09-22] (Intel Corporation)
R3 netr28u; C:\WINDOWS\System32\drivers\netr28u.sys [1824256 2017-03-18] (MediaTek Inc.)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [795656 2016-08-23] (Realtek                                            )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [23040 2014-11-05] (The OpenVPN Project)
R3 teamviewervpn; C:\WINDOWS\System32\drivers\teamviewervpn.sys [25088 2011-11-11] (TeamViewer GmbH)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [828248 2017-04-19] (Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [166232 2017-04-19] (Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [472920 2017-04-19] (Acronis International GmbH)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [248664 2017-04-19] (Acronis International GmbH)
R1 vncmirror; C:\WINDOWS\system32\DRIVERS\vncmirror.sys [4608 2011-08-18] (RealVNC Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37464 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [243104 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [96672 2017-03-18] (Microsoft Corporation)
R2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; C:\Program Files\CyberLink\PowerDVD16\Common\NavFilter\000.fcl [24504 2016-03-14] (CyberLink Corp.)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [26824 2014-08-12] (CyberLink Corp.)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-30 12:49 - 2017-04-30 13:01 - 00031110 _____ C:\Users\mikelsoft\Desktop\FRST.txt
2017-04-30 12:24 - 2017-04-30 12:24 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\NetworkTiles
2017-04-27 17:24 - 2017-04-27 17:22 - 01663672 _____ (Malwarebytes) C:\Users\mikelsoft\Desktop\JRT.exe
2017-04-27 17:14 - 2017-04-27 17:14 - 00220088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\325A2073.sys
2017-04-27 17:09 - 2017-04-27 17:09 - 00001264 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-04-27 17:09 - 2017-04-27 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-04-27 17:09 - 2017-04-27 17:09 - 00000000 ____D C:\Program Files\VS Revo Group
2017-04-27 17:09 - 2017-04-27 16:57 - 04102600 _____ C:\Users\mikelsoft\Desktop\adwcleaner_6.046.exe
2017-04-27 17:09 - 2017-04-27 15:50 - 00602112 _____ (OldTimer Tools) C:\Users\mikelsoft\Desktop\OTL.exe
2017-04-26 20:12 - 2017-04-26 20:12 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Xbmccustomregis
2017-04-26 20:10 - 2017-04-26 20:10 - 00000000 ____D C:\WINDOWS\ShellNew
2017-04-26 20:10 - 2017-04-26 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2017-04-26 20:10 - 2017-04-26 20:10 - 00000000 ____D C:\Program Files\AutoHotkey
2017-04-26 16:56 - 2017-04-26 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2017-04-23 14:31 - 2017-04-23 14:31 - 00000000 ____D C:\Program Files\DigitalDevices
2017-04-22 19:07 - 2017-04-22 19:07 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Emby
2017-04-22 19:07 - 2017-04-22 19:07 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Emby-Server
2017-04-22 19:06 - 2017-04-22 19:06 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Emby-InstallLogs
2017-04-22 17:50 - 2017-04-22 17:50 - 00000000 ____D C:\wamp
2017-04-20 19:44 - 2017-03-18 20:18 - 00954600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winloadp.exe
2017-04-20 19:43 - 2017-04-01 02:38 - 05862296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnx.exe
2017-04-20 19:27 - 2017-04-20 19:27 - 00000000 ____D C:\Patch
2017-04-20 18:25 - 2017-04-20 19:11 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-04-20 17:26 - 2017-04-20 17:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-04-20 17:21 - 2017-04-20 17:21 - 00017310 _____ C:\WINDOWS\system32\results.xml
2017-04-20 17:20 - 2017-04-23 22:41 - 00000000 __SHD C:\Users\mikelsoft\IntelGraphicsProfiles
2017-04-20 16:53 - 2017-04-20 16:53 - 00000000 ____D C:\Program Files\Common Files\Intel
2017-04-20 16:53 - 2017-04-20 16:53 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-04-20 16:52 - 2017-04-20 17:20 - 00000000 ____D C:\Intel
2017-04-20 16:09 - 2016-08-23 04:19 - 00795656 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x86.sys
2017-04-20 16:09 - 2016-08-23 04:19 - 00085616 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp32.dll
2017-04-20 16:07 - 2017-04-20 16:53 - 00000000 ____D C:\Program Files\Intel
2017-04-20 16:07 - 2017-04-20 16:08 - 00000000 ____D C:\ProgramData\Intel
2017-04-20 16:07 - 2017-04-20 16:07 - 00000000 ____D C:\Users\mikelsoft\Intel
2017-04-20 16:07 - 2017-04-20 16:07 - 00000000 ____D C:\Program Files\Common Files\PostureAgent
2017-04-20 16:06 - 2017-04-20 16:06 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-04-20 16:06 - 2017-04-20 16:06 - 00000000 ____D C:\WINDOWS\system32\RTCOM
2017-04-20 16:06 - 2017-04-20 16:06 - 00000000 ____D C:\WINDOWS\system32\DAX3
2017-04-20 16:06 - 2017-04-20 16:06 - 00000000 ____D C:\WINDOWS\system32\DAX2
2017-04-20 16:06 - 2017-03-30 01:36 - 01279312 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo32.dll
2017-04-20 16:06 - 2017-03-30 01:36 - 00562416 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo32.dll
2017-04-20 16:06 - 2017-03-30 01:36 - 00390936 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo32.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 02800320 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech32.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 01400800 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 01074048 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 00860512 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo2.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 00794792 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo32.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 00401040 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 00357152 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSXT.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 00341144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 00196008 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSHD.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 00183608 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP360.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 00150552 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 00144680 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2017-04-20 16:06 - 2017-03-30 01:35 - 00067744 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\TepeqAPO.dll
2017-04-20 16:06 - 2017-03-30 01:32 - 00232744 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp32.dll
2017-04-20 16:05 - 2017-04-20 16:09 - 00000000 ____D C:\Program Files\Realtek
2017-04-20 16:05 - 2017-04-20 16:07 - 00000000 ___HD C:\Program Files\Temp
2017-04-20 16:05 - 2017-03-30 01:34 - 03173736 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt32.dll
2017-04-20 16:05 - 2017-03-30 01:34 - 02558352 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApoApi.dll
2017-04-20 16:05 - 2017-03-30 01:34 - 00936608 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2017-04-20 16:05 - 2017-03-30 01:34 - 00911080 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo32.dll
2017-04-20 16:05 - 2017-03-30 01:34 - 00876400 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF32.dll
2017-04-20 16:05 - 2017-03-30 01:34 - 00740560 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA32.dll
2017-04-20 16:05 - 2017-03-30 01:34 - 00736936 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN32.dll
2017-04-20 16:05 - 2017-03-30 01:34 - 00480792 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO32.dll
2017-04-20 16:05 - 2017-03-30 01:34 - 00225040 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK.dll
2017-04-20 16:05 - 2017-03-30 01:34 - 00083632 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM.dll
2017-04-20 16:05 - 2017-03-30 01:34 - 00078480 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 03082024 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 01531672 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 01313120 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00688224 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00645816 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00615864 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00471280 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00371808 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP32A.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00364016 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED32A.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00363416 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00327944 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00316424 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00307232 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT32.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00307232 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA32.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00221904 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00214664 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00214664 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00200728 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00181224 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED32A.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00116648 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL32A.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00101616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA32A.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00088272 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL32A.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00074376 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG32A.dll
2017-04-20 16:05 - 2017-03-30 01:33 - 00071704 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG32A.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 72520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes.dat
2017-04-20 16:05 - 2017-03-30 01:32 - 07170864 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP32A.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 07053688 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP32A.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 04397056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHDA.sys
2017-04-20 16:05 - 2017-03-30 01:32 - 04244224 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 02946560 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSndMgr.cpl
2017-04-20 16:05 - 2017-03-30 01:32 - 02906624 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkPgExt.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 02156032 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoInstII.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 01824912 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 01512312 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD32A.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 01239800 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 01225568 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 01104832 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 01024008 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00881152 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00669584 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00402064 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00387616 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00367352 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00322056 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00285624 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO32A.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00232416 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA32.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00229584 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00229584 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00229032 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00130296 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00101320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00096600 _____ C:\WINDOWS\system32\audioLibVc.dll
2017-04-20 16:05 - 2017-03-30 01:32 - 00022152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR.dll
2017-04-20 16:05 - 2017-03-30 01:31 - 00197432 _____ C:\WINDOWS\system32\AcpiServiceVnA.dll
2017-04-20 16:05 - 2017-03-29 20:08 - 12733323 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-04-20 16:05 - 2017-03-29 20:08 - 05804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2017-04-20 16:05 - 2016-09-22 08:55 - 02839520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2017-04-20 00:45 - 2017-04-20 00:45 - 00000218 _____ C:\Users\mikelsoft\AppData\Local\recently-used.xbel
2017-04-20 00:31 - 2017-04-20 00:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenshotCaptor
2017-04-19 21:19 - 2017-04-19 21:19 - 00000000 ____D C:\Users\mikelsoft\Desktop\TrueImageReadme
2017-04-19 21:11 - 2017-04-19 21:11 - 00000000 ____D C:\Program Files\Bonjour
2017-04-19 21:10 - 2017-04-19 21:10 - 00367448 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_protector.sys
2017-04-19 21:10 - 2017-04-19 21:10 - 00284504 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys
2017-04-19 21:10 - 2017-04-19 21:10 - 00000000 ____D C:\ProgramData\Acronis Mobile Backup Data
2017-04-19 21:09 - 2017-04-19 21:09 - 00828248 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib1192.sys
2017-04-19 21:09 - 2017-04-19 21:09 - 00472920 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys
2017-04-19 21:09 - 2017-04-19 21:09 - 00271704 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman2542.sys
2017-04-19 21:09 - 2017-04-19 21:09 - 00248664 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file.sys
2017-04-19 21:09 - 2017-04-19 21:09 - 00166232 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2017-04-19 21:09 - 2017-04-19 21:09 - 00139096 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv2275.sys
2017-04-19 21:09 - 2017-04-19 21:09 - 00001244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk
2017-04-19 21:09 - 2017-04-19 21:09 - 00001232 _____ C:\Users\Public\Desktop\Acronis True Image.lnk
2017-04-19 21:09 - 2017-04-19 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2017-04-19 21:07 - 2017-04-19 22:14 - 00000000 ____D C:\ProgramData\Acronis
2017-04-19 20:52 - 2017-04-19 20:52 - 00220088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\77665653.sys
2017-04-19 01:19 - 2017-04-19 01:19 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\{1EB528E9-3A1D-4451-5785-61B973ED9D21}
2017-04-19 01:13 - 2017-04-19 01:13 - 00002301 _____ C:\Users\Public\Desktop\CyberLink PowerDVD 17.lnk
2017-04-19 01:13 - 2017-04-19 01:13 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 17
2017-04-19 01:06 - 2017-04-19 01:06 - 00000000 ____D C:\ProgramData\install_backup
2017-04-19 00:47 - 2017-04-19 00:47 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\CyberLink
2017-04-19 00:34 - 2017-04-19 00:34 - 00002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD.lnk
2017-04-19 00:34 - 2017-04-19 00:34 - 00002301 _____ C:\Users\Public\Desktop\CyberLink PowerDVD 16.lnk
2017-04-15 12:32 - 2017-04-26 17:21 - 00000000 ____D C:\WINDOWS\Minidump
2017-04-13 17:36 - 2017-04-13 17:36 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\DBG
2017-04-12 18:04 - 2017-04-12 18:04 - 00000320 _____ C:\Users\mikelsoft\Desktop\MyHarmony.appref-ms
2017-04-12 18:04 - 2017-04-12 18:04 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logitech
2017-04-12 18:04 - 2017-04-12 18:04 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Logitech
2017-04-12 18:03 - 2017-04-22 19:06 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\Deployment
2017-04-12 00:00 - 2017-04-12 00:00 - 00000020 ___SH C:\Users\Acronis Agent User\ntuser.ini
2017-04-11 20:39 - 2017-04-01 02:57 - 01432296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-11 20:39 - 2017-04-01 02:57 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-11 20:39 - 2017-04-01 02:57 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-11 20:39 - 2017-04-01 02:38 - 05862296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-11 20:39 - 2017-04-01 02:30 - 02023320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-11 20:39 - 2017-04-01 02:30 - 00341920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-11 20:39 - 2017-04-01 02:29 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-11 20:39 - 2017-04-01 02:29 - 00169376 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-04-11 20:39 - 2017-04-01 02:28 - 01520032 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-04-11 20:39 - 2017-04-01 02:25 - 06756920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-11 20:39 - 2017-04-01 02:25 - 00986592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-11 20:39 - 2017-04-01 02:11 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-11 20:39 - 2017-04-01 02:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-11 20:39 - 2017-04-01 02:09 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-11 20:39 - 2017-04-01 02:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-11 20:39 - 2017-04-01 02:09 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-11 20:39 - 2017-04-01 02:08 - 19334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-11 20:39 - 2017-04-01 02:04 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-04-11 20:39 - 2017-04-01 02:02 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-04-11 20:39 - 2017-04-01 02:02 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-04-11 20:39 - 2017-04-01 02:01 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-04-11 20:39 - 2017-04-01 01:59 - 11869696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-11 20:39 - 2017-04-01 01:58 - 06296064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-11 20:39 - 2017-04-01 01:58 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-11 20:39 - 2017-04-01 01:56 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-04-11 20:39 - 2017-04-01 01:55 - 01127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-04-11 20:39 - 2017-04-01 01:54 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-04-11 20:39 - 2017-04-01 01:52 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-11 20:39 - 2017-04-01 01:52 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-11 20:39 - 2017-03-31 23:01 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-04-10 15:31 - 2017-04-10 15:31 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-04-10 15:27 - 2017-04-10 15:27 - 00000020 ___SH C:\Users\mikelsoft\ntuser.ini
2017-04-09 23:18 - 2017-04-09 23:18 - 00286624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-04-09 23:18 - 2017-03-17 22:45 - 05739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2017-04-09 23:18 - 2017-03-17 22:43 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2017-04-09 23:18 - 2017-03-17 22:35 - 05484544 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2017-04-09 23:17 - 2017-04-09 23:17 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-04-09 23:17 - 2017-04-09 22:35 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-04-09 23:15 - 2017-04-19 21:44 - 00000000 ____D C:\WINDOWS\system32\msmq
2017-04-09 23:15 - 2017-04-09 23:15 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2017-04-09 23:15 - 2017-04-09 23:15 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-04-09 23:15 - 2017-04-09 23:15 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-04-09 23:15 - 2017-04-09 23:15 - 00000000 ____D C:\Program Files\MSBuild
2017-04-09 23:15 - 2017-04-09 23:15 - 00000000 ____D C:\inetpub
2017-04-09 23:14 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-04-09 23:14 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-04-09 23:14 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-04-09 22:56 - 2017-04-09 23:01 - 00019053 _____ C:\WINDOWS\diagwrn.xml
2017-04-09 22:56 - 2017-04-09 23:01 - 00019053 _____ C:\WINDOWS\diagerr.xml
2017-04-09 22:49 - 2017-04-30 12:43 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-09 22:35 - 2017-04-09 22:35 - 00001487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-04-09 22:34 - 2017-04-09 22:34 - 00000000 ____D C:\ProgramData\USOShared
2017-04-09 22:31 - 2017-04-09 22:31 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-04-09 22:30 - 2017-04-09 22:30 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-04-09 22:25 - 2017-04-30 12:48 - 02987684 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-09 22:25 - 2017-04-26 19:39 - 00000000 ____D C:\Users\mikelsoft
2017-04-09 22:25 - 2017-04-20 16:04 - 00000000 ____D C:\ProgramData\AMD
2017-04-09 22:25 - 2017-04-12 00:00 - 00000000 ____D C:\Users\Acronis Agent User
2017-04-09 22:25 - 2017-04-09 22:47 - 00000000 ____D C:\Users\DefaultAppPool
2017-04-09 22:25 - 2017-04-09 22:40 - 00000000 ____D C:\Users\fhem
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\Vorlagen
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\Startmenü
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\Netzwerkumgebung
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\Lokale Einstellungen
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\Eigene Dateien
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\Druckumgebung
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\Documents\Eigene Videos
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\Documents\Eigene Musik
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\Documents\Eigene Bilder
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\AppData\Local\Verlauf
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\AppData\Local\Anwendungsdaten
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\mikelsoft\Anwendungsdaten
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\Vorlagen
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\Startmenü
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\Netzwerkumgebung
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\Lokale Einstellungen
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\Eigene Dateien
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\Druckumgebung
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\Documents\Eigene Videos
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\Documents\Eigene Musik
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\Documents\Eigene Bilder
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\AppData\Local\Verlauf
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\AppData\Local\Anwendungsdaten
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\fhem\Anwendungsdaten
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\Vorlagen
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\Startmenü
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\Netzwerkumgebung
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\Lokale Einstellungen
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\Eigene Dateien
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\Druckumgebung
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\Documents\Eigene Videos
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\Documents\Eigene Musik
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\Documents\Eigene Bilder
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\AppData\Local\Verlauf
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\AppData\Local\Anwendungsdaten
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 _SHDL C:\Users\Acronis Agent User\Anwendungsdaten
2017-04-09 22:25 - 2017-04-09 22:25 - 00000000 ____D C:\Program Files\ATI Technologies
2017-04-09 22:24 - 2017-04-25 11:04 - 00000000 ____D C:\Program Files\AMD
2017-04-09 22:24 - 2017-04-20 16:08 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-09 22:24 - 2017-04-09 22:24 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-04-09 22:24 - 2017-04-09 22:24 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-04-09 22:24 - 2017-04-09 22:24 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2017-04-09 22:23 - 2017-04-30 12:43 - 00232264 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-09 22:23 - 2017-04-30 12:34 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-09 20:51 - 2017-04-10 15:28 - 00000000 ___DC C:\WINDOWS\Panther
2017-04-07 19:38 - 2017-04-30 13:01 - 00000000 ____D C:\FRST
2017-04-07 17:37 - 2017-04-22 20:42 - 00161216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-04-07 17:36 - 2017-04-22 20:42 - 00096704 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-04-07 17:36 - 2017-04-22 20:42 - 00073664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-04-07 17:36 - 2017-04-22 20:42 - 00039360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-04-07 17:35 - 2017-04-12 20:59 - 00059904 _____ C:\WINDOWS\system32\Drivers\mbae.sys
2017-04-07 17:35 - 2017-04-09 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-04-07 17:35 - 2017-04-07 17:35 - 00002097 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-04-07 17:35 - 2017-04-07 17:35 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-07 17:27 - 2017-04-07 17:27 - 00000000 ____D C:\Program Files\McAfee
2017-04-07 17:26 - 2017-04-29 10:47 - 01768448 _____ (Farbar) C:\Users\mikelsoft\Desktop\FRST.exe
2017-04-07 17:15 - 2017-04-09 20:51 - 00000036 _____ C:\WINDOWS\progress.ini
2017-04-07 16:39 - 2017-04-10 15:27 - 00000000 ___HD C:\$GetCurrent
2017-04-07 16:39 - 2017-04-10 15:27 - 00000000 ____D C:\Windows10Upgrade
2017-04-07 16:39 - 2017-04-09 19:20 - 00000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Upgrade-Assistent.lnk
2017-04-07 16:39 - 2017-04-09 19:20 - 00000719 _____ C:\Users\mikelsoft\Desktop\Windows 10-Upgrade-Assistent.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-30 12:48 - 2017-03-19 10:57 - 01379364 _____ C:\WINDOWS\system32\perfh007.dat
2017-04-30 12:48 - 2017-03-19 10:57 - 00335434 _____ C:\WINDOWS\system32\perfc007.dat
2017-04-30 12:43 - 2017-03-18 08:02 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-04-30 12:43 - 2014-03-26 13:28 - 00220088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-30 12:43 - 2013-03-23 13:05 - 00000000 ____D C:\Program Files\BubbleUPnP Server
2017-04-30 12:43 - 2011-12-25 19:00 - 00000000 ____D C:\Temp
2017-04-30 12:21 - 2017-03-18 20:21 - 00000000 ____D C:\WINDOWS\INF
2017-04-29 13:18 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-29 12:25 - 2011-12-30 19:44 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\deluge
2017-04-28 22:15 - 2016-11-21 14:53 - 00000000 ____D C:\Users\mikelsoft\AppData\LocalLow\Mozilla
2017-04-28 16:18 - 2015-01-23 17:23 - 00002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-28 16:18 - 2015-01-23 17:23 - 00002198 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-27 18:49 - 2011-12-25 21:01 - 00000000 ____D C:\Program Files\TeamViewer
2017-04-27 17:14 - 2013-09-14 19:56 - 00000000 ____D C:\AdwCleaner
2017-04-27 17:14 - 2012-12-11 15:20 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-04-27 17:09 - 2008-05-30 23:09 - 00731136 _____ C:\Users\mikelsoft\Desktop\avenger.exe
2017-04-27 14:56 - 2017-03-18 20:23 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-26 20:20 - 2014-12-23 17:06 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Kodi
2017-04-26 17:21 - 2011-12-25 18:47 - 01172701 ____N C:\WINDOWS\Minidump\042617-17609-01.dmp
2017-04-26 17:10 - 2013-04-10 16:08 - 00000625 _____ C:\Users\mikelsoft\advancedsettings.xml
2017-04-26 16:56 - 2014-12-23 17:03 - 00000000 ____D C:\Program Files\Kodi
2017-04-26 14:54 - 2014-02-15 21:27 - 00000600 _____ C:\Users\mikelsoft\AppData\Roaming\winscp.rnd
2017-04-26 03:55 - 2017-03-18 20:14 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-25 11:00 - 2012-01-26 13:31 - 00000000 ____D C:\AMD
2017-04-23 22:50 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-23 17:32 - 2015-10-20 18:48 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\AIMP
2017-04-23 14:22 - 2016-09-24 01:43 - 00016400 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2017-04-22 20:55 - 2011-12-25 18:47 - 01168077 ____N C:\WINDOWS\Minidump\042217-24156-01.dmp
2017-04-22 20:49 - 2011-12-25 18:47 - 01167565 ____N C:\WINDOWS\Minidump\042217-21046-01.dmp
2017-04-22 20:42 - 2011-12-25 18:47 - 01170765 ____N C:\WINDOWS\Minidump\042217-24000-01.dmp
2017-04-22 20:10 - 2014-12-23 17:14 - 00005398 _____ C:\Users\mikelsoft\sources.xml
2017-04-22 17:55 - 2016-05-29 16:16 - 00001462 _____ C:\Users\Public\Desktop\Wampserver32.lnk
2017-04-22 17:52 - 2016-05-29 16:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wampserver32
2017-04-20 19:11 - 2013-06-04 20:48 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-04-20 17:28 - 2016-08-30 19:31 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\PlaysTV
2017-04-20 17:28 - 2015-08-02 22:14 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Raptr
2017-04-20 17:26 - 2011-12-25 20:04 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\AMD
2017-04-20 16:51 - 2009-10-14 21:00 - 00000000 ____D C:\my download
2017-04-20 16:09 - 2011-12-25 22:43 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-04-20 00:32 - 2015-02-19 22:59 - 00000058 _____ C:\Users\mikelsoft\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2017-04-20 00:31 - 2011-12-25 21:29 - 00000000 ____D C:\Program Files\ScreenshotCaptor
2017-04-19 21:10 - 2011-12-25 22:51 - 00000000 ____D C:\Program Files\Common Files\Acronis
2017-04-19 21:09 - 2013-08-31 11:13 - 00828248 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2017-04-19 21:09 - 2013-08-31 11:13 - 00139096 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2017-04-19 21:09 - 2011-12-25 22:52 - 00271704 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2017-04-19 21:08 - 2011-12-25 22:51 - 00000000 ____D C:\Program Files\Acronis
2017-04-19 19:27 - 2011-12-30 22:48 - 00000000 ____D C:\Users\mikelsoft\Documents\CyberLink
2017-04-19 01:13 - 2013-06-30 13:32 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\CyberLink
2017-04-19 01:12 - 2014-10-07 18:26 - 00000000 ____D C:\Program Files\NSIS Uninstall Information
2017-04-19 01:12 - 2013-06-30 13:32 - 00000000 ____D C:\ProgramData\CyberLink
2017-04-19 01:07 - 2013-06-30 13:28 - 00000000 ____D C:\Program Files\CyberLink
2017-04-19 01:06 - 2014-10-07 18:19 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2017-04-19 01:06 - 2011-12-25 22:46 - 00000000 ____D C:\ProgramData\install_clap
2017-04-18 19:10 - 2011-12-25 20:59 - 00000000 ____D C:\ProgramData\Temp
2017-04-16 08:33 - 2016-08-11 07:09 - 00000998 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2017-04-16 08:33 - 2016-08-11 07:09 - 00000986 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2017-04-16 01:04 - 2016-11-20 04:42 - 00000000 _____ C:\ProgramData\CLDShowX.ini
2017-04-15 13:00 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-04-15 12:32 - 2011-12-25 18:47 - 00257199 ____N C:\WINDOWS\Minidump\041517-20968-01.dmp
2017-04-13 18:04 - 2013-07-21 14:27 - 00000000 ____D C:\Program Files\DVBViewer
2017-04-13 18:02 - 2017-03-16 23:28 - 00001934 _____ C:\Users\Public\Desktop\DVBViewer.lnk
2017-04-13 18:02 - 2011-12-30 15:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVBViewer
2017-04-13 15:58 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\rescache
2017-04-11 23:16 - 2013-07-13 13:11 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-04-11 20:52 - 2013-07-13 13:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-11 20:41 - 2013-07-13 13:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-04-11 20:41 - 2011-12-25 19:12 - 145733648 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-11 19:59 - 2016-09-24 02:04 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\ConnectedDevicesPlatform
2017-04-11 19:08 - 2012-08-24 22:20 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\ElevatedDiagnostics
2017-04-11 17:35 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-04-11 15:38 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\appcompat
2017-04-10 15:47 - 2015-08-02 21:20 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\Packages
2017-04-10 15:36 - 2015-08-02 21:27 - 00002441 _____ C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-10 15:36 - 2015-08-02 21:27 - 00000000 ___RD C:\Users\mikelsoft\OneDrive
2017-04-10 15:28 - 2017-03-18 20:23 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-10 15:28 - 2015-08-02 21:20 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-09 23:22 - 2017-03-18 20:23 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-04-09 23:19 - 2017-03-18 20:25 - 00000000 ____D C:\WINDOWS\Setup
2017-04-09 23:18 - 2017-03-19 10:58 - 00000000 ____D C:\WINDOWS\OCR
2017-04-09 23:15 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-04-09 23:15 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-04-09 23:15 - 2017-03-18 20:20 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmpsnap.dll
2017-04-09 23:15 - 2017-03-18 20:20 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\evntwin.exe
2017-04-09 23:15 - 2017-03-18 20:20 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\evntagnt.dll
2017-04-09 23:15 - 2017-03-18 20:20 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmp.exe
2017-04-09 23:15 - 2017-03-18 20:20 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\hostmib.dll
2017-04-09 23:15 - 2017-03-18 20:20 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lmmib2.dll
2017-04-09 23:15 - 2017-03-18 20:20 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\evntcmd.exe
2017-04-09 23:15 - 2017-03-18 20:20 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmpmib.dll
2017-04-09 23:15 - 2017-03-18 20:19 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-04-09 23:15 - 2017-03-18 20:19 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-04-09 23:15 - 2017-03-18 20:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-04-09 23:15 - 2017-03-18 20:19 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-04-09 23:15 - 2017-03-18 20:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-04-09 23:15 - 2017-03-18 20:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-04-09 23:15 - 2017-03-18 20:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00973312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dplayx.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2017-04-09 23:15 - 2017-03-18 20:18 - 00107882 _____ C:\WINDOWS\system32\mib_ii.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2017-04-09 23:15 - 2017-03-18 20:18 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2017-04-09 23:15 - 2017-03-18 20:18 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2017-04-09 23:15 - 2017-03-18 20:18 - 00048593 _____ C:\WINDOWS\system32\hostmib.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpwsockx.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2017-04-09 23:15 - 2017-03-18 20:18 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2017-04-09 23:15 - 2017-03-18 20:18 - 00034317 _____ C:\WINDOWS\system32\msiprip2.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00030448 _____ C:\WINDOWS\system32\mcastmib.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00026236 _____ C:\WINDOWS\system32\wins.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00026100 _____ C:\WINDOWS\system32\lmmib2.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2017-04-09 23:15 - 2017-03-18 20:18 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpmodemx.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-04-09 23:15 - 2017-03-18 20:18 - 00022462 _____ C:\WINDOWS\system32\rfc2571.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00021271 _____ C:\WINDOWS\system32\http.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dplaysvr.exe
2017-04-09 23:15 - 2017-03-18 20:18 - 00015799 _____ C:\WINDOWS\system32\ipforwd.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00015032 _____ C:\WINDOWS\system32\authserv.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00014032 _____ C:\WINDOWS\system32\accserv.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00013767 _____ C:\WINDOWS\system32\msipbtp.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2017-04-09 23:15 - 2017-03-18 20:18 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00006179 _____ C:\WINDOWS\system32\ftp.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-04-09 23:15 - 2017-03-18 20:18 - 00004597 _____ C:\WINDOWS\system32\dhcp.mib
2017-04-09 23:15 - 2017-03-18 20:18 - 00004411 _____ C:\WINDOWS\system32\smi.mib
2017-04-09 23:02 - 2017-03-18 20:23 - 00000000 ____D C:\Program Files\Windows NT
2017-04-09 23:01 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-04-09 23:01 - 2017-03-18 08:02 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-04-09 22:55 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\Registration
2017-04-09 22:54 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-04-09 22:49 - 2015-08-02 21:18 - 00021628 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-04-09 22:48 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\Media
2017-04-09 22:47 - 2017-03-18 20:23 - 00000000 __RHD C:\Users\Public\Libraries
2017-04-09 22:36 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2017-04-09 22:35 - 2017-03-20 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter
2017-04-09 22:35 - 2017-03-20 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
2017-04-09 22:35 - 2017-03-16 23:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MDAPI_Plus
2017-04-09 22:35 - 2017-03-02 01:25 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music
2017-04-09 22:35 - 2017-02-17 23:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2017-04-09 22:35 - 2016-10-06 22:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2017-04-09 22:35 - 2016-09-24 01:43 - 00000000 ____D C:\Program Files\Common Files\logishrd
2017-04-09 22:35 - 2016-05-06 00:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-BE
2017-04-09 22:35 - 2016-04-26 19:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-04-09 22:35 - 2016-04-11 18:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BubbleUPnP Server
2017-04-09 22:35 - 2016-04-11 17:49 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sichbo Interactive
2017-04-09 22:35 - 2016-02-07 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-04-09 22:35 - 2015-10-20 18:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-04-09 22:35 - 2015-08-10 11:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2017-04-09 22:35 - 2015-08-06 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY
2017-04-09 22:35 - 2015-08-06 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2017-04-09 22:35 - 2015-08-02 22:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2017-04-09 22:35 - 2015-05-20 19:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YoutubeDLG
2017-04-09 22:35 - 2015-05-04 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2017-04-09 22:35 - 2015-05-03 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player Classic - Home Cinema
2017-04-09 22:35 - 2015-03-31 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2017-04-09 22:35 - 2015-03-30 23:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayClaw 5
2017-04-09 22:35 - 2015-03-30 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmbiBox
2017-04-09 22:35 - 2015-03-24 20:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla Server
2017-04-09 22:35 - 2015-03-19 22:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2017-04-09 22:35 - 2015-03-13 20:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2017-04-09 22:35 - 2015-01-23 17:27 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2017-04-09 22:35 - 2014-12-15 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WampServer
2017-04-09 22:35 - 2014-10-30 21:52 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2017-04-09 22:35 - 2014-10-07 18:26 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 14
2017-04-09 22:35 - 2014-05-09 18:15 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2017-04-09 22:35 - 2014-02-14 01:12 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2017-04-09 22:35 - 2014-01-08 21:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prismatik
2017-04-09 22:35 - 2013-11-29 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\webcam 7
2017-04-09 22:35 - 2012-07-31 12:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealVNC
2017-04-09 22:35 - 2012-02-12 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2017-04-09 22:35 - 2012-01-05 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
2017-04-09 22:35 - 2011-12-30 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
2017-04-09 22:35 - 2011-12-25 23:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Netzwerk
2017-04-09 22:35 - 2011-12-25 23:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Appz
2017-04-09 22:34 - 2017-03-18 20:23 - 00000000 ____D C:\ProgramData\USOPrivate
2017-04-09 22:34 - 2017-03-18 20:23 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-09 22:31 - 2017-03-18 20:23 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-04-09 22:31 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\system32\spool
2017-04-09 22:31 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\system32\IME
2017-04-09 22:31 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\System
2017-04-09 22:31 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\schemas
2017-04-09 22:31 - 2017-03-18 20:23 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-04-09 22:31 - 2017-03-18 20:23 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-09 22:31 - 2016-10-06 22:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2017-04-09 22:31 - 2016-04-26 19:04 - 00000000 ____D C:\WINDOWS\system32\Adobe
2017-04-09 22:31 - 2015-08-06 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2017-04-09 22:31 - 2015-06-02 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-04-09 22:31 - 2015-05-04 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2017-04-09 22:31 - 2014-12-17 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAVIGON
2017-04-09 22:31 - 2014-02-17 23:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-04-09 22:31 - 2013-09-15 15:52 - 00000000 ____D C:\WINDOWS\system32\oodag
2017-04-09 22:31 - 2013-07-01 14:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft
2017-04-09 22:31 - 2011-12-25 23:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Brennen
2017-04-09 22:31 - 2011-12-25 21:10 - 00000000 ____D C:\WINDOWS\system32\SPReview
2017-04-09 22:31 - 2011-12-25 21:09 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2017-04-09 22:27 - 2017-03-15 23:50 - 00000000 ____D C:\Users\fhem\AppData\Local\Packages
2017-04-09 22:24 - 2017-03-18 08:02 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-04-08 20:19 - 2011-12-25 19:01 - 00430248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-04-07 20:11 - 2016-07-20 17:08 - 00000000 ____D C:\Program Files\Yahoo!
2017-04-07 19:54 - 2013-05-17 17:11 - 00000000 ____D C:\Program Files\AIMP3
2017-04-07 17:48 - 2012-12-11 17:56 - 00000000 ____D C:\Program Files\stinger
2017-04-07 17:35 - 2014-03-26 13:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-03 18:56 - 2017-03-18 20:25 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-04-03 18:56 - 2017-03-18 20:25 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-01-08 21:20 - 2014-01-08 21:20 - 17067056 _____ (Sytexis Software                                            ) C:\Program Files\playclaw5.3045.exe
2014-04-06 13:06 - 2015-01-29 22:03 - 0000000 _____ () C:\Users\mikelsoft\AppData\Roaming\FoxitReaderUpdateInfo.txt
2016-07-05 18:50 - 2016-07-05 18:50 - 3172883 _____ () C:\Users\mikelsoft\AppData\Roaming\sb125.dat
2016-07-22 13:39 - 2016-07-22 13:39 - 2842131 _____ () C:\Users\mikelsoft\AppData\Roaming\sb250.dat
2016-08-31 18:43 - 2016-08-31 18:43 - 2433555 _____ () C:\Users\mikelsoft\AppData\Roaming\sb390.dat
2016-08-16 14:51 - 2016-08-16 14:51 - 2658836 _____ () C:\Users\mikelsoft\AppData\Roaming\sb546.dat
2016-07-22 13:39 - 2016-07-22 13:39 - 0352256 _____ () C:\Users\mikelsoft\AppData\Roaming\Setup49278.exe
2016-08-16 14:51 - 2016-08-16 14:51 - 0337920 _____ () C:\Users\mikelsoft\AppData\Roaming\Setup53579.exe
2016-08-31 18:43 - 2016-08-31 18:43 - 0220672 _____ () C:\Users\mikelsoft\AppData\Roaming\Setup67515.exe
2014-10-24 00:27 - 2016-09-30 00:27 - 0000330 _____ () C:\Users\mikelsoft\AppData\Roaming\WB.CFG
2014-02-15 21:27 - 2017-04-26 14:54 - 0000600 _____ () C:\Users\mikelsoft\AppData\Roaming\winscp.rnd
2012-01-11 00:14 - 2015-05-04 15:39 - 0034304 _____ () C:\Users\mikelsoft\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-19 22:59 - 2017-04-20 00:32 - 0000058 _____ () C:\Users\mikelsoft\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2012-12-11 18:06 - 2012-12-11 18:06 - 0000001 _____ () C:\Users\mikelsoft\AppData\Local\llftool.4.25.agreement
2017-04-20 00:45 - 2017-04-20 00:45 - 0000218 _____ () C:\Users\mikelsoft\AppData\Local\recently-used.xbel
2013-07-01 14:39 - 2016-04-25 20:17 - 0000040 ___SH () C:\ProgramData\.zreglib
2016-11-20 04:42 - 2017-04-16 01:04 - 0000000 _____ () C:\ProgramData\CLDShowX.ini
2013-07-21 14:23 - 2015-08-04 00:02 - 23086499 _____ () C:\ProgramData\CMUV.7z
2017-04-20 16:06 - 2017-04-20 16:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-02-20 18:39 - 2017-02-20 18:39 - 0000000 _____ () C:\ProgramData\osd.log

Einige Dateien in TEMP:
====================
2014-09-24 00:42 - 2014-09-24 00:42 - 0013824 _____ () C:\Users\mikelsoft\AppData\Local\Temp\gkey.exe
2015-03-02 14:25 - 2015-03-02 14:25 - 0027648 _____ () C:\Users\mikelsoft\AppData\Local\Temp\pkeyui.exe
2017-04-30 12:24 - 2017-04-30 12:24 - 0043520 ____N () C:\Users\mikelsoft\AppData\Local\Temp\proxy_vole1994424247533358548.dll
2017-04-20 17:26 - 2017-04-20 17:27 - 59432328 _____ () C:\Users\mikelsoft\AppData\Local\Temp\raptrpatch.exe
2017-04-20 17:26 - 2017-04-20 17:26 - 0221632 _____ () C:\Users\mikelsoft\AppData\Local\Temp\raptr_stub.exe
2015-03-01 19:09 - 2017-04-20 13:49 - 0048848 _____ () C:\Users\mikelsoft\AppData\Local\Temp\wabk.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


nointegritychecks: ==> "IntegrityChecks" ist deaktiviert. <===== ACHTUNG

LastRegBack: 2017-04-21 02:10

==================== Ende vom FRST.txt ============================
         

Alt 01.05.2017, 10:52   #15
inesa394
 
Mirai botnet Brief vom Telekom Sicherheitswarnung - Standard

Mirai botnet Brief vom Telekom Sicherheitswarnung



Addition Rechner 2
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 27-04-2017
durchgeführt von mikelsoft (30-04-2017 13:02:11)
Gestartet von C:\Users\mikelsoft\Desktop
Microsoft Windows 10 Home Version 1703 (X86) (2017-04-10 13:27:23)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Acronis Agent User (S-1-5-21-2866739208-1381630699-1568876280-1005 - Limited - Enabled) => C:\Users\Acronis Agent User
Administrator (S-1-5-21-2866739208-1381630699-1568876280-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2866739208-1381630699-1568876280-503 - Limited - Disabled)
fhem (S-1-5-21-2866739208-1381630699-1568876280-1038 - Limited - Enabled) => C:\Users\fhem
Gast (S-1-5-21-2866739208-1381630699-1568876280-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2866739208-1381630699-1568876280-1045 - Limited - Enabled)
inesa (S-1-5-21-2866739208-1381630699-1568876280-1040 - Limited - Disabled)
mikelsoft (S-1-5-21-2866739208-1381630699-1568876280-1001 - Administrator - Enabled) => C:\Users\mikelsoft

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKLM\...\uTorrent) (Version: 3.1.2 - )
7-Zip 15.09 beta (HKLM\...\7-Zip) (Version: 15.09 - Igor Pavlov)
AC3Filter 2.6.0b (HKLM\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Acronis Disk Director 11 Advanced Bootable Media Builder (HKLM\...\{8EF18153-2F5C-4511-9C05-2BF39F5A241A}) (Version: 11.0.12077 - Acronis)
Acronis Disk Director 11 Advanced* Agent (HKLM\...\{53B91797-7CC8-41AA-999E-C33DAEC63A1A}) (Version: 11.0.12077 - Acronis)
Acronis Disk Director 11 Advanced*Management*Console (HKLM\...\{AFDDB79D-3FB6-4E82-832C-728F73FAC327}) (Version: 11.0.12077 - Acronis)
Acronis True Image (HKLM\...\{5AFD274C-A033-46BE-829A-464595F009FD}Visible) (Version: 21.0.6206 - Acronis)
Acronis True Image (Version: 21.0.6206 - Acronis) Hidden
Adobe Flash Player 25 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\{C1F3739C-D31D-4062-8788-29261C4A2A68}) (Version: 12.2.4.194 - Adobe Systems, Inc)
AIMP (HKLM\...\AIMP) (Version: v4.13.1893, 06.04.2017 - AIMP DevTeam)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.0 - Sereby Corporation)
Amazon Music (HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\...\Amazon Amazon Music) (Version: 5.3.5.1704 - Amazon Services LLC)
AmbiBox (HKLM\...\{EBC9D10B-7560-4CA0-9492-8928CED133EA}_is1) (Version: 2.1.7 - AmbiBox)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
AnyDVD (HKLM\...\AnyDVD) (Version: 7.2.0.0 - SlySoft)
Arduino (HKLM\...\Arduino) (Version: 1.0.5 - Arduino LLC)
AutoHotkey 1.0.48.05 (HKLM\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Bonjour-Druckdienste (HKLM\...\{D6BCB0B1-9AC8-407B-B679-F925A01F2B2C}) (Version: 2.0.0.36 - Apple Inc.)
BubbleUPnP Server (HKLM\...\BubbleUPnP Server) (Version:  - )
CameraHelperMsi (Version: 13.51.815.0 - Logitech) Hidden
chip 1-click download service (HKLM\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Civilization VI Digital Deluxe Edition MULTi2 1.0 (HKLM\...\Civilization VI Digital Deluxe Edition MULTi2 1.0) (Version:  - )
CMD Prompt Here as Administrator PowerToy for Windows Vista v1.0.2 (Uninstall only) (HKLM\...\CmdHereAsAdmin) (Version: 1.0.2 - )
CMD Prompt Here PowerToy v1.0.3 (Uninstall only) (HKLM\...\CmdHere) (Version: 1.0.3 - )
CyberLink PowerDVD 14 (HKLM\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.4412.58 - CyberLink Corp.)
CyberLink PowerDVD 16 (HKLM\...\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}) (Version: 16.0.1510.60 - CyberLink Corp.)
CyberLink PowerDVD 17 (HKLM\...\{D15BFD7F-6BBA-49A7-A6B1-14C00DCA6842}) (Version: 17.0.1201.60 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Deluge 1.3.6 (HKLM\...\Deluge) (Version:  - )
Digital Devices DVB Driver 2.6.5.142 (HKLM\...\{EB417B58-7814-475A-99A1-F17435380004}) (Version: 2.6.5.142 - Digital Devices GmbH)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
Dungeon Keeper 2 (HKLM\...\{4f94b43a-8a00-4ac4-bb94-269cf24aef97}.sdb) (Version:  - )
Dungeon Keeper 2 (HKLM\...\Dungeon Keeper 2_is1) (Version:  - GOG.com)
DVBViewer Pro (HKLM\...\DVBViewer Pro_is1) (Version: 6.0.0 - CM&V)
DVBViewer Recording Service (HKLM\...\DVBViewer Recording Service_is1) (Version: 1.33.02.01 - CM&V)
Emby Server (HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\...\Emby Server) (Version: 3.2 - Emby Team)
erLT (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
FileHippo App Manager (HKLM\...\FileHippo.com) (Version:  - FileHippo.com)
FileZilla Client 3.16.0 (HKLM\...\FileZilla Client) (Version: 3.16.0 - Tim Kosse)
FileZilla Server (HKLM\...\FileZilla Server) (Version: beta 0.9.60 - FileZilla Project)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.1.3.321 - Foxit Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 59.0.3071.29 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.33.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GTK2-Runtime (HKLM\...\GTK2-Runtime) (Version: 2.16.6-2010-05-12-ash - Alexander Shaduri)
HDD Regenerator (HKLM\...\{97A39919-9FEA-48B7-AB2B-4F99212D1E98}) (Version: 20.11.0011 - Abstradrome)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1036 - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4508 - Intel Corporation)
Java 8 Update 101 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kodi (HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\...\Kodi) (Version:  - XBMC-Foundation)
LG United Mobile Driver (HKLM\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.14.1 - LG Electronics)
Logitech Webcam-Software (HKLM\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MDAPI_Plus (HKLM\...\MDAPI_Plus) (Version: 0.9.0.0 - Alexander Plyas)
Media Control  6.0.8 (HKLM\...\Media Control_is1) (Version:  - Damien Bain-Thouverez)
MediaInfo 0.7.92 (HKLM\...\MediaInfo) (Version: 0.7.92 - MediaArea.net)
Microsoft Baseline Security Analyzer 2.3 (HKLM\...\{9CB185CC-EDD4-45C5-A4E1-29B766E7B189}) (Version: 2.3.2211 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE) (Version:  - Microsoft Corporation)
MKVcleaver (HKLM\...\{00A7BE0D-0E8C-4FC5-8889-98930366DC2C}) (Version: 6.0.2 - Ilia Bakhmoutski (sheck))
MKVToolNix 9.8.0 (32bit) (HKLM\...\MKVToolNix) (Version: 9.8.0 - Moritz Bunkus)
Mozilla Firefox 53.0 (x86 de) (HKLM\...\Mozilla Firefox 53.0 (x86 de)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.0.6312 - Mozilla)
MPC-BE 1.5.1.2345 (HKLM\...\{903D098F-DD50-4342-AD23-DA868FCA3126}_is1) (Version: 1.5.1.2345 - MPC-BE Team)
MPC-HC 1.7.10.28 (0115ec4) Nightly (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.10.28 - MPC-HC Team)
MyHarmony (HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
MySQL Tools for 5.0 (HKLM\...\{FCB10DE3-E190-4A7E-B06A-FAC61567ABFC}) (Version: 5.0.17 - MySQL AB, Sun Microsystems, Inc.)
NAVIGON Fresh 3.5.1 (HKLM\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
No-IP DUC (HKLM\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM\...\Notepad++) (Version: 6.9 - Notepad++ Team)
OpenVPN 2.3.8-I601  (HKLM\...\OpenVPN) (Version: 2.3.8-I601 - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PlayClaw 5 (HKLM\...\PlayClaw 5_is1) (Version: 5 - )
PlayClaw 5 fast codec (HKLM\...\PlayClaw 5 fast codec_is1) (Version: 5 - )
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PlaysTV (HKLM\...\PlaysTV) (Version: 1.19.0-r120634-release - Plays.tv, LLC)
Potplayer (HKLM\...\PotPlayer) (Version:  - Kakao Corp.)
Prismatik (remove only) (HKLM\...\{2175EE1B-0160-4862-9096-C522B1B99042}_is1) (Version: 5.9.6 - Pixelkit LLC)
PuTTY release 0.65 (HKLM\...\PuTTY_is1) (Version: 0.65 - Simon Tatham)
Python 2.7.13 (HKLM\...\{4A656C6C-D24A-473F-9747-3A8D00907A03}) (Version: 2.7.13150 - Python Software Foundation)
Raptr (HKLM\...\Raptr) (Version: 5.2.8-r120085-release - Raptr, Inc)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8105 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Screenshot Captor 4.20.1 (HKLM\...\ScreenshotCaptor_is1) (Version:  - )
Shark007 ADVANCED Codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 7.3.1 - Shark007)
SichboPVR (HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\...\7c6b090ee13ed70a) (Version: 3.0.0.159 - Sichbo Interactive)
Skype™ 7.3 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
TeamViewer 11 (HKLM\...\TeamViewer) (Version: 11.0.76421 - TeamViewer)
TechPowerUp GPU-Z (HKLM\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
TeraCopy 3.0 alfa 3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
TP-LINK PLC Utility (HKLM\...\{B0E80E49-FBC8-4A5B-B04C-222CBD95B2F6}) (Version: 2.1.2309 - TP-LINK)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
VNC Mirror Driver 1.8.0 (HKLM\...\VNCMirror_is1) (Version: 1.8.0 - RealVNC Ltd.)
VNC Printer Driver 1.8.0 (HKLM\...\VNCPrinter_is1) (Version: 1.8.0 - RealVNC Ltd.)
VNC Server 5.0.0 (HKLM\...\RealVNC_is1) (Version: 5.0.0 - RealVNC Ltd)
VNC Viewer 5.0.0 (HKLM\...\RealVNCViewer_is1) (Version: 5.0.0 - RealVNC Ltd)
Wampserver32 3.0.6 (HKLM\...\{wampserver32}_is1) (Version: 3.0.6 - Dominique Ottello aka Otomatic)
webcam 7 (HKLM\...\webcam 7) (Version: 1.2.0.0 - Moonware Studios)
Windows 10-Upgrade-Assistent (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17384 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinSCP 5.7.7 (HKLM\...\winscp3_is1) (Version: 5.7.7 - Martin Prikryl)
XBMCCustomregis 2.80.01 (HKLM\...\XBMCCustomregis) (Version: 2.80.01 - Elitegamer360)
YoutubeDLG Version 0.3.7 (HKLM\...\{3C455028-FC99-4846-8E04-4FCD87D85613}_is1) (Version: 0.3.7 - Sotiris Papadopoulos)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2866739208-1381630699-1568876280-1001_Classes\CLSID\{c200b111-2f40-4eb0-8187-c5553fc3df6f}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {14006FF0-4225-4071-B7AE-C1084C64ACB6} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel(R) Corporation)
Task: {1DA5A2AF-BB8E-436B-B95F-6CA45CFE41EE} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe 
Task: {2CA96575-A54E-4D27-B3C7-F6037B2C009E} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin\InstallManagerApp.exe [2016-02-26] (Advanced Micro Devices, Inc.)
Task: {31E5C949-1E29-4040-87CE-D09BFCEFEA79} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {33B784D7-32F4-4CDA-8CDC-A3A49CCCA078} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {3FC63559-0C10-4956-A445-EF493AA2A976} - \Microsoft\Windows\Setup\gwx\runappraiser -> Keine Datei <==== ACHTUNG
Task: {412035D4-F0B8-4E1C-A54B-53C09BFEA250} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {650E4F84-26C4-4D60-85C3-8C9A3B7BCA77} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-11] (Adobe Systems Incorporated)
Task: {6DEA71CC-1560-47A7-9E9F-E69B77B88F30} - System32\Tasks\CrystalDiskInfo => C:\systemtest\CrystalDiskInfo6_5_2\DiskInfo.exe [2015-06-14] (Crystal Dew World)
Task: {7CB57919-CBCE-474A-A296-2BF91DC2D4E2} - System32\Tasks\S-1-5-21-2866739208-1381630699-1568876280-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation)
Task: {8B85AFF4-293F-4812-B824-95F08AB243B6} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files\Microsoft Security Client\MpCmdRun.exe 
Task: {A869F295-3A39-4546-A7DB-84B6DE672776} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {C64D0B95-293A-429E-BEEE-1629179AADFD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe 
Task: {D46D9F9C-6EB3-4041-86F6-65F91AAF99EA} - System32\Tasks\{7BBE25DE-2E1E-4A56-8485-6F1A4F73D77E} => C:\Program Files\CyberLink\PowerDVD12\PDVDLaunchPolicy.exe 
Task: {DB544697-B336-4D84-9F7B-0116A17317D1} - System32\Tasks\{156E78B4-2289-4815-B0F4-222EBBA0D664} => pcalua.exe -a C:\Users\mikelsoft\AppData\Roaming\istartsurf\UninstallManager.exe -c  -ptid=smt
Task: {DD654313-CDE6-4B42-A576-53E96248F099} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {E1D0E22A-29BE-47C7-A6FA-612A300EBD3A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {EBC84DDC-BDB9-4047-9EFD-B6C11B2197B5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-04-11] (Microsoft Corporation)
Task: {EFECB985-9FD2-4157-B52B-42BE3A748F84} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Emby\Emby Server Dashboard.lnk -> hxxp://localhost:8096/web/dashboard.htm

ShortcutWithArgument: C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Codebender App.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=magknjdfniglanojbpadmpjlglepnlko
ShortcutWithArgument: C:\Users\mikelsoft\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\efa07ab808c27a35\Google Chrome.lnk -> G:\MyDownloads\chrome32\chrome.exe (Google Inc.) -> --profile-directory=Default

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-06-22 10:47 - 2011-06-22 10:47 - 00024064 _____ () C:\WINDOWS\System32\ssp6ml3.dll
2017-03-05 11:18 - 2017-04-06 16:32 - 00019184 _____ () C:\WINDOWS\system32\spool\PRTPROCS\W32X86\TeamViewer_PrintProcessor.dll
2016-10-11 12:34 - 2016-10-11 12:34 - 02386352 _____ () C:\Program Files\Common Files\Acronis\ActiveProtection\xerces_c.dll
2016-08-29 21:16 - 2016-08-29 21:16 - 00685488 _____ () C:\Program Files\Common Files\Acronis\Home\sqlite3.dll
2016-10-12 19:14 - 2016-10-12 19:14 - 00277538 _____ () C:\Program Files\Common Files\Acronis\ActiveProtection\LIBMAGIC.dll
2016-11-23 14:41 - 2016-11-23 14:41 - 00160168 _____ () C:\Program Files\Common Files\Acronis\Home\libevent.dll
2016-11-01 22:35 - 2016-11-01 22:35 - 00263592 _____ () C:\Program Files\Common Files\Acronis\Home\onig.dll
2014-07-24 10:49 - 2014-07-24 10:49 - 00420352 _____ () C:\Program Files\BubbleUPnP Server\BubbleUPnPServer.exe
2017-04-19 21:10 - 2017-04-19 21:10 - 06086232 _____ () C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
2017-04-08 14:59 - 2017-04-08 14:59 - 01060328 _____ () C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
2017-03-16 23:27 - 2013-04-12 14:23 - 00612664 _____ () C:\Program Files\DVBViewer\sqlite3.dll
2017-04-07 17:35 - 2017-04-12 20:59 - 01736992 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-08 15:47 - 2017-04-08 15:47 - 03638232 _____ () C:\Program Files\Common Files\Acronis\Infrastructure\atih_mms_addon.dll
2017-04-08 15:46 - 2017-04-08 15:46 - 01315464 _____ () C:\Program Files\Common Files\Acronis\Infrastructure\services_mms_addon.dll
2017-04-08 15:45 - 2017-04-08 15:45 - 20914296 _____ () C:\Program Files\Acronis\TrueImageHome\ti_managers.dll
2017-04-08 14:58 - 2017-04-08 14:58 - 00397232 _____ () C:\Program Files\Common Files\Acronis\Home\resource.dll
2016-08-15 11:28 - 2016-08-15 11:28 - 00129968 _____ () C:\Program Files\Acronis\TrueImageHome\afcdpapi.dll
2017-03-07 11:48 - 2017-03-07 11:48 - 00248240 _____ () C:\Program Files\Common Files\Acronis\Home\sync_agent_api.dll
2014-05-03 00:58 - 2014-05-03 00:58 - 00011776 _____ () C:\Program Files\No-IP\ducservice.exe
2014-05-03 00:55 - 2014-05-03 00:55 - 00071680 _____ () C:\Program Files\No-IP\ducapi.dll
2017-02-16 04:19 - 2017-02-16 04:19 - 00033280 _____ () C:\Program Files\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 00103424 _____ () C:\Program Files\Raptr Inc\PlaysTV\win32api.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 00111616 _____ () C:\Program Files\Raptr Inc\PlaysTV\pywintypes35.dll
2017-02-16 04:19 - 2017-02-16 04:19 - 00041984 _____ () C:\Program Files\Raptr Inc\PlaysTV\win32process.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 00405504 _____ () C:\Program Files\Raptr Inc\PlaysTV\pythoncom35.dll
2017-02-16 04:19 - 2017-02-16 04:19 - 00173568 _____ () C:\Program Files\Raptr Inc\PlaysTV\win32gui.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 01934336 _____ () C:\Program Files\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 00077824 _____ () C:\Program Files\Raptr Inc\PlaysTV\sip.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 01780736 _____ () C:\Program Files\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 00505856 _____ () C:\Program Files\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 03812864 _____ () C:\Program Files\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2016-10-20 01:28 - 2016-10-20 01:28 - 01243936 _____ () C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-03-07 11:57 - 2017-03-07 11:57 - 07014728 _____ () C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
2016-08-29 23:57 - 2016-08-29 23:57 - 00444336 _____ () C:\Program Files\Common Files\Acronis\Home\ulxmlrpcpp.dll
2016-08-29 21:16 - 2016-08-29 21:16 - 00115632 _____ () C:\Program Files\Common Files\Acronis\Home\expat.dll
2017-03-18 20:19 - 2017-03-18 20:19 - 00116824 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-02 11:41 - 2017-03-02 11:41 - 05245552 _____ () C:\Program Files\Acronis\TrueImageHome\tishell.dll
2016-02-29 12:25 - 2016-02-29 12:25 - 00048816 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2015-09-09 13:35 - 2015-04-21 21:55 - 02308608 _____ () C:\Program Files\TeraCopy\TeraCopyExt.dll
2016-02-21 23:38 - 2016-02-21 23:38 - 00267952 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2017-04-19 01:14 - 2016-11-16 03:10 - 00051712 _____ () C:\ProgramData\CyberLink\PowerDVD17\OpenWith\PDVD_Shell.dll
2017-03-18 20:19 - 2017-03-19 10:58 - 01456128 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-04-26 06:57 - 2017-04-26 06:58 - 00067584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x86__kzf8qxf38zg5c\SkypeHost.exe
2017-04-26 06:57 - 2017-04-26 06:58 - 00162304 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-26 06:57 - 2017-04-26 06:58 - 30891008 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x86__kzf8qxf38zg5c\SkyWrap.dll
2017-04-26 06:57 - 2017-04-26 06:58 - 01737216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x86__kzf8qxf38zg5c\skypert.dll
2017-04-08 14:59 - 2017-04-08 14:59 - 00589104 _____ () C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
2012-09-13 01:38 - 2012-09-13 01:38 - 07955304 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 02144104 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00341352 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00028008 _____ () C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00127336 _____ () C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2017-04-08 15:55 - 2017-04-08 15:55 - 05110240 _____ () C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
2017-04-08 14:58 - 2017-04-08 14:58 - 07996848 _____ () C:\Program Files\Acronis\TrueImageHome\qt_resources.dll
2017-04-08 14:58 - 2017-04-08 14:58 - 00049584 _____ () C:\Program Files\Common Files\Acronis\Home\rpc_client.dll
2015-06-25 16:02 - 2015-06-25 16:02 - 00012288 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:03 - 2015-06-25 16:03 - 00690176 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:02 - 2015-06-25 16:02 - 00012288 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:03 - 2015-06-25 16:03 - 00057856 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:47 - 2015-06-25 15:47 - 00010240 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:46 - 2015-06-25 15:46 - 01601536 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2014-05-03 00:55 - 2014-05-03 00:55 - 00346624 _____ () C:\Program Files\No-IP\DUC40.exe
2009-09-25 20:57 - 2009-09-25 20:57 - 00245248 _____ () C:\Program Files\AutoHotkey\AutoHotkey.exe

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\CLDShowX.ini:Update.CL [5122]
AlternateDataStreams: C:\ProgramData\Temp:B755D674 [136]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-02-07 21:48 - 2017-04-19 21:20 - 00566820 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1  localhost
94.23.51.125 board.skynet
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 adobeereg.com 
127.0.0.1 activate.wip3.adobe.com 
127.0.0.1 ereg.wip3.adobe.com 
127.0.0.1 wip3.adobe.com 
127.0.0.1 activate-sea.adobe.com 
127.0.0.1 wwis-dubc1-vip60.adobe.com 
127.0.0.1 activate-sjc0.adobe.com 
127.0.0.1 3dns.adobe.com 
127.0.0.1 3dns-1.adobe.com 
127.0.0.1 3dns-2.adobe.com 
127.0.0.1 3dns-3.adobe.com 
127.0.0.1 3dns-4.adobe.com 
127.0.0.1 adobe-dns.adobe.com 
127.0.0.1 adobe-dns-1.adobe.com 
127.0.0.1 adobe-dns-2.adobe.com 
127.0.0.1 adobe-dns-3.adobe.com 
127.0.0.1 adobe-dns-4.adobe.com 
127.0.0.1 adobe-dns-5.adobe.com 
127.0.0.1 hh-software.com 
127.0.0.1 www.hh-software.com 
127.0.0.1 ereg.adobe.de
127.0.0.1 activate.adobe.de 
127.0.0.1 practivate.adobe.de 
127.0.0.1 activate.wip3.adobe.de 

Da befinden sich 12436 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2866739208-1381630699-1568876280-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "PlaysTV"

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [{C680C081-2410-43F8-829B-139F6FB7FD26}] => (Allow) C:\Program Files\DVBViewer\DVBVservice.exe
FirewallRules: [{A6CE6AF9-C281-4E87-9199-96B21CEE6E1B}] => (Allow) C:\Program Files\DVBViewer\DVBVservice.exe
FirewallRules: [{8026E338-4CF5-4638-9FB7-D9EFB0FBB897}] => (Allow) C:\Program Files\DVBViewer\DVBViewer.exe
FirewallRules: [{210947E3-1270-4687-978A-80507BD9F3E1}] => (Allow) C:\Program Files\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{EF3B3C6B-D9F2-4181-AA81-7E54E5168A39}] => (Allow) C:\Program Files\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{08AD3E95-DA01-4F3E-BE6E-69721CA8FB23}] => (Allow) C:\Program Files\DVBViewer\DVBViewer.exe
FirewallRules: [UDP Query User{ADB20143-2EE7-44FF-9696-64BF6530CBD5}C:\users\mikelsoft\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\mikelsoft\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [TCP Query User{CD0DF7ED-285D-4E8C-ABB9-320C8D8F692C}C:\users\mikelsoft\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\mikelsoft\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [UDP Query User{74BE6746-828C-42E2-BC2E-47B7B4B99868}G:\mydownloads\chrome32\chrome.exe] => (Block) G:\mydownloads\chrome32\chrome.exe
FirewallRules: [TCP Query User{1C9A4435-0A5E-4CBA-8CC8-FF93E41D67F0}G:\mydownloads\chrome32\chrome.exe] => (Block) G:\mydownloads\chrome32\chrome.exe
FirewallRules: [UDP Query User{4A262176-6AF6-41A2-A821-0590D7C28BAF}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files\tp-link\tp-link plc utility\tpplc.exe
FirewallRules: [TCP Query User{8FED74D7-0996-417B-A67E-8120179635CA}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files\tp-link\tp-link plc utility\tpplc.exe
FirewallRules: [{5E31B134-F0A1-4E30-A0DD-F9871BB552D9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D0C8E4F5-4A08-4F99-A3C9-42AC902618C6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{823B33EB-50AD-4560-B535-37E086579653}] => (Allow) C:\Program Files\Raptr\raptr_im.exe
FirewallRules: [{4A9AB71B-86CB-4815-8CA1-774B3213A1A7}] => (Allow) C:\Program Files\Raptr\raptr_im.exe
FirewallRules: [{5C60F8FD-ED2C-4924-A5A0-FD59739BD8BA}] => (Allow) C:\Program Files\Raptr\raptr.exe
FirewallRules: [{0CC9AF0E-7545-4D1B-967B-6CD2F3C6D0ED}] => (Allow) C:\Program Files\Raptr\raptr.exe
FirewallRules: [UDP Query User{A73BB4A8-F0C7-42CE-96F1-CD960C910D1D}G:\download\hfs285.exe] => (Allow) G:\download\hfs285.exe
FirewallRules: [TCP Query User{30B9B641-87D8-4C08-B4E7-70E94F8690BA}G:\download\hfs285.exe] => (Allow) G:\download\hfs285.exe
FirewallRules: [{0D53E0DE-865F-4841-81C8-9A2858C8F9EA}] => (Allow) %SystemDrive%\Programme\DVBViewer\DVBVservice.exe
FirewallRules: [{ADF28217-4D1B-46E0-B6D7-9169C5E35662}] => (Allow) %SystemDrive%\Programme\DVBViewer\dvbviewer.exe
FirewallRules: [{435B440A-9DE4-4303-AD05-6DBCFACC91A8}] => (Allow) %SystemDrive%\Programme\DVBViewer\dvbviewer.exe
FirewallRules: [{4D1F9998-B17E-4385-8745-03817039F172}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{F2FEF067-6246-43E0-B9E9-71F8095A3B10}] => (Allow) LPort=3306
FirewallRules: [TCP Query User{9D45A228-75D7-4A0D-AAFC-83E3BC72A703}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{7A423006-E67C-4C89-BB50-4A6282B2BED8}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{632C7F50-DE03-4B85-AC3F-5E6899E228FB}] => (Allow) C:\Program Files\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{F2722436-2A3D-4B69-84DA-B96576A05EF2}] => (Allow) C:\Program Files\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{5A2087CF-27B5-4F8D-B064-D93B41C6BB2D}] => (Allow) C:\Program Files\Acronis\DiskDirectorAdvanced\mms.exe
FirewallRules: [{694B6FDA-78FB-416E-ABBB-1DEB5BF64D4B}] => (Allow) C:\Program Files\Acronis\DiskDirectorAdvanced\mms.exe
FirewallRules: [TCP Query User{0BA91ADF-4E26-4465-8FB4-3F7DD76F5BF4}G:\deluge\deluge.exe] => (Allow) G:\deluge\deluge.exe
FirewallRules: [UDP Query User{D5F398AF-4EBA-4590-A1D8-EA4C7381589E}G:\deluge\deluge.exe] => (Allow) G:\deluge\deluge.exe
FirewallRules: [{78093FE6-AA9A-4364-AFBB-654D6984BAB0}] => (Allow) LPort=21
FirewallRules: [TCP Query User{B9AEF3FB-D2E7-48B8-9D9D-CAFF1590032B}G:\deluge\deluge.exe] => (Allow) G:\deluge\deluge.exe
FirewallRules: [UDP Query User{B64685AE-9D79-4AC7-A16D-79F483BD474E}G:\deluge\deluge.exe] => (Allow) G:\deluge\deluge.exe
FirewallRules: [{ED1F4936-BB16-42A2-901D-69FBF8B0CA06}] => (Allow) %SystemDrive%\Programme\Kodi\Kodi.exe
FirewallRules: [{FE19566B-3931-4C00-AF5D-89194436DFB4}] => (Allow) G:\torrentq\uTorrent.exe
FirewallRules: [{A4FF37CB-7660-4696-AD2A-5651A47A44AA}] => (Allow) G:\torrentq\uTorrent.exe
FirewallRules: [TCP Query User{50341A0B-6129-4238-A794-0F5947C9D58A}G:\deluge\deluged.exe] => (Allow) G:\deluge\deluged.exe
FirewallRules: [UDP Query User{A3DF94DE-42B8-4ABD-BA52-D2DC09AEB3F7}G:\deluge\deluged.exe] => (Allow) G:\deluge\deluged.exe
FirewallRules: [{31BFD31D-465F-4682-A337-9EDCE90622CB}] => (Allow) LPort=8089
FirewallRules: [{2DB55745-7047-4993-8034-31C3225EFB68}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{8EF39283-3B9F-4BB1-8A2C-F4F08F258FD5}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{38AABD1A-E9FD-4357-8B45-4CCCDABBBCAA}] => (Allow) LPort=34000
FirewallRules: [TCP Query User{21AB57A5-63D3-4485-A3CF-9148DE45C7F5}C:\program files\webcam 7\wlite.exe] => (Allow) C:\program files\webcam 7\wlite.exe
FirewallRules: [UDP Query User{D95B4384-DA54-4A81-9AFA-700795057F2C}C:\program files\webcam 7\wlite.exe] => (Allow) C:\program files\webcam 7\wlite.exe
FirewallRules: [{F2BAF6DD-3A62-4D87-AAED-B17D524E784C}] => (Block) %ProgramFiles%\HDD Regenerator\HDD Regenerator.exe
FirewallRules: [{EE7E3D0C-AB1C-415F-9808-48730973438E}] => (Block) %ProgramFiles%\HDD Regenerator\hddreg.exe
FirewallRules: [{FBA0286D-8149-4DAF-8A0E-BD8AA383F4C3}] => (Block) %ProgramFiles%\HDD Regenerator\Shell.exe
FirewallRules: [{49A9F8E4-D49B-4A6A-986F-DE3B65324F59}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DE247741-B76D-46BB-A016-F773E3DB587E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{79A5E3B0-25D0-4E3B-99BB-C970CCED3471}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{5AAE740E-C3A7-4E0E-9029-B06FADCC80C7}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{1B322716-0D63-49D4-9033-D3DF90628167}] => (Allow) C:\Program Files\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{596C2785-8F07-497E-B920-34B9736D8CF7}] => (Allow) C:\Program Files\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{EBC9DF68-9B3B-4BB9-B978-63A0F92F65A5}] => (Allow) C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{BBAAE3FD-88C6-45A8-92B5-F396AB9386D4}] => (Allow) C:\Program Files\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{5949AC1A-77A4-4463-8C6D-A1A07CB598E4}] => (Allow) C:\Program Files\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{B093CFAB-8298-49BF-A1DA-601A95826AF7}] => (Allow) C:\Program Files\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{E37D9D83-6D5A-48A6-9D65-A840CBEE57DD}] => (Block) %ProgramFiles%\CyberLink\PowerDVD12\Activate.exe
FirewallRules: [{6EF7E097-3F43-4F31-B8D4-18C6B13CFCBB}] => (Block) %ProgramFiles%\CyberLink\PowerDVD12\PDVDLaunchPolicy.exe
FirewallRules: [{4381B70E-11E4-4D16-922D-833B468C5C21}] => (Block) %ProgramFiles%\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{C763C561-250F-4762-99A7-D1D77B7D278D}] => (Block) %ProgramFiles%\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{1D064B7A-08B3-43D8-9B8F-9C83E757097F}] => (Block) %ProgramFiles%\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{6730A0EE-3C06-400B-988A-BEA4AE1F2BF9}] => (Block) %ProgramFiles%\CyberLink\PowerDVD12\OLRSubmission\OLRSubmission.exe
FirewallRules: [TCP Query User{1E8F15C2-9CFB-44A4-AA2C-12D91C4385C6}C:\program files\ps3 media server\jre\bin\javaw.exe] => (Allow) C:\program files\ps3 media server\jre\bin\javaw.exe
FirewallRules: [UDP Query User{9C302410-962E-4F39-B800-D30444C2F82E}C:\program files\ps3 media server\jre\bin\javaw.exe] => (Allow) C:\program files\ps3 media server\jre\bin\javaw.exe
FirewallRules: [TCP Query User{97C19907-1283-43D3-A093-A967E2C64A91}G:\mydownloads\oo.defrag.professional.v16.0.139.portable.preactivated\o&o defrag\local\stubexe\0x91e85def82427929\oodag.exe] => (Allow) G:\mydownloads\oo.defrag.professional.v16.0.139.portable.preactivated\o&o defrag\local\stubexe\0x91e85def82427929\oodag.exe
FirewallRules: [UDP Query User{385C02C6-0462-4F20-9D7D-745FCC54E094}G:\mydownloads\oo.defrag.professional.v16.0.139.portable.preactivated\o&o defrag\local\stubexe\0x91e85def82427929\oodag.exe] => (Allow) G:\mydownloads\oo.defrag.professional.v16.0.139.portable.preactivated\o&o defrag\local\stubexe\0x91e85def82427929\oodag.exe
FirewallRules: [TCP Query User{81AD0904-5734-4E11-8046-014AE582B297}C:\program files\deluge\deluge.exe] => (Allow) C:\program files\deluge\deluge.exe
FirewallRules: [UDP Query User{972ECDA5-1933-4831-91D3-A85E13CFD95B}C:\program files\deluge\deluge.exe] => (Allow) C:\program files\deluge\deluge.exe
FirewallRules: [{EA3D57DC-560E-47EC-91CC-FCE4A4E84261}] => (Allow) %SystemDrive%\Programme\DVBViewer\DVBVservice.exe
FirewallRules: [{1EFA9EBA-E40C-48A4-A41B-CBEE2739F748}] => (Allow) %ProgramFiles%\DVBViewer\dvbviewer.exe
FirewallRules: [TCP Query User{881BDB96-6810-4631-B605-7AAC7259E52D}G:\downloads\hfs285.exe] => (Allow) G:\downloads\hfs285.exe
FirewallRules: [TCP Query User{807DBE3E-D74B-438D-BC57-7A90BE909593}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{ED9C6457-EDB0-4702-8E6A-2A739CBB94B7}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{DD06B0D3-5610-40A6-AFD9-5D7D26A4B888}C:\program files\freesshd\freesshdservice.exe] => (Allow) C:\program files\freesshd\freesshdservice.exe
FirewallRules: [UDP Query User{A255CA19-88C9-449E-A874-5A0CB1995761}C:\program files\freesshd\freesshdservice.exe] => (Allow) C:\program files\freesshd\freesshdservice.exe
FirewallRules: [TCP Query User{94E4B885-537C-486A-8E10-C3B8F6C57CA2}C:\users\mikelsoft\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\mikelsoft\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{5C23E2F7-E266-49E5-847B-8599FEFAA767}C:\users\mikelsoft\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\mikelsoft\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [PotPlayer(PotPlayerMini.exe)] => (Allow) C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe
FirewallRules: [{8612FF47-5880-4177-9ED4-07A56EF44ADC}] => (Allow) C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe
FirewallRules: [TCP Query User{0AE48706-C87D-4EB0-A47E-32A1737A669A}G:\downloads\hfs285.exe] => (Allow) G:\downloads\hfs285.exe
FirewallRules: [{5E6CA01F-5E45-4804-940D-05AFB21EB48B}] => (Allow) C:\Program Files\webcam 7\wLite.exe
FirewallRules: [{49BB4D10-0B38-4943-B918-B8500BE07744}] => (Allow) C:\Program Files\webcam 7\wLite.exe
FirewallRules: [{3B1C783E-216B-4E4E-B543-C412E9ACE8AF}] => (Allow) C:\Program Files\webcam 7\wService.exe
FirewallRules: [{23B2F347-8747-46E5-8E08-133D19BE6937}] => (Allow) C:\Program Files\webcam 7\wService.exe
FirewallRules: [TCP Query User{311A14EB-0DFC-4D23-BDDB-C5D64D46CA36}C:\program files\dvbviewer\httpserver.exe] => (Allow) C:\program files\dvbviewer\httpserver.exe
FirewallRules: [UDP Query User{4BA8D9C1-C490-4F17-8D6C-1A47863C1E0A}C:\program files\dvbviewer\httpserver.exe] => (Allow) C:\program files\dvbviewer\httpserver.exe
FirewallRules: [TCP Query User{7B507B35-351B-4202-828F-C9F9FC707463}C:\program files\ambibox\ambibox.exe] => (Allow) C:\program files\ambibox\ambibox.exe
FirewallRules: [UDP Query User{23ED0DB2-9F07-48CA-8564-A69761DC19E8}C:\program files\ambibox\ambibox.exe] => (Allow) C:\program files\ambibox\ambibox.exe
FirewallRules: [TCP Query User{FEB968C3-E960-4EC3-92BF-80104F877085}C:\program files\prismatik\prismatik.exe] => (Allow) C:\program files\prismatik\prismatik.exe
FirewallRules: [UDP Query User{C7F04A6F-C89F-4D27-A224-AB0E756B139A}C:\program files\prismatik\prismatik.exe] => (Allow) C:\program files\prismatik\prismatik.exe
FirewallRules: [TCP Query User{745FCC82-A109-4B91-8574-B3211E87C6FF}G:\mydownloads\adalight\processing-2.1-windows32\processing-2.1\java\bin\java.exe] => (Allow) G:\mydownloads\adalight\processing-2.1-windows32\processing-2.1\java\bin\java.exe
FirewallRules: [UDP Query User{DC93C5DD-D829-4DCB-9F77-471289EB8800}G:\mydownloads\adalight\processing-2.1-windows32\processing-2.1\java\bin\java.exe] => (Allow) G:\mydownloads\adalight\processing-2.1-windows32\processing-2.1\java\bin\java.exe
FirewallRules: [TCP Query User{AC4CC51E-CC28-45D1-8B45-D7395C9F8BAF}C:\program files\dvbviewer\plugins\plugins1\acamdmonitor.exe] => (Allow) C:\program files\dvbviewer\plugins\plugins1\acamdmonitor.exe
FirewallRules: [UDP Query User{098F08E5-B994-426C-AA9F-19C23C0DBBBD}C:\program files\dvbviewer\plugins\plugins1\acamdmonitor.exe] => (Allow) C:\program files\dvbviewer\plugins\plugins1\acamdmonitor.exe
FirewallRules: [{FE07A888-900D-45BD-A1FB-90A0619F59F1}] => (Allow) C:\Program Files\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{C1094119-D454-4DE8-A970-21EA9A7A6AFA}] => (Allow) C:\Program Files\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{CFF3544B-4B5A-4A36-825C-8E16AD0701A2}] => (Allow) C:\Program Files\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{10391ABB-FF24-4745-9C60-FFD273669436}] => (Allow) C:\Program Files\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{741AF286-46CC-4AB3-86F3-2AB7B2FF879C}] => (Allow) C:\Program Files\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{E6A4BE9B-4360-400A-8578-54AC300CAADD}] => (Block) %ProgramFiles%\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{597F33DB-59FD-4569-BFB9-D5277AB1A3E7}] => (Block) %ProgramFiles%\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{D39461C6-0556-44F3-98F8-11801A202632}] => (Block) %ProgramFiles%\CyberLink\PowerDVD14\PDVDLP.exe
FirewallRules: [{5320B598-A21F-45B5-B876-0CF3DEC465AE}] => (Block) %ProgramFiles%\CyberLink\PowerDVD14\Common\CLMPSvc.exe
FirewallRules: [{9292EEEB-E599-4441-8D0B-3FC7E79146DF}] => (Block) %ProgramFiles%\CyberLink\PowerDVD14\Common\CLMPInst.exe
FirewallRules: [TCP Query User{9CC3B6FE-85B6-4D94-8991-9E24DCCC5F55}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe
FirewallRules: [UDP Query User{420FF2FC-BE44-4701-A64A-AB387D06A84D}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe
FirewallRules: [TCP Query User{745BA75F-E5E3-45E9-BDA3-0CB817420F63}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [UDP Query User{39E998D4-03C0-4360-8812-20FAB95D3438}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [TCP Query User{22FFE0BD-203C-4DE2-B610-40C435FE5B84}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe
FirewallRules: [UDP Query User{DDC9BA0F-05E9-48FE-8453-4D46638B0090}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe
FirewallRules: [{6CAA02E6-E967-483C-8084-DECB74629C98}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{CAB89BC7-171D-41FF-B62E-29BBD8C78E43}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{22E3CE26-441C-4007-AB73-85741B4AE922}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{FBD8EA7E-C5DA-4F13-A185-F1245EA0F112}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{05CF20C9-F211-457F-9C48-C04166DF0264}G:\mydownloads\madvr08721\madhcctrl.exe] => (Allow) G:\mydownloads\madvr08721\madhcctrl.exe
FirewallRules: [UDP Query User{12834DC3-613D-4537-86DC-846537FA7851}G:\mydownloads\madvr08721\madhcctrl.exe] => (Allow) G:\mydownloads\madvr08721\madhcctrl.exe
FirewallRules: [TCP Query User{36797835-AFA2-4009-980A-640735355F6E}C:\program files\media player classic - home cinema\mpc-hc.exe] => (Allow) C:\program files\media player classic - home cinema\mpc-hc.exe
FirewallRules: [UDP Query User{3EA85D57-4A1A-4F03-B289-8FB3E5053064}C:\program files\media player classic - home cinema\mpc-hc.exe] => (Allow) C:\program files\media player classic - home cinema\mpc-hc.exe
FirewallRules: [{0684B793-CBEB-47AD-AE72-5E0050A674AE}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{D5DAFAE4-9EF8-45E0-B262-A1B8288B8F6B}G:\download\hfs285.exe] => (Block) G:\download\hfs285.exe
FirewallRules: [UDP Query User{A1642A60-07E7-4C79-982F-137AD10635AE}G:\download\hfs285.exe] => (Block) G:\download\hfs285.exe
FirewallRules: [TCP Query User{6F515D59-37ED-44CE-9C19-AB28C791D1CF}C:\program files\kodi\kodi.exe] => (Block) C:\program files\kodi\kodi.exe
FirewallRules: [UDP Query User{DD1EE314-E1DA-4B02-A1D8-5142BFDA01D8}C:\program files\kodi\kodi.exe] => (Block) C:\program files\kodi\kodi.exe
FirewallRules: [{A763D636-BA9A-4D23-B635-54A595BFC8A9}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{D088E5B9-A653-4084-97E2-8EE5026F7214}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{E27B43C7-8413-40BF-8AA7-4FCA6397E86F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{ECE6F447-7A2E-4752-8096-1409612C34C5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{71F1E758-CB4C-4C52-A8F4-249D104ECF01}] => (Allow) C:\Program Files\DVBViewer\DVBViewer.exe
FirewallRules: [{EE3E5D18-398A-4192-9EE7-5C3999E0DCDD}] => (Allow) C:\Program Files\DVBViewer\DVBViewer.exe
FirewallRules: [{792DCC58-2FD0-49D1-A496-4BF6F8A0E9AA}] => (Allow) C:\Program Files\BubbleUPnP Server\BubbleUPnPServer.exe
FirewallRules: [TCP Query User{96F9F5D0-814B-4311-BC57-B4F3C8277B35}C:\users\mikelsoft\appdata\local\apps\2.0\8xdly85b.wcz\t8jghpqe.d88\sich..tion_dd8fea481d87ab9c_0003.0000_e5eb66b3c4193511\sichbopvr.exe] => (Allow) C:\users\mikelsoft\appdata\local\apps\2.0\8xdly85b.wcz\t8jghpqe.d88\sich..tion_dd8fea481d87ab9c_0003.0000_e5eb66b3c4193511\sichbopvr.exe
FirewallRules: [UDP Query User{8C4BA999-FA3A-4044-995D-79360630E443}C:\users\mikelsoft\appdata\local\apps\2.0\8xdly85b.wcz\t8jghpqe.d88\sich..tion_dd8fea481d87ab9c_0003.0000_e5eb66b3c4193511\sichbopvr.exe] => (Allow) C:\users\mikelsoft\appdata\local\apps\2.0\8xdly85b.wcz\t8jghpqe.d88\sich..tion_dd8fea481d87ab9c_0003.0000_e5eb66b3c4193511\sichbopvr.exe
FirewallRules: [TCP Query User{30E5FCFF-926C-422C-A124-15D0289FA0E5}C:\wamp\bin\apache\apache2.4.18\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.18\bin\httpd.exe
FirewallRules: [UDP Query User{49FE1622-2DE4-4C7C-9C52-886681AD133E}C:\wamp\bin\apache\apache2.4.18\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.18\bin\httpd.exe
FirewallRules: [{6D185FEC-2621-4F63-BB80-55EE896D7FF2}] => (Allow) C:\Program Files\DVBViewer\DVBViewer.exe
FirewallRules: [{334E9490-F13E-4DB4-B970-72CCE84B8162}] => (Allow) C:\Program Files\DVBViewer\DVBViewer.exe
FirewallRules: [TCP Query User{F47B6828-AB85-4CF1-892F-850971392B96}C:\users\mikelsoft\appdata\local\apps\2.0\8xdly85b.wcz\t8jghpqe.d88\sich..tion_dd8fea481d87ab9c_0003.0000_aacaf54a1cc9ce11\sichbopvr.exe] => (Allow) C:\users\mikelsoft\appdata\local\apps\2.0\8xdly85b.wcz\t8jghpqe.d88\sich..tion_dd8fea481d87ab9c_0003.0000_aacaf54a1cc9ce11\sichbopvr.exe
FirewallRules: [UDP Query User{B81308F7-AE53-4B7D-B9F6-9173EAFCD72E}C:\users\mikelsoft\appdata\local\apps\2.0\8xdly85b.wcz\t8jghpqe.d88\sich..tion_dd8fea481d87ab9c_0003.0000_aacaf54a1cc9ce11\sichbopvr.exe] => (Allow) C:\users\mikelsoft\appdata\local\apps\2.0\8xdly85b.wcz\t8jghpqe.d88\sich..tion_dd8fea481d87ab9c_0003.0000_aacaf54a1cc9ce11\sichbopvr.exe
FirewallRules: [{3BCD47E4-E34C-4F59-A177-68451821C478}] => (Allow) C:\Users\mikelsoft\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{C07E2404-99BE-4301-95D8-F984A930BA4E}] => (Allow) C:\Program Files\DVBViewer\DVBViewer.exe
FirewallRules: [{6B6184EB-DE9F-4824-8D72-E0B4A07540E6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{E3E2D83A-04F6-428D-AE6C-96E288F39C9F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{B3FDDFD5-B96A-44F3-A1ED-80DAB256EC4F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F1898D70-3406-401D-9E66-464053C72877}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F0B07B8D-469E-4B6A-9BDB-96B0C892DA95}] => (Allow) C:\Program Files\CyberLink\PowerDVD16\PowerDVD.exe
FirewallRules: [{674F598A-42A4-4431-8D3A-D42E4F7E38CE}] => (Allow) C:\Program Files\CyberLink\PowerDVD16\Kernel\DMS\CLMSServerPDVD16.exe
FirewallRules: [{42E1483C-EA2E-4861-A451-A577EDC7A879}] => (Allow) C:\Program Files\CyberLink\PowerDVD16\PowerDVD16Agent.exe
FirewallRules: [{F1C10B25-9083-4B5F-B98E-9C6E60A9F0A4}] => (Allow) C:\Program Files\CyberLink\PowerDVD16\Movie\PowerDVDMovie.exe
FirewallRules: [{38085AD5-816A-47ED-915C-7E45B05708CA}] => (Allow) C:\Program Files\CyberLink\PowerDVD16\CastingStation.exe
FirewallRules: [{AEA786D2-DEAD-4408-83C8-66D6CC0D17F5}] => (Allow) C:\Program Files\CyberLink\PowerDVD17\PowerDVD.exe
FirewallRules: [{CA13C7A1-1399-400F-A69E-1710B5B35BDF}] => (Allow) C:\Program Files\CyberLink\PowerDVD17\Kernel\DMS\CLMSServerPDVD17.exe
FirewallRules: [{DE3591E3-D4A9-4F2B-A4B6-F215187E8F5D}] => (Allow) C:\Program Files\CyberLink\PowerDVD17\PowerDVD17Agent.exe
FirewallRules: [{723DC905-0A69-4741-9086-8B1FF57A0C13}] => (Allow) C:\Program Files\CyberLink\PowerDVD17\Movie\PowerDVDMovie.exe
FirewallRules: [{F11CB595-0B50-460E-AC88-91C1F7685EAF}] => (Allow) C:\Program Files\CyberLink\PowerDVD17\CastingStation.exe
FirewallRules: [{4A3D4B8B-4F9A-40D8-AB42-0B279FFD5DFF}] => (Allow) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{5191A864-FEC9-44D1-8FC2-2C9B6E0AEB27}] => (Allow) C:\Program Files\Common Files\Acronis\Infrastructure\mms_mini.exe
FirewallRules: [{71C761CA-8192-429A-91FA-7B1CA4B95E59}] => (Allow) C:\Program Files\Acronis\TrueImageHome\TrueImage.exe
FirewallRules: [{E4F200D5-4D6F-477D-A3C6-61CED61B8378}] => (Allow) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
FirewallRules: [{D9669033-67BB-4372-808A-1B9512F0EC1B}] => (Allow) C:\Program Files\Acronis\TrueImageHome\TrueImageTools.exe
FirewallRules: [{75D40257-A2FE-474A-97E0-3046EC2ED850}] => (Allow) C:\Program Files\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe
FirewallRules: [{77210919-71B1-4BD4-A738-B22BA9E40A0F}] => (Allow) C:\Program Files\Acronis\TrueImageHome\MediaBuilder.exe
FirewallRules: [{C58F7464-25BD-480C-BA7C-EFCCF8FA21C0}] => (Allow) C:\Program Files\Acronis\TrueImageHome\SystemReport.exe
FirewallRules: [{843ACD32-5C69-4E33-91D7-35CD52FF78AD}] => (Allow) C:\Program Files\Acronis\TrueImageHome\acronis_drive.exe
FirewallRules: [{6A680B61-EBF5-4BA6-ACA9-D3B21F333ADE}] => (Allow) C:\Program Files\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
FirewallRules: [{7D44FFD1-FA59-46D3-9428-4BB0C3EBFAAA}] => (Allow) C:\Program Files\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe
FirewallRules: [{F5F7C004-4967-4A35-923C-96EC99AD9A90}] => (Allow) C:\Program Files\Acronis\TrueImageHome\mobile_backup_status_server.exe
FirewallRules: [{0E107AC9-2F15-45CE-B10B-DBF1FBA7CB21}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7E07BC32-71C3-4EF0-8149-72F30F9F5712}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7ED503AE-EA14-45A2-A782-ED0E7D70F2AF}] => (Block) C:\Program Files\Acronis\TrueImageHome\license_activator.exe
FirewallRules: [{BE4946EF-B639-4D59-9C11-436F8AA030F8}] => (Allow) C:\Program Files\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{69AF0E78-67E5-4A07-9E3A-CE98E30AEB28}] => (Allow) C:\Program Files\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{95E4FFCC-92D8-46E4-BC05-84288E882C89}] => (Allow) C:\Program Files\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{8CFAFD67-5EF1-4784-83A8-192226C1491A}] => (Allow) C:\Program Files\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{32888E4F-AD96-41C7-B424-52E6D7415D2F}C:\wamp\bin\apache\apache2.4.23\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.23\bin\httpd.exe
FirewallRules: [UDP Query User{82E68C9B-2B71-44EC-AA7B-CC075DC9B37C}C:\wamp\bin\apache\apache2.4.23\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.23\bin\httpd.exe
FirewallRules: [TCP Query User{C69ABCB9-0CD5-46FB-843A-DBC9C1294E13}C:\users\mikelsoft\appdata\roaming\emby-server\system\mediabrowser.serverapplication.exe] => (Allow) C:\users\mikelsoft\appdata\roaming\emby-server\system\mediabrowser.serverapplication.exe
FirewallRules: [UDP Query User{C76D7DC6-27DB-42C4-B84D-9AD86C3CF29C}C:\users\mikelsoft\appdata\roaming\emby-server\system\mediabrowser.serverapplication.exe] => (Allow) C:\users\mikelsoft\appdata\roaming\emby-server\system\mediabrowser.serverapplication.exe
FirewallRules: [{D7535F5B-9264-4CF9-94B0-40975580A60C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: PS/2-Standardtastatur
Description: PS/2-Standardtastatur
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/30/2017 12:21:52 PM) (Source: Acronis Scheduler) (EventID: 1) (User: NT-AUTORITÄT)
Description: Scheduler kann den Task nicht ausführen>"" mit GUID 'A2BB4F95-348C-4590-958E-DF518374D6D4'} wegen Fehler 267> (The directory name is invalid.)

Error: (04/30/2017 12:21:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname mikelsoft-PC.local already in use; will try mikelsoft-PC-2.local instead

Error: (04/30/2017 12:21:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister    4 mikelsoft-PC.local. Addr 192.168.178.41

Error: (04/30/2017 12:21:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.41:5353   16 mikelsoft-PC.local. AAAA FD9E:C0A1:753D:0000:0000:0000:0000:0C96

Error: (04/30/2017 04:54:25 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\arduino\drivers\dpinst-amd64.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/30/2017 04:54:09 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\acronis\bootablecomponents\winpe\files\systeminfo.exe".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/30/2017 04:54:09 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\acronis\bootablecomponents\winpe\files\mms.exe".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/30/2017 04:54:09 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\acronis\bootablecomponents\winpe\files\TrueImage.exe".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/30/2017 04:54:09 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\acronis\bootablecomponents\winpe\files\RecoveryExpert.exe".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/30/2017 04:54:09 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\acronis\bootablecomponents\winpe\files\DiskDirectorAdvancedService.exe".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


Systemfehler:
=============
Error: (04/30/2017 12:48:58 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/30/2017 12:48:58 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/30/2017 12:43:50 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/30/2017 12:43:50 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/30/2017 12:43:44 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "DMS" ist von folgendem Dienst abhängig: ProtectedStorage. Dieser Dienst ist möglicherweise nicht installiert.

Error: (04/30/2017 12:43:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AMD FUEL Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (04/30/2017 12:43:44 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "HomeGroupListener" wurde mit dem folgenden dienstspezifischen Fehler beendet: 
%%2147944153 = In der Endpunktzuordnung sind keine weiteren Endpunkte verfügbar.

Error: (04/30/2017 12:43:44 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten.

Error: (04/30/2017 12:43:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (04/30/2017 12:43:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BubbleUPnP Server" wurde mit folgendem Fehler beendet: 
Das System kann einem Verzeichnis auf dem gleichen Laufwerk kein Laufwerk mit JOIN oder SUBST zuordnen.


CodeIntegrity:
===================================
  Date: 2017-04-30 12:50:40.723
  Description: N/A

  Date: 2017-04-30 12:50:40.721
  Description: N/A

  Date: 2017-04-30 12:50:21.998
  Description: N/A

  Date: 2017-04-30 12:50:21.997
  Description: N/A

  Date: 2017-04-30 12:49:50.770
  Description: N/A

  Date: 2017-04-30 12:49:50.769
  Description: N/A

  Date: 2017-04-30 12:49:49.519
  Description: N/A

  Date: 2017-04-30 12:49:49.518
  Description: N/A

  Date: 2017-04-30 12:44:14.675
  Description: N/A

  Date: 2017-04-30 12:44:14.674
  Description: N/A


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU G4560 @ 3.50GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 8156.15 MB
Verfügbarer physikalischer RAM: 6244.24 MB
Summe virtueller Speicher: 9116.15 MB
Verfügbarer virtueller Speicher: 7076.34 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:110.81 GB) (Free:42.27 GB) NTFS
Drive d: (Volume) (Fixed) (Total:7451.91 GB) (Free:3964.86 GB) NTFS
Drive g: (Volume) (Fixed) (Total:2794.39 GB) (Free:378.96 GB) NTFS
Drive i: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 7EF8E762)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 7452 GB) (Disk ID: BBE15D11)

Partition: GPT.

========================================================
Disk: 2 (Size: 2794.5 GB) (Disk ID: B6DE571E)

Partition: GPT.

==================== Ende vom Addition.txt ============================
         
Rechner 2 stell ich morgen hier rein

Antwort

Themen zu Mirai botnet Brief vom Telekom Sicherheitswarnung
bedrohung, bot, botnet, brief, einwählen, frage, fragen, fritzbox, gefunde, handys, heute, hilfe, hotline, inter, interne, kabel, laptops, malwarebytes, mitglied, schädling, sicherheitswarnung, telekom, wlan, wähle, zusammenhang



Ähnliche Themen: Mirai botnet Brief vom Telekom Sicherheitswarnung


  1. DDoS-Tool Mirai versklavt Gateways von Sierra Wireless fürs IoT-Botnet
    Nachrichten - 15.10.2016 (0)
  2. Sicherheitswarnung von Telekom, B106
    Log-Analyse und Auswertung - 23.05.2016 (1)
  3. Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt
    Log-Analyse und Auswertung - 14.02.2016 (17)
  4. Telekom-Sicherheitswarnung - Dorkbot, mehr?
    Plagegeister aller Art und deren Bekämpfung - 01.01.2016 (9)
  5. Warnung von Telekom bezüglich Trojaner/Botnet Infektion :(
    Log-Analyse und Auswertung - 10.04.2015 (5)
  6. Sicherheitswarnung Telekom Abuse Team
    Log-Analyse und Auswertung - 10.02.2015 (13)
  7. Sicherheitswarnung zu meinem Internetzugang durch die Telekom
    Log-Analyse und Auswertung - 23.01.2015 (30)
  8. Sicherheitswarnung von der Telekom
    Plagegeister aller Art und deren Bekämpfung - 13.03.2014 (7)
  9. Sicherheitswarnung der Telekom wegen Versendung von Schadsoftware
    Log-Analyse und Auswertung - 27.11.2013 (7)
  10. Wichtige Sicherheitswarnung von der Telekom - Hacking - Skinhole
    Plagegeister aller Art und deren Bekämpfung - 09.10.2013 (11)
  11. Sicherheitswarnung Telekom ZeuS/ZBot
    Plagegeister aller Art und deren Bekämpfung - 04.10.2013 (9)
  12. Sicherheitswarnung von der Telekom und nun ???
    Plagegeister aller Art und deren Bekämpfung - 15.09.2013 (21)
  13. Sicherheitswarnung von Telekom, 2 Rechner beschädigt?
    Plagegeister aller Art und deren Bekämpfung - 09.09.2013 (19)
  14. Sicherheitswarnung Telekom wegen Zeus Zbot
    Plagegeister aller Art und deren Bekämpfung - 11.04.2013 (12)
  15. Sicherheitswarnung Telekom 2
    Log-Analyse und Auswertung - 22.02.2013 (24)
  16. Sicherheitswarnung der Telekom wegen Hacking
    Log-Analyse und Auswertung - 05.02.2013 (53)
  17. Erneute sicherheitswarnung zu ihrem internetzugang von telekom
    Log-Analyse und Auswertung - 29.11.2012 (15)

Zum Thema Mirai botnet Brief vom Telekom Sicherheitswarnung - Hallo ich habe einen Brief(2xmal) von der Telekom bekommen mit einer Sicheheitswarnung zu meinem Internetzugang. Als ich bei der Hotline genau nachfragte was genau für eine Bedrohung wurde mir gesagt - Mirai botnet Brief vom Telekom Sicherheitswarnung...
Archiv
Du betrachtest: Mirai botnet Brief vom Telekom Sicherheitswarnung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.