Trojaner-Board - MBAM findet Bedrohung in SysWOW64/smart.dll

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - MBAM findet Bedrohung in SysWOW64/smart.dll (https://www.trojaner-board.de/176172-mbam-findet-bedrohung-syswow64-smart-dll.html)

MBAM findet Bedrohung in SysWOW64/smart.dll

Hallo, beim heutigen Check mit MBAM kam die Meldung das die Datei smart.dll im Ordner SysWOW64 gefährlich sei (roter Punkt). Habe Win7 64-bit Home Professional. Scanne gerade mit Eset Online Scanner. Dauert aber noch. Sypbot Search und Destroy hat nichts gefunden. Ein Log File von Hiijackthis hätte ich noch anzubieten. Wer kann mir helfen, damit ich herausfinde ob die Datei smart.dll wirklich gefährlich ist. Danke vorab.

Ohne Logs kann dir das keine sagen. Spybot ist totaler Murks und spielt schon längst keine Rolle mehr, hau es weg.

Hier eine LOG Datei

HiJackthis Logfile:

Code:

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 14:28:54, on 19.02.2016

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.18205)
 

FIREFOX: 44.0.2 (x86 de)

Boot mode: Normal
 

Running processes:

C:\Program Files (x86)\PDF24\pdf24.exe

C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe

C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe

E:\Software\HijackThis.exe
 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://10.0.0.138/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/p/?LinkId=255141

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll

O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll

O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun

O4 - HKLM\..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - hxxp://download.eset.com/special/eos/OnlineScanner.cab

O18 - Protocol: brx - {9C160F90-74D1-11D3-AB60-0060977C1F29} - C:\Program Files (x86)\Bricsys\Bricscad V11\BrxProtIE.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions Inc. - C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe

O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe

O23 - Service: devolo Network Service (DevoloNetworkService) - devolo AG - C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: HitmanPro.Alert Service (hmpalertsvc) - SurfRight B.V. - C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe

O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe

O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: Sophos Virus Removal Tool (SophosVirusRemovalTool) - Sophos Limited - C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 

--

End of file - 9384 bytes

--- --- ---

Du sprichst von Funden mit Malwarebytes. Die Logs will ich sehen. Nix Hijackthis.

Hier vom Malwarebytes
Alles gefundene ist in Quarantäne bis auf den Eintrag unter Syswow64 / smart.dll
Diesen traue ich mich auch nicht löschen da er im Ordner Syswow64 ist

Danke vorab

Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 20.02.2016
Suchlaufzeit: 17:39
Protokolldatei: Malware.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.02.20.02
Rootkit-Datenbank: v2016.02.17.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: User

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 358922
Abgelaufene Zeit: 18 Min., 32 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.PCMechanic, HKU\S-1-5-21-2609884232-144836243-1937340655-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\AUDIO\POLICYCONFIG\PROPERTYSTORE\4A5A7DB8_0, , [26ccd38fdbbed462a380a8b1a2627c84],

Registrierungswerte: 1
PUP.Optional.PCMechanic, HKU\S-1-5-21-2609884232-144836243-1937340655-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\AUDIO\POLICYCONFIG\PROPERTYSTORE\4a5a7db8_0, {0.0.0.00000000}.{db84b364-3394-4021-b280-1b192a672b21}|\Device\HarddiskVolume2\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe%b{00000000-0000-0000-0000-000000000000}, , [26ccd38fdbbed462a380a8b1a2627c84]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 2
PUP.Optional.AmazonTB, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\jetpack\abb@amazon.com, , [f3ff402236637fb7587c3097bc469b65],
PUP.Optional.AmazonTB, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\jetpack\abb@amazon.com\simple-storage, , [f3ff402236637fb7587c3097bc469b65],

Dateien: 26
RiskWare.Tool.CK, C:\ProgramData\Comodo\Cis\Quarantine\data\{11DCF9E0-A71A-4F2C-BD9B-011BBC1E0BFB}, , [42b0adb56c2dee4872e98b9403ff827e],
PUP.Optional.OpenCandy, C:\ProgramData\Comodo\Cis\Quarantine\data\{27C0F155-E368-439B-BB69-5910E033E978}, , [8d652f33bbde1d19817fc1445ea730d0],
PUP.Optional.IBryte, C:\ProgramData\Comodo\Cis\Quarantine\data\{42FCA58A-2C08-4536-8831-16D8B70DE6DC}, , [d51d243e9efb0e28654e91a5c73ae719],
RiskWare.Tool.CK, C:\ProgramData\Comodo\Cis\Quarantine\data\{4F332D4A-6201-49C0-BB74-6A44BAD412B3}, , [d81a8bd7cccd4ee867f4d44bb34f17e9],
PUP.Optional.OpenCandy, C:\ProgramData\Comodo\Cis\Quarantine\data\{53339A7D-05A4-4D3D-B916-800B243D35FA}, , [72807fe38d0cf6407a86b84dd82def11],
RiskWare.Tool.HCK, C:\ProgramData\Comodo\Cis\Quarantine\data\{7D1B549F-7EC8-44F6-99BC-8AD0B856C76D}, , [c032c1a1cecbb482b2c99e6a13ef58a8],
Trojan.Dropper.NS, C:\ProgramData\Comodo\Cis\Quarantine\data\{960C0475-3233-486A-8D9B-5D6FFAC90F0E}, , [4aa8a7bbecade254e96f168938cca35d],
RiskWare.Tool.HCK, C:\ProgramData\Comodo\Cis\Quarantine\data\{9701FD0E-DAFD-420D-A140-4CD7EF459928}, , [e111342e2c6dfb3b2d740700a75ae41c],
PUP.Optional.RelevantKnowledge, C:\ProgramData\Comodo\Cis\Quarantine\data\{9F370F54-FBD0-4E9C-B982-912F541821EC}, , [e80a42209cfd5dd9ef21f40435cf7c84],
PUP.Optional.Delta.ShrtCln, C:\ProgramData\Comodo\Cis\Quarantine\data\{A34D707F-25D5-470A-B493-FB64B6A22A0C}, , [5e9476ec6138f73fbee2ced4e719b24e],
PUP.Optional.RelevantKnowledge, C:\ProgramData\Comodo\Cis\Quarantine\data\{AB7938AD-CE19-4AC4-A5D8-C74E3302652D}, , [14de382ad7c2f73f719f44b42fd5dc24],
PUP.Optional.IBryte, C:\ProgramData\Comodo\Cis\Quarantine\data\{AC318615-D6F0-41BB-83F0-04A6D0393338}, , [40b2a5bd1e7b0432f0c3191d6e9327d9],
Adware.Bundler, C:\ProgramData\Comodo\Cis\Quarantine\data\{ACD864EC-9467-47FD-9252-7C515D1FF7A4}, , [747ef1712376f14525549fe203fd29d7],
PUP.Optional.OpenCandy, C:\ProgramData\Comodo\Cis\Quarantine\data\{BD3F91B5-D82A-48D4-9D5B-45FA593DCEAF}, , [d12167fb2e6b2016a7599d687e8757a9],
PUP.Optional.IBryte, C:\ProgramData\Comodo\Cis\Quarantine\data\{C9E3F8CA-934A-40D8-8E46-107F963CF7D7}, , [549e5b0776233df9a013280e9b6640c0],
PUP.Optional.RelevantKnowledge, C:\ProgramData\Comodo\Cis\Quarantine\data\{D148A231-077D-4650-B761-06B68C07D34E}, , [db17b9a9a5f4043261b62dd242c22ed2],
PUP.Optional.OpenCandy, C:\ProgramData\Comodo\Cis\Quarantine\data\{D20055F5-95A1-4D37-824E-EE40C9AF5BBD}, , [b83afe648019e65023dde520a65f669a],
PUP.Optional.OpenCandy, C:\ProgramData\Comodo\Cis\Quarantine\data\{DE78FBF9-9AF3-4C1E-8416-5A2BEBB9E54C}, , [d31fc49ea0f953e346ba39cc8f76b54b],
Trojan.Agent.Generic, C:\ProgramData\Comodo\Cis\Quarantine\data\{E2675BA4-0944-4920-8CEA-9A43954E030E}, , [49a91e447c1d86b061b092d328d9df21],
Trojan.Agent.Generic, C:\ProgramData\Comodo\Cis\Quarantine\data\{E35C5B41-8191-4D1B-9986-66B8E030482A}, , [0be7bea42b6eed49d1401b4af40d6997],
Adware.Bundler, C:\ProgramData\Comodo\Cis\Quarantine\data\{F8D8307B-3938-4E44-8A3F-DB0B87CC26F4}, , [eb077ee46237af876f0aed9457a9dc24],
PUP.Optional.Ilivid, C:\ProgramData\Comodo\Cis\Quarantine\data\{FA8410F4-47F3-456C-9653-1D7EA097B171}, , [bc36045ec0d970c6feb611cc699722de],
PUP.Optional.PCMechanic, C:\Users\User\AppData\Roaming\RHEng\0099B3CB3E214CBF94774CD76A2AC02D\pcmechanicpmROE_p1v4.exe, , [5e948ed40d8c96a051b4f338ba477c84],
Trojan.Agent, C:\Windows\SysWOW64\Smart.dll, , [35bde37f23762c0a37f767e63fc4669a],
PUP.Optional.AmazonTB, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\extensions\abb@amazon.com.xpi, , [fef4a9b94e4b42f44d278d49e22107f9],
PUP.Optional.AmazonTB, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\jetpack\abb@amazon.com\simple-storage\store.json, , [f3ff402236637fb7587c3097bc469b65],

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)

(end)

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

http://www.trojaner-board.de/picture...&pictureid=307

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-02-2016

durchgeführt von User (Administrator) auf PETROS (20-02-2016 22:29:33)

Gestartet von E:\Software

Geladene Profile: User (Verfügbare Profile: User)

Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: FF)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(Comodo Security Solutions Inc.) C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe

() C:\Program Files (x86)\UseNeXT\UseNeXT.exe

(Bricsys) C:\Program Files (x86)\Bricsys\Bricscad V11\bricscad.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe

(Comodo Security Solutions Inc.) C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
 
 

==================== Registry (Nicht auf der Ausnahmeliste) ===========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7543912 2011-11-08] (Realtek Semiconductor)

HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-07] (COMODO)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-28] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [218656 2015-08-30] (Geek Software GmbH)

HKLM\...\RunOnce: [RealProtect] => C:\Program Files\McAfee\Real Protect\RealProtect.exe [1711984 2016-02-19] (McAfee Inc.)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]

HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\MountPoints2: D - D:\autorun.exe

HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\MountPoints2: I - I:\StorioSetup.exe

HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\MountPoints2: {8e7e4dff-bad3-11e2-9d5b-c86000582d03} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Start.hta

HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\MountPoints2: {ab6d489d-8c11-11e4-91d4-c86000582d03} - G:\StorioSetup.exe

BootExecute: autocheck autochk *  sdnclean64.exe
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 10.0.0.138

Tcpip\..\Interfaces\{0E2A9454-C15D-4F19-B459-E6D79B5B5EE4}: [DhcpNameServer] 10.0.0.138 10.0.0.138
 

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/p/?LinkId=255141

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/p/?LinkId=255141

HKU\S-1-5-21-2609884232-144836243-1937340655-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://10.0.0.138/

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-02-19] (IObit)

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll [2016-02-03] (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-02-03] (Oracle Corporation)

BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll [2016-02-03] (Oracle Corporation)

BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)

BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-02-03] (Oracle Corporation)

DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab

Handler-x32: brx - {9C160F90-74D1-11D3-AB60-0060977C1F29} - C:\Program Files (x86)\Bricsys\Bricscad V11\BrxProtIE.dll [2009-11-24] (BricsCad)
 

FireFox:

========

FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809

FF Homepage: hxxp://10.0.0.138/

FF NetworkProxy: "type", 0

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-11] ()

FF Plugin: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-02-03] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-02-03] (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-11] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219159.dll [2015-06-26] (Adobe Systems, Inc.)

FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)

FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-12-02] (DivX, LLC)

FF Plugin-x32: @java.com/DTPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\dtplugin\npDeployJava1.dll [2016-02-03] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\plugin2\npjp2.dll [2016-02-03] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)

FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2013-11-19] (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2013-11-19] (RealPlayer)

FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-2609884232-144836243-1937340655-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-01] (Unity Technologies ApS)

FF Plugin HKU\S-1-5-21-2609884232-144836243-1937340655-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\User\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2013-11-19] (RealNetworks, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2013-11-19] (RealPlayer)

FF Extension: Fasterfox - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2015-06-06]

FF Extension: Microsoft .NET Framework Assistant - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2015-06-06]

FF Extension: Garmin Communicator - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-06-06]

FF Extension: convert2mp3.net YouTube2MP3 Converter - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\extensions\info@convert2mp3.net.xpi [2015-06-06]

FF Extension: Classic Theme Restorer - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2016-02-18]

FF Extension: Amazon Assistant for Firefox - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\Extensions\abb@amazon.com.xpi [2016-02-10]

FF Extension: Gutscheinsammler.de - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\Extensions\alarm@gutscheinsammler.de.xpi [2015-06-06]

FF Extension: MEGA - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\Extensions\firefox@mega.co.nz.xpi [2016-02-18]

FF Extension: NoScript - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-02-12]

FF Extension: FT DeepDark - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2016-02-02]

FF Extension: Gutscheinaffe - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\Extensions\{9220f99f-5b7d-4a4d-97ca-209991796400}.xpi [2015-06-06]

FF Extension: Download Statusbar - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2015-06-06]

FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-11-19] [ist nicht signiert]

FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

FF HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zdxwfxsw.default\extensions\cliqz@cliqz.com => nicht gefunden

FF HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff

FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-11-23] [ist nicht signiert]
 

Chrome: 

=======

CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-10-11]
 

==================== Dienste (Nicht auf der Ausnahmeliste) ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-07-28] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]

R2 CLPSLauncher; C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe [70352 2012-11-01] (Comodo Security Solutions Inc.)

R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-09-08] (COMODO)

R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-07] (COMODO)

R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-20] (devolo AG)

S4 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-09-26] (Freemake) [Datei ist nicht signiert]

S4 GeekBuddyRSP; C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe [1467088 2012-10-31] (Comodo Security Solutions, Inc.)

R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1876816 2014-04-09] (SurfRight B.V.)

S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-02-19] (IObit)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2016-02-20] (Malwarebytes)

S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()

S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-27] () [Datei ist nicht signiert]

S4 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1\RpcAgentSrv.exe [68760 2008-12-27] (SiSoftware) [Datei ist nicht signiert]

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2016-02-19] (Safer-Networking Ltd.)

R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2016-02-19] (Safer-Networking Ltd.)

R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2016-02-19] (Safer-Networking Ltd.)

S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1570520 2016-02-04] (Secunia)

R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [837848 2016-02-04] (Secunia)

S3 SophosVirusRemovalTool; C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [152872 2015-02-27] (Sophos Limited)

S4 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)

S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)

R2 Themes; C:\Windows\system32\themeservice.dll [44544 2012-08-10] (Microsoft Corporation) [Datei ist nicht signiert]

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [97280 2006-12-12] (Brother Industries Ltd.)

R1 CLBStor; C:\Windows\System32\DRIVERS\CLBStor.sys [24560 2009-07-07] (Cyberlink Co.,Ltd.)

R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [372720 2009-07-07] (CyberLink Corporation.)

R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21184 2015-11-18] (COMODO)

R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [806032 2015-11-18] (COMODO)

R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45856 2015-08-05] (COMODO)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)

R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)

R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)

R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-02-14] (Glarysoft Ltd)

R2 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [93144 2014-04-09] ()

R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2015-05-19] (REALiX(tm))

R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105096 2015-08-05] (COMODO)

S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2016-02-20] (Malwarebytes)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2016-02-20] (Malwarebytes Corporation)

R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-07-20] (CACE Technologies)

S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2016-02-04] (Secunia)

S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)

R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-11-22] (Windows (R) Win 7 DDK provider)

R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102576 2015-11-03] ()

R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25904 2015-11-03] ()

R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [701232 2015-11-03] ()

S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)

U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [146928 2009-08-28] (CyberLink Corp.)
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-02-20 22:29 - 2016-02-20 22:29 - 00000000 ____D C:\FRST

2016-02-20 17:37 - 2016-02-20 17:38 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2016-02-20 17:37 - 2016-02-20 17:37 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys

2016-02-20 17:37 - 2016-02-20 17:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2016-02-20 17:37 - 2016-02-20 17:37 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys

2016-02-20 17:37 - 2016-02-20 17:37 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2016-02-20 17:37 - 2016-02-20 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2016-02-19 23:57 - 2016-02-20 00:08 - 00000000 ____D C:\Program Files\stinger

2016-02-19 23:57 - 2016-02-19 23:57 - 00000000 ____D C:\Program Files\McAfee

2016-02-19 14:26 - 2016-02-19 14:26 - 00000000 ____D C:\Users\User\AppData\Roaming\ProductData

2016-02-19 14:25 - 2016-02-20 17:37 - 00002898 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_User

2016-02-19 14:25 - 2016-02-19 14:25 - 00001366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk

2016-02-19 14:25 - 2016-02-19 14:25 - 00001354 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk

2016-02-19 14:25 - 2016-02-19 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller

2016-02-19 13:54 - 2016-02-19 13:53 - 00451075 ____R C:\Windows\system32\Drivers\etc\hosts.20160219-135406.backup

2016-02-19 12:47 - 2016-02-19 12:47 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe

2016-02-19 12:47 - 2016-02-19 12:47 - 00001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk

2016-02-19 12:47 - 2016-02-19 12:47 - 00001379 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk

2016-02-19 12:47 - 2016-02-19 12:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2

2016-02-19 12:44 - 2016-02-19 12:44 - 00275064 _____ C:\Windows\Minidump\021916-46987-01.dmp

2016-02-19 12:08 - 2016-02-19 12:56 - 00000000 ____D C:\Users\User\AppData\Roaming\QuickScan

2016-02-14 12:17 - 2016-02-14 12:17 - 00000000 ____D C:\Users\User\Desktop\CTR_v1.8.4

2016-02-14 12:10 - 2016-02-16 23:32 - 00000000 ____D C:\Users\User\Desktop\3dsexplorer_v1.5.3

2016-02-13 17:03 - 2016-02-13 17:03 - 00002086 _____ C:\Users\Public\Desktop\SDFormatter.lnk

2016-02-13 17:03 - 2016-02-13 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SDFormatter

2016-02-13 17:03 - 2016-02-13 17:03 - 00000000 ____D C:\Program Files (x86)\SDA

2016-02-09 21:18 - 2016-02-09 21:18 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2016-02-09 21:18 - 2016-02-09 21:18 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2016-02-09 21:18 - 2016-02-09 21:18 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll

2016-02-09 21:18 - 2016-02-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2016-02-09 21:18 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2016-02-09 21:17 - 2016-02-09 21:17 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2016-02-09 21:17 - 2016-02-09 21:17 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2016-02-09 21:17 - 2016-02-09 21:17 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2016-02-09 21:17 - 2016-02-09 21:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2016-02-09 21:17 - 2016-02-09 21:17 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2016-02-09 21:17 - 2016-02-09 21:17 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2016-02-09 21:17 - 2016-01-22 07:40 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2016-02-09 21:17 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2016-02-09 21:15 - 2016-02-09 21:15 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2016-02-09 21:15 - 2016-02-09 21:15 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll

2016-02-09 21:15 - 2016-02-09 21:15 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll

2016-02-09 21:15 - 2016-02-09 21:15 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

2016-02-09 21:14 - 2016-02-09 21:14 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2016-02-09 21:14 - 2016-02-09 21:14 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2016-02-09 21:14 - 2016-02-09 21:14 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2016-02-09 21:14 - 2016-02-09 21:14 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2016-02-09 21:14 - 2016-02-09 21:14 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2016-02-09 21:14 - 2016-02-09 21:14 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2016-02-09 21:14 - 2016-02-09 21:14 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2016-02-09 21:14 - 2016-02-09 21:14 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2016-02-09 21:14 - 2016-02-09 21:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2016-02-09 21:14 - 2016-02-09 21:14 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2016-02-09 21:14 - 2016-02-09 21:14 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2016-02-09 21:14 - 2016-02-09 21:14 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2016-02-09 21:14 - 2016-02-09 21:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe

2016-02-09 21:14 - 2016-02-09 21:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2016-02-09 21:14 - 2016-02-09 21:14 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2016-02-09 21:14 - 2016-02-09 21:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2016-02-09 21:14 - 2016-02-09 21:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2016-02-08 23:35 - 2016-02-11 23:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2016-02-05 13:24 - 2016-02-05 13:24 - 00439608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140.dll

2016-02-05 13:09 - 2016-02-05 13:09 - 00849360 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110.dll

2016-02-04 18:45 - 2016-02-20 17:33 - 00003236 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler

2016-02-04 18:45 - 2016-02-04 18:48 - 00002166 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk

2016-02-04 18:45 - 2016-02-04 18:45 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled

2016-02-04 18:45 - 2016-02-04 18:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3

2016-02-04 18:34 - 2016-02-04 18:34 - 00001069 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk

2016-02-03 22:43 - 2016-02-03 22:43 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2016-02-03 22:43 - 2016-02-03 22:37 - 00110176 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll

2016-02-02 19:32 - 2016-02-02 19:32 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL

2016-02-02 19:32 - 2016-02-02 19:32 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll

2016-02-02 19:32 - 2016-02-02 19:32 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL

2016-02-02 19:32 - 2016-02-02 19:32 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL

2016-02-02 19:32 - 2016-02-02 19:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll

2016-02-02 19:32 - 2016-02-02 19:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL

2016-02-02 19:31 - 2016-02-02 19:31 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll

2016-02-02 19:31 - 2016-02-02 19:31 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll

2016-02-02 13:45 - 2016-02-04 18:34 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys

2016-01-31 12:54 - 2016-01-31 12:55 - 00003817 _____ C:\Users\User\AppData\LocalLow\lpm.dat

2016-01-31 12:54 - 2016-01-31 12:54 - 00003640 _____ C:\Windows\System32\Tasks\DivXUpdate

2016-01-29 17:57 - 2016-02-07 12:25 - 00000000 ____D C:\Users\User\Desktop\Tor Browser

2016-01-26 18:17 - 2016-01-26 18:17 - 00000000 ____D C:\Users\User\Doctor Web

2016-01-22 18:59 - 2016-01-22 18:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++

2016-01-22 18:58 - 2016-01-22 18:59 - 00000000 ____D C:\Users\User\AppData\Roaming\Notepad++

2016-01-22 18:58 - 2016-01-22 18:59 - 00000000 ____D C:\Program Files (x86)\Notepad++
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-02-20 22:28 - 2014-04-04 20:49 - 00198554 _____ C:\Windows\system32\Drivers\fvstore.dat

2016-02-20 22:28 - 2012-08-09 23:21 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat

2016-02-20 21:38 - 2012-08-22 17:00 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2016-02-20 20:57 - 2009-07-14 05:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2016-02-20 20:57 - 2009-07-14 05:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2016-02-20 20:20 - 2012-08-09 22:52 - 00000000 ____D C:\Users\User\AppData\Roaming\UseNeXT

2016-02-20 17:37 - 2014-05-27 19:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2016-02-20 17:33 - 2015-08-01 18:19 - 00002868 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (User)

2016-02-20 17:30 - 2014-09-07 21:28 - 00000332 _____ C:\Windows\Tasks\GlaryInitialize 5.job

2016-02-20 17:29 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2016-02-20 17:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf

2016-02-19 23:50 - 2013-12-11 18:57 - 00000000 ____D C:\AdwCleaner

2016-02-19 14:26 - 2015-08-01 18:19 - 00000000 ____D C:\Users\User\AppData\Roaming\IObit

2016-02-19 14:26 - 2015-08-01 18:19 - 00000000 ____D C:\ProgramData\ProductData

2016-02-19 14:25 - 2015-08-01 18:19 - 00000000 ____D C:\Program Files (x86)\IObit

2016-02-19 12:51 - 2012-11-21 23:14 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2

2016-02-19 12:47 - 2012-08-11 15:30 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

2016-02-19 12:44 - 2015-09-11 12:07 - 797614784 _____ C:\Windows\MEMORY.DMP

2016-02-19 12:44 - 2012-08-22 23:32 - 00000000 ____D C:\Windows\Minidump

2016-02-18 18:04 - 2011-04-12 08:43 - 00792788 _____ C:\Windows\system32\perfh007.dat

2016-02-18 18:04 - 2011-04-12 08:43 - 00202956 _____ C:\Windows\system32\perfc007.dat

2016-02-18 18:04 - 2009-07-14 06:13 - 01769774 _____ C:\Windows\system32\PerfStringBackup.INI

2016-02-17 20:07 - 2012-08-09 22:52 - 00000000 ____D C:\Users\User\Documents\UseNeXT

2016-02-17 18:54 - 2016-01-08 17:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

2016-02-17 18:54 - 2012-08-09 22:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2016-02-16 16:38 - 2015-04-14 19:16 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2016-02-13 17:02 - 2013-05-13 16:34 - 00000000 ____D C:\Users\User\AppData\Local\Downloaded Installations

2016-02-11 21:15 - 2014-08-20 18:57 - 00000000 ____D C:\Users\User\AppData\Local\Adobe

2016-02-11 21:15 - 2012-08-22 17:00 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2016-02-11 21:15 - 2012-08-09 22:19 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2016-02-11 21:15 - 2012-08-09 22:19 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2016-02-10 08:34 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache

2016-02-10 07:45 - 2009-07-14 05:45 - 00703568 _____ C:\Windows\system32\FNTCACHE.DAT

2016-02-10 07:42 - 2011-04-12 08:55 - 00000000 ____D C:\Program Files\Windows Journal

2016-02-09 22:24 - 2013-07-15 22:22 - 00000000 ____D C:\Windows\system32\MRT

2016-02-09 22:20 - 2012-05-07 12:36 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2016-02-05 13:02 - 2015-08-07 11:08 - 00617536 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110.dll

2016-02-03 22:43 - 2015-10-22 18:11 - 00000000 ____D C:\Users\User\.oracle_jre_usage

2016-02-03 22:43 - 2013-09-16 20:48 - 00000000 ____D C:\ProgramData\Oracle

2016-02-03 22:43 - 2013-09-16 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2016-02-03 22:42 - 2014-03-20 20:17 - 00000000 ____D C:\Program Files (x86)\Java

2016-02-03 22:40 - 2014-03-20 20:14 - 00000000 ____D C:\Program Files\Java

2016-02-03 22:37 - 2015-11-20 18:54 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll

2016-02-03 19:13 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF

2016-02-02 19:34 - 2012-05-07 12:02 - 01743118 _____ C:\Windows\SysWOW64\PerfStringBackup.INI

2016-01-31 12:54 - 2013-12-19 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX

2016-01-31 12:54 - 2012-08-10 14:18 - 00000000 ____D C:\Program Files (x86)\DivX

2016-01-31 12:54 - 2012-08-10 14:17 - 00000000 ____D C:\ProgramData\DivX

2016-01-31 12:53 - 2012-08-10 14:19 - 00000000 ____D C:\Users\User\AppData\Roaming\DivX

2016-01-25 19:54 - 2014-10-15 20:49 - 00000000 ____D C:\ProgramData\Package Cache

2016-01-22 11:57 - 2012-08-17 13:35 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2015-04-05 22:42 - 2015-04-05 22:42 - 0010918 _____ () C:\Program Files (x86)\hijackthis.log

2012-08-12 08:52 - 2012-08-12 08:52 - 0388608 _____ (Trend Micro Inc.) C:\Program Files (x86)\HiJackThis204.exe

2012-08-10 19:33 - 2013-08-05 21:37 - 0000713 _____ () C:\Users\User\AppData\Roaming\burnaware.ini

2013-01-06 16:18 - 2013-01-06 16:26 - 13152256 _____ () C:\Users\User\AppData\Roaming\Sandra.mdb

2012-09-03 18:04 - 2016-01-05 14:21 - 0001057 _____ () C:\Users\User\AppData\Roaming\vso_ts_preview.xml

2012-09-11 16:25 - 2014-01-17 12:47 - 0000678 _____ () C:\Users\User\AppData\Local\cookies.ini

2013-04-08 20:11 - 2013-04-08 20:11 - 0000041 ___SH () C:\ProgramData\.zreglib
 

Dateien, die verschoben oder gelöscht werden sollten:

====================

C:\Users\User\DirSync.bat
 
 

Einige Dateien in TEMP:

====================

C:\Users\User\AppData\Local\Temp\DivXSetup.exe

C:\Users\User\AppData\Local\Temp\Quarantine.exe

C:\Users\User\AppData\Local\Temp\xmlUpdater.exe
 
 

==================== Bamital & volsnap =================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\Windows\system32\winlogon.exe => Datei ist digital signiert

C:\Windows\system32\wininit.exe => Datei ist digital signiert

C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert

C:\Windows\explorer.exe => Datei ist digital signiert

C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert

C:\Windows\system32\svchost.exe => Datei ist digital signiert

C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert

C:\Windows\system32\services.exe => Datei ist digital signiert

C:\Windows\system32\User32.dll => Datei ist digital signiert

C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert

C:\Windows\system32\userinit.exe => Datei ist digital signiert

C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert

C:\Windows\system32\rpcss.dll => Datei ist digital signiert

C:\Windows\system32\dnsapi.dll => Datei ist digital signiert

C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
 

LastRegBack: 2016-02-18 09:09
 

==================== Ende von FRST.txt ============================

Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-02-2016

durchgeführt von User (2016-02-20 22:31:14)

Gestartet von E:\Software

Windows 7 Home Premium Service Pack 1 (X64) (2012-08-07 12:11:16)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-2609884232-144836243-1937340655-500 - Administrator - Disabled)

Gast (S-1-5-21-2609884232-144836243-1937340655-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-2609884232-144836243-1937340655-1003 - Limited - Enabled)

User (S-1-5-21-2609884232-144836243-1937340655-1000 - Administrator - Enabled) => C:\Users\User
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: COMODO Antivirus (Enabled - Up to date) {F25D0092-CDBE-B303-ADB7-88DE8CDECCF5}

AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

FW: COMODO Firewall (Enabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)

Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)

Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.159 - Adobe Systems, Inc.)

Amazon Cloud Drive (HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\23ab716f18849b6f) (Version: 2.0.2013.841 - Amazon)

Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)

AMD Catalyst Install Manager (HKLM\...\{EEB732AC-544D-09BD-7BEF-56ED6D198AB2}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)

Bricscad 11.1 (HKLM-x32\...\{BF5FF0FA-8A62-4FFC-A395-8EEE18ED84DB}) (Version: 11.1.14 - Bricsys)

Brother MFL-Pro Suite MFC-5890CN (HKLM-x32\...\{20E970DF-A7B2-4345-9DEB-72213A29645E}) (Version: 1.0.1.0 - Brother Industries, Ltd.)

BUFFALO TurboUSB for FLASH/HDD (HKLM-x32\...\UN000000) (Version:  - )

BurnAware Free 5.1 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware Technologies)

CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)

CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5571 - CDBurnerXP)

CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.5.2014 - Georgy Berdyshev)

Clarke Tech Editor Studio 3.21 (HKLM-x32\...\Clarke Tech Editor Studio_is1) (Version: 3.21 - )

Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.31 - Cliqz.com)

CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)

Codecs for Windows 7 Pack 4.0.5 (HKLM-x32\...\Codecs for Windows 7 Pack) (Version: 4.0.5 - Codecs for Windows 7 Pack)

Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 15.0 - COMODO)

COMODO Internet Security (HKLM\...\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}) (Version: 5.10.31649.2253 - COMODO Security Solutions Inc.)

ConvertXtoDVD 4.1.12.352 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.12.352 - )

CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version:  - )

CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3226 - CyberLink Corp.)

CyberLink InstantBurn (HKLM-x32\...\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}) (Version: 5.0.5509 - CyberLink Corp.)

CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3121a - CyberLink Corp.)

CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3311 - CyberLink Corp.)

CyberLink PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.5529 - CyberLink Corp.)

CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2006a - CyberLink Corp.)

CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.3228 - CyberLink Corp.)

CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2028 - CyberLink Corp.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)

D-Fend Reloaded 1.4.2 (deinstallieren) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.4.2 - Alexander Herzog)

DirSync UNICODE  2.93 (HKLM-x32\...\DirSync) (Version:  - Stephen Kalisch)

DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.8.0.13 - DivX, LLC)

dLAN Cockpit (x32 Version: 3.2.28 - devolo AG) Hidden

DriveImage XML (Private Edition) (HKLM-x32\...\{F7E1CA14-B39D-452A-960B-39423DDDD933}) (Version: 2.50.000 - Runtime Software)

Driver Booster 3.2 (HKLM-x32\...\Driver Booster_is1) (Version: 3.2 - IObit)

DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)

DVDFab 8.1.9.0 (06/07/2012) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version:  - Fengtao Software Inc.)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )

FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)

Free YouTube to MP3 Converter version 3.12.50.1111 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1111 - DVDVideoSoft Ltd.)

FreeFileSync 7.3 (HKLM-x32\...\FreeFileSync) (Version: 7.3 - www.FreeFileSync.org)

Freemake Video Converter Version 4.0.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.4 - Ellora Assets Corporation)

Garmin POI Loader (HKLM-x32\...\{5CA74EDC-CFC3-4FA0-AED7-1415CA19F250}) (Version: 2.7.2 - Garmin Ltd or its subsidiaries)

Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)

GeekBuddy (HKLM-x32\...\{E21161DD-05A2-42ED-A0EC-9C1393F51A64}) (Version: 4.2.39 - Comodo Security Solutions Inc)

Glary Utilities 5.19 (HKLM-x32\...\Glary Utilities 5) (Version: 5.19.0.32 - Glarysoft Ltd)

HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.)

HolmeZ (HKLM-x32\...\{06363132-E00C-48D6-A904-AC1B7B177793}) (Version: 1.3.0.759 - HolmeZ SoftSolutions Pte. Ltd.)

HWiNFO32 Version 4.62 (HKLM-x32\...\HWiNFO32_is1) (Version: 4.62 - Martin Malík - REALiX)

ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)

IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.2.5.126 - IObit)

IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)

Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation)

Java 8 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218072F0}) (Version: 8.0.720.15 - Oracle Corporation)

JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

KC Softwares SUMo (HKLM-x32\...\KC Softwares SUMo_is1) (Version: 3.13.6.260 - KC Softwares)

LibreOffice 5.0.3.2 (HKLM-x32\...\{D61E7AA0-0380-49B9-8DDD-7685E2306176}) (Version: 5.0.3.2 - The Document Foundation)

Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)

Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)

MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)

Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)

Mozilla Thunderbird 38.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.6.0 (x86 de)) (Version: 38.6.0 - Mozilla)

MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden

MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden

MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden

MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.9 - Notepad++ Team)

OpenDCL Runtime (HKLM-x32\...\{E0DEBD92-9FFB-4AFB-BB89-7270974C991F}) (Version: 7.0.0006 - OpenDCL Consortium)

Paragon Backup and Recovery™ 14 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)

PC Connectivity Solution (HKLM-x32\...\{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}) (Version: 12.0.17.0 - Nokia)

PDF24 Creator 7.1.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)

PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )

POIbase 1.061 (HKLM-x32\...\POIbase_is1) (Version:  - POIbase)

QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)

QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )

Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )

RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden

RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden

RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden

RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6499 - Realtek Semiconductor Corp.)

RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden

Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)

Samsung Kies (x32 Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden

Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)

Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden

SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)

SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)

SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version:  - Seagate Technology)

Secunia PSI (3.0.0.11005) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.11005 - Secunia)

SiSoftware Sandra Lite 2013.SP1 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 19.23.2013.1 - SiSoftware)

Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)

Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.4 - Sophos Limited)

Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)

Spyware Terminator 2012 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.82 - Crawler.com)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.40798 - TeamViewer)

tiptoi® Manager 3.0.7 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.0.7 - Ravensburger AG)

Unity Web Player (HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\UnityWebPlayer) (Version: 5.1.0f3 - Unity Technologies ApS)

Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)

UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)

VBA (2627.01) (x32 Version: 6.03.00.9188 - Microsoft Corporation) Hidden

VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden

Visitenkarten in 2 Minuten (HKLM-x32\...\Visitenkarten in 2 Minuten) (Version:  - )

VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)

VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden

VTech Download Manager (HKLM-x32\...\VTechDownloadManager) (Version:  - VTech)

VTech Software Installer Version 20151224 (HKLM-x32\...\{798BB333-99C2-4164-A473-D4B5C0DB4E01}_is1) (Version: 20151224 - )

WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)

Windows Aero (Tahoma Font) (HKLM\...\Windows Aero (Tahoma Font)_is1) (Version:  - Eric G.)

Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)

Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)

WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

XnView 2.13 (HKLM-x32\...\XnView_is1) (Version: 2.13 - Gougelet Pierre-e)

Zahlenbuch 3 (HKLM-x32\...\Zahlenbuch 3) (Version:  - )

Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version:  - DOSBox Team)
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {02042E52-7F45-4296-8CE8-1B6B9D27D609} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-11] (Adobe Systems Incorporated)

Task: {07109C19-93CB-45E4-B762-26F42EF9A750} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe [2016-01-31] (DivX, LLC)

Task: {103332F6-1D64-417A-B68D-27AD21E176A0} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO)

Task: {2E1449B9-B60C-4833-9BAC-E34BD59A347F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-02-19] (Safer-Networking Ltd.)

Task: {50254C7F-8723-45EA-8B39-38D6AF7EE388} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO)

Task: {5EA23C0D-D73E-44B6-A1F3-0C97360AE6CE} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2609884232-144836243-1937340655-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)

Task: {5F9D9EEC-FD76-4A54-8204-1600C1C08674} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)

Task: {79D3CE87-1655-4075-8553-7CD7D76E97E6} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2609884232-144836243-1937340655-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)

Task: {79FE34D1-5C43-4A52-A2BE-1FD200BCBF9D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2016-02-19] (Safer-Networking Ltd.)

Task: {7DBE5985-58AB-4B5C-8601-8362BBF88473} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-01-12] (Adobe Systems Incorporated)

Task: {9B6B1D0D-0A55-4CB8-A59B-93AE7D28DAAF} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-02-14] (Glarysoft Ltd)

Task: {9D630954-A4C0-415A-9305-F2FC965D4B6C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-02-19] (Safer-Networking Ltd.)

Task: {B4B2E000-3826-4208-A075-F1FB07C7CC57} - System32\Tasks\Driver Booster SkipUAC (User) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-02-04] (IObit)

Task: {B62D4E37-DE7F-4F68-8506-5DF05B7626F4} - System32\Tasks\{E303911E-F7A7-4210-B29F-2C4BCE4F74F6} => pcalua.exe -a I:\StorioSetup.exe -d I:\

Task: {C0A016FE-D3CA-4EFF-A583-2FFC0A02B69B} - System32\Tasks\Uninstaller_SkipUac_User => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-02-19] (IObit)

Task: {C50F6062-ECD6-47D2-A46D-B53BACA3DFEA} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-07] (COMODO)

Task: {D3348319-238F-4626-A71F-90A4F9AAA57E} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO)

Task: {D4D42E4F-A5BD-43CD-BBE9-3A45519BB5AA} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO)

Task: {DFA35058-E7A9-4D0D-89D2-BF7603A31F96} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-02-14] (Glarysoft Ltd)

Task: {F671E852-7D47-4E94-89E9-0AFE5320B528} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-02-04] (IObit)
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
 

==================== Verknüpfungen =============================
 

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2012-08-10 16:24 - 2009-11-05 06:40 - 00085504 _____ () C:\Windows\System32\cpwmon64.dll

2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll

2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll

2012-08-10 16:01 - 2006-12-19 18:03 - 00046640 _____ () C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\resex64.dll

2011-07-28 16:44 - 2011-07-28 16:44 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll

2011-07-28 16:55 - 2011-07-28 16:55 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2011-12-19 17:59 - 2015-01-08 23:02 - 00067808 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav

2013-03-30 10:45 - 2014-11-19 16:21 - 04318720 _____ () C:\Program Files (x86)\UseNeXT\UseNeXT.exe

2016-02-19 12:47 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl

2016-02-19 12:47 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl

2016-02-19 12:47 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl

2016-02-19 12:47 - 2016-02-19 12:47 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll

2016-02-19 12:47 - 2016-02-19 12:47 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll

2012-08-31 20:13 - 2015-08-30 21:02 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll

2012-08-31 20:13 - 2015-08-30 21:02 - 00051744 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll

2012-08-10 16:13 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

2016-02-19 14:25 - 2015-12-23 16:27 - 00355616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl

2016-02-19 14:25 - 2015-12-23 16:27 - 00190240 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl

2016-02-19 14:25 - 2015-12-23 16:27 - 00057632 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl

2016-01-08 17:57 - 2016-02-17 18:33 - 00153032 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll

2016-01-08 17:57 - 2016-02-17 18:33 - 00022472 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

2016-02-11 21:15 - 2016-02-11 21:15 - 17891008 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll

2012-08-10 21:39 - 2010-11-13 11:05 - 00266240 _____ () C:\Program Files (x86)\Bricsys\Bricscad V11\testrunner80uLegacy.dll

2012-08-10 21:39 - 2010-11-13 11:05 - 00069632 _____ () C:\Program Files (x86)\Bricsys\Bricscad V11\zlib.dll

2012-08-10 21:39 - 2010-11-13 11:05 - 04304896 _____ () C:\Program Files (x86)\Bricsys\Bricscad V11\commands.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 

AlternateDataStreams: C:\Windows:0B2A40BB4D06387A

AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\aaclient.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\CPFilters.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\EncDec.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ExplorerFrame.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\fixmapi.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ftbusui.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ftcserco.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ftd2xx.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\FTLang.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ftserui2.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\icaapi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID

AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\inseng.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\jnwmon.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\KBDAZE.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\KBDAZEL.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\kbdgeoqw.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mapi32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mapistub.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mcupdate_GenuineIntel.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msvcp110.dll:$CmdZnID

AlternateDataStreams: C:\Windows\system32\msvcr110.dll:$CmdZnID

AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msxml6.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msxml6r.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mtxoci.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\nlsbres.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\occache.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\qedit.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\RtNicProp64.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\RTNUninst64.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\schedsvc.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\sdnclean64.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\sysmain.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ucrtbase.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Vim.RWBlock.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\vimbase.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\vimsdk.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\webcheck.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID

AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID

AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\aaclient.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\certcli.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\CMDLGIT.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\COMDLG32.OCX:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\CPFilters.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\d3d10warp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\davclnt.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\devolopacket.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\devolopcap.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\dwmapi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\EncDec.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ExplorerFrame.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\fixmapi.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ftd2xx.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\inseng.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\KBDAZE.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\KBDAZEL.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\kbdgeoqw.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ksuser.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mapi32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mapistub.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MSCAL.OCX:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MSCMCIT.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\Mscomctl.ocx:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MSINET.ocx:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MSMASK32.OCX:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MSMSKIT.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msorcl32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msvcp140.dll:$CmdZnID

AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msxml6.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msxml6r.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mtxoci.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\nlsbres.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\notepad.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\occache.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ole32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\qasf.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\Smart.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\SQLite3VB.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\tsgqec.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ucrtbase.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\Vantage.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\VB6IT.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\webcheck.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WebClnt.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wmpmde.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ZLibWAPI.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\zmbv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\drmkaud.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ftdibus.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ftser2k.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\psi_mf_amd64.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\Rtlh64.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ssadbus.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ssadcmnt.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ssadmdfl.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ssadmdm.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ssadserd.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ssadwhnt.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ssudbus.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ssudmdm.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\tssecsrv.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\UimBus.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\UimFIO.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\uim_devim.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\uim_im.sys:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\Drivers\npf_devolo.sys:$CmdTcID
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SophosVirusRemovalTool => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SophosVirusRemovalTool => ""="Service"
 

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com

IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com

IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com

IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com

IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com

IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com

IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com

IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com

IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com

IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com

IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com

IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com

IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com

IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com

IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net

IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net

IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info

IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com

IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com

IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 

Da befinden sich 7872 mehr Seiten.
 

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\007guard.com -> install.007guard.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\008i.com -> 008i.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\008k.com -> www.008k.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\00hq.com -> www.00hq.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\010402.com -> 010402.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\0scan.com -> www.0scan.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\1-2005-search.com -> www.1-2005-search.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\1000gratisproben.com -> www.1000gratisproben.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\1001namen.com -> www.1001namen.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\100888290cs.com -> mir.100888290cs.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\100sexlinks.com -> www.100sexlinks.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\10sek.com -> www.10sek.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\12-26.net -> user1.12-26.net

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\12-27.net -> user1.12-27.net

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\123fporn.info -> www.123fporn.info

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\123moviedownload.com -> www.123moviedownload.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\123simsen.com -> www.123simsen.com
 

Da befinden sich 7872 mehr Seiten.
 
 

==================== Hosts Inhalt: ==========================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2009-07-14 03:34 - 2016-02-19 13:54 - 00451075 ____R C:\Windows\system32\Drivers\etc\hosts
 

127.0.0.1        www.007guard.com

127.0.0.1        007guard.com

127.0.0.1        008i.com

127.0.0.1        www.008k.com

127.0.0.1        008k.com

127.0.0.1        www.00hq.com

127.0.0.1        00hq.com

127.0.0.1        010402.com

127.0.0.1        www.032439.com

127.0.0.1        032439.com

127.0.0.1        www.0scan.com

127.0.0.1        0scan.com

127.0.0.1        www.1000gratisproben.com

127.0.0.1        1000gratisproben.com

127.0.0.1        1001namen.com

127.0.0.1        www.1001namen.com

127.0.0.1        100888290cs.com

127.0.0.1        www.100888290cs.com

127.0.0.1        www.100sexlinks.com

127.0.0.1        100sexlinks.com

127.0.0.1        www.10sek.com

127.0.0.1        10sek.com

127.0.0.1        www.1-2005-search.com

127.0.0.1        1-2005-search.com

127.0.0.1        www.123fporn.info

127.0.0.1        123fporn.info

127.0.0.1        123haustiereundmehr.com

127.0.0.1        www.123haustiereundmehr.com

127.0.0.1        123moviedownload.com

127.0.0.1        www.123moviedownload.com
 

Da befinden sich 15471 zusätzliche Einträge.
 
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-2609884232-144836243-1937340655-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 10.0.0.138

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall ist deaktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

MSCONFIG\Services: AdobeARMservice => 2

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3

MSCONFIG\Services: Freemake Improver => 2

MSCONFIG\Services: GeekBuddyRSP => 2

MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2

MSCONFIG\Services: RichVideo => 2

MSCONFIG\Services: SandraAgentSrv => 3

MSCONFIG\Services: SDScannerService => 2

MSCONFIG\Services: SDUpdateService => 2

MSCONFIG\Services: SDWSCService => 2

MSCONFIG\Services: Secunia PSI Agent => 3

MSCONFIG\Services: Secunia Update Agent => 2

MSCONFIG\Services: ServiceLayer => 3

MSCONFIG\Services: SkypeUpdate => 2

MSCONFIG\Services: SophosVirusRemovalTool => 3

MSCONFIG\Services: ST2012_Svc => 2

MSCONFIG\Services: TeamViewer => 2

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start GeekBuddy.lnk => C:\Windows\pss\Start GeekBuddy.lnk.CommonStartup

MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Amazon Cloud Drive.lnk => C:\Windows\pss\Amazon Cloud Drive.lnk.Startup

MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Persbackup.lnk => C:\Windows\pss\Persbackup.lnk.Startup

MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"

MSCONFIG\startupreg: adm_tray.exe => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: AgentMonitor => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe

MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\User\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe

MSCONFIG\startupreg: BrMfcWnd => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN

MSCONFIG\startupreg: BrowserChoice => "C:\Windows\System32\browserchoice.exe" /run

MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

MSCONFIG\startupreg: CloneCDTray => "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s

MSCONFIG\startupreg: COMODO => C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe

MSCONFIG\startupreg: CPA => C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe

MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun

MSCONFIG\startupreg: InstantBurn => C:\PROGRA~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe

MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

MSCONFIG\startupreg: MDS_Menu => "C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\MediaShow4" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1"

MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray

MSCONFIG\startupreg: PDVD8LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"

MSCONFIG\startupreg: RemoteControl8 => "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"

MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean

MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"

MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe

MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

MSCONFIG\startupreg: UpdatePDRShortCut => "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\8.0"

MSCONFIG\startupreg: UpdatePPShortCut => "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"

MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

MSCONFIG\startupreg: Viber => "C:\Users\User\AppData\Local\Viber\Viber.exe" StartMinimized
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [{17BDECFA-FD1B-4A31-A02F-7B2D28218DA7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{550236F4-DE96-44D5-816E-AFDECE19C15C}] => (Allow) LPort=2869

FirewallRules: [{FF860A2D-3081-4C35-8B94-347F72DE97A1}] => (Allow) LPort=1900

FirewallRules: [{5A74865E-8ED1-4C25-B751-E013620970FF}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

FirewallRules: [{C7283B86-8AC5-4F07-9209-7C0B61D57A65}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe

FirewallRules: [{77D1A2DA-6E41-4806-A194-9BC6941A891F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.EXE

FirewallRules: [{51F7E175-44B4-459A-90AB-992AEABC21F5}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe

FirewallRules: [{886416AE-2DED-4184-8948-3E3F2BBAEB97}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe

FirewallRules: [{86FADBFF-8492-4146-99DB-B99B932D13BE}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1\RpcAgentSrv.exe

FirewallRules: [{06B518C8-1A4B-4B9C-8F0B-F5EDCEA4C9CA}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

FirewallRules: [{314A0D8C-91F3-4551-A4B1-F8357E979217}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

FirewallRules: [{542A7092-E444-4263-BD36-2E4CE549E8F9}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe

FirewallRules: [{8329F1A0-3422-44D0-A76E-D8A7913EBE30}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe

FirewallRules: [{90A2E05D-D0AD-4723-BE70-0D931D854876}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe

FirewallRules: [{F2CD9A7F-97B1-406C-8BCF-03C88C2832CE}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe

FirewallRules: [{7463C39E-BF6B-448B-A621-93A5F8E6C0FD}] => (Allow) C:\Users\User\AppData\Local\Viber\Viber.exe

FirewallRules: [{9771BD04-EC1C-4288-BB95-4D33C33B961C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{3B8618D2-2A00-4F2D-9EF7-7A6894ED10F9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{08C8AE22-0025-43EE-9C0F-A6883A7F1E40}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{453221A6-0A0D-4998-83B8-2A0E89C0A693}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{867C9E5A-64A8-419C-B9BA-591D1E989D54}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{AC98667C-2EE5-4EE6-98BE-FD9D87074B7A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{2A7EE8B2-0D4B-46E4-BAF9-521B47D602F3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{C3273065-A5C8-4D16-BF5F-CF0FBBFB9D44}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

FirewallRules: [{8CF97821-A3AF-416B-893B-DB83FF2E6A44}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

FirewallRules: [{6D853A11-728B-43F9-B59C-90ABCC0BA666}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1\WNt500x64\RpcSandraSrv.exe

FirewallRules: [{97B23E44-9B39-4E63-B233-7756B31F299F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{1A367D12-322B-4B19-9CEE-388AAA2008CD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 

==================== Wiederherstellungspunkte =========================
 

09-02-2016 21:09:45 Windows Update

09-02-2016 22:11:56 Windows Update

13-02-2016 17:03:04 Installed SDFormatter.

16-02-2016 08:36:45 Windows Update

19-02-2016 11:55:13 Windows Update
 

==================== Fehlerhafte Geräte im Gerätemanager =============
 
 

==================== Fehlereinträge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (02/20/2016 05:29:57 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (02/20/2016 05:01:43 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (02/20/2016 09:21:18 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (02/19/2016 11:54:54 PM) (Source: MsiInstaller) (EventID: 11606) (User: PETROS)

Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.
 

Error: (02/19/2016 11:54:53 PM) (Source: MsiInstaller) (EventID: 11606) (User: PETROS)

Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.
 

Error: (02/19/2016 11:41:33 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 

Error: (02/19/2016 10:37:21 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (02/19/2016 10:34:13 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: d58
 

Startzeit: 01d16b0d07e82034
 

Endzeit: 60000
 

Anwendungspfad: C:\Windows\Explorer.EXE
 

Berichts-ID: 51f142b1-d750-11e5-9363-c86000582d03
 

Error: (02/19/2016 02:40:07 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 

Error: (02/19/2016 02:40:03 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
 

Systemfehler:

=============

Error: (02/20/2016 05:29:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

Uim_VIM
 

Error: (02/20/2016 05:29:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: Der Dienst "MBAMService" ist vom Dienst "MBAMProtector" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

%%193
 

Error: (02/20/2016 05:29:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "MBAMProtector" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%193
 

Error: (02/20/2016 05:29:36 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: Das System wurde zuvor am ‎20.‎02.‎2016 um 17:27:29 unerwartet heruntergefahren.
 

Error: (02/20/2016 05:26:46 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 

Error: (02/20/2016 05:01:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

Uim_VIM
 

Error: (02/20/2016 10:47:56 AM) (Source: DCOM) (EventID: 10010) (User: )

Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 

Error: (02/20/2016 09:21:20 AM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

Uim_VIM
 

Error: (02/20/2016 12:51:25 AM) (Source: DCOM) (EventID: 10010) (User: )

Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 

Error: (02/19/2016 10:37:22 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

Uim_VIM
 
 

CodeIntegrity:

===================================

  Date: 2016-02-20 18:19:52.321

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-02-20 17:45:03.304

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-02-19 23:08:09.104

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-02-19 22:58:12.371

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-02-19 22:44:00.858

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-02-19 13:53:19.534

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-02-19 12:39:57.866

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-02-19 12:11:01.968

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-02-18 17:50:03.560

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-02-18 17:30:28.876

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: AMD A8-3870 APU with Radeon(tm) HD Graphics

Prozentuale Nutzung des RAM: 45%

Installierter physikalischer RAM: 7657.34 MB

Verfügbarer physikalischer RAM: 4204.77 MB

Summe virtueller Speicher: 15312.88 MB

Verfügbarer virtueller Speicher: 11112.27 MB
 

==================== Laufwerke ================================
 

Drive c: () (Fixed) (Total:465.66 GB) (Free:385.99 GB) NTFS

Drive e: (HOPPY LABEL) (Fixed) (Total:931.51 GB) (Free:203.76 GB) NTFS

Drive h: (Elements) (Fixed) (Total:1863.01 GB) (Free:330.7 GB) NTFS
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E40D0D72)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
 

========================================================

Disk: 1 (Size: 931.5 GB) (Disk ID: E8900690)

Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 

========================================================

Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0024A9D5)

Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 

==================== Ende von Addition.txt ============================

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
main: v2016.02.20.04
rootkit: v2016.02.17.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18204
User :: PETROS [administrator]

21.02.2016 00:23:47
mbar-log-2016-02-21 (00-23-47).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 360373
Time elapsed: 21 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Die nächsten Logs bitte wieder in CODE-Tags.

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Code:

# AdwCleaner v5.035 - Bericht erstellt am 21/02/2016 um 01:15:14

# Aktualisiert am 18/02/2016 von Xplode

# Datenbank : 2016-02-20.3 [Server]

# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)

# Benutzername : User - PETROS

# Gestartet von : E:\Software\adwcleaner_5.035.exe

# Option : Suchlauf

# Unterstützung : hxxp://toolslib.net/forum
 

***** [ Dienste ] *****
 
 

***** [ Ordner ] *****
 
 

***** [ Dateien ] *****
 
 

***** [ DLL ] *****
 
 

***** [ Verknüpfungen ] *****
 
 

***** [ Aufgabenplanung ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 
 

***** [ Internetbrowser ] *****
 
 

########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [625 Bytes] ##########

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes

Version: 8.0.3 (02.09.2016)

Operating System: Windows 7 Home Premium x64 

Ran by User (Administrator) on 21.02.2016 at  1:08:24,22

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

File System: 2 
 

Successfully deleted: C:\ProgramData\productdata (Folder) 

Successfully deleted: C:\Users\User\AppData\Roaming\productdata (Folder) 
 
 
 

Registry: 0 
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 21.02.2016 at  1:31:18,26

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-02-2016

durchgeführt von User (Administrator) auf PETROS (21-02-2016 01:47:11)

Gestartet von E:\Software

Geladene Profile: User (Verfügbare Profile: User)

Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: FF)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(Comodo Security Solutions Inc.) C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe

(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe

(Comodo Security Solutions Inc.) C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 

==================== Registry (Nicht auf der Ausnahmeliste) ===========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7543912 2011-11-08] (Realtek Semiconductor)

HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-07] (COMODO)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-28] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [218656 2015-08-30] (Geek Software GmbH)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]

HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\MountPoints2: D - D:\autorun.exe

HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\MountPoints2: I - I:\StorioSetup.exe

HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\MountPoints2: {8e7e4dff-bad3-11e2-9d5b-c86000582d03} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Start.hta

HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\MountPoints2: {ab6d489d-8c11-11e4-91d4-c86000582d03} - G:\StorioSetup.exe

BootExecute: autocheck autochk *  sdnclean64.exe
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 10.0.0.138

Tcpip\..\Interfaces\{0E2A9454-C15D-4F19-B459-E6D79B5B5EE4}: [DhcpNameServer] 10.0.0.138 10.0.0.138
 

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/p/?LinkId=255141

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/p/?LinkId=255141

HKU\S-1-5-21-2609884232-144836243-1937340655-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://10.0.0.138/

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-02-19] (IObit)

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll [2016-02-03] (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-02-03] (Oracle Corporation)

BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll [2016-02-03] (Oracle Corporation)

BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)

BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-02-03] (Oracle Corporation)

DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab

Handler-x32: brx - {9C160F90-74D1-11D3-AB60-0060977C1F29} - C:\Program Files (x86)\Bricsys\Bricscad V11\BrxProtIE.dll [2009-11-24] (BricsCad)
 

FireFox:

========

FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809

FF Homepage: hxxp://10.0.0.138/

FF NetworkProxy: "type", 0

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-11] ()

FF Plugin: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-02-03] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-02-03] (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-11] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219159.dll [2015-06-26] (Adobe Systems, Inc.)

FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)

FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-12-02] (DivX, LLC)

FF Plugin-x32: @java.com/DTPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\dtplugin\npDeployJava1.dll [2016-02-03] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\plugin2\npjp2.dll [2016-02-03] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)

FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2013-11-19] (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2013-11-19] (RealPlayer)

FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-2609884232-144836243-1937340655-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-01] (Unity Technologies ApS)

FF Plugin HKU\S-1-5-21-2609884232-144836243-1937340655-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\User\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2013-11-19] (RealNetworks, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2013-11-19] (RealPlayer)

FF Extension: Fasterfox - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2015-06-06]

FF Extension: Microsoft .NET Framework Assistant - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2015-06-06]

FF Extension: Garmin Communicator - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-06-06]

FF Extension: convert2mp3.net YouTube2MP3 Converter - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\extensions\info@convert2mp3.net.xpi [2015-06-06]

FF Extension: Classic Theme Restorer - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2016-02-18]

FF Extension: Amazon Assistant for Firefox - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\Extensions\abb@amazon.com.xpi [2016-02-10]

FF Extension: Gutscheinsammler.de - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\Extensions\alarm@gutscheinsammler.de.xpi [2015-06-06]

FF Extension: MEGA - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\Extensions\firefox@mega.co.nz.xpi [2016-02-18]

FF Extension: NoScript - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-02-12]

FF Extension: FT DeepDark - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2016-02-02]

FF Extension: Gutscheinaffe - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\Extensions\{9220f99f-5b7d-4a4d-97ca-209991796400}.xpi [2015-06-06]

FF Extension: Download Statusbar - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ese5u1f.default-1433543595809\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2015-06-06]

FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-11-19] [ist nicht signiert]

FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

FF HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zdxwfxsw.default\extensions\cliqz@cliqz.com => nicht gefunden

FF HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff

FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-11-23] [ist nicht signiert]
 

Chrome: 

=======

CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-10-11]
 

==================== Dienste (Nicht auf der Ausnahmeliste) ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-07-28] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]

R2 CLPSLauncher; C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe [70352 2012-11-01] (Comodo Security Solutions Inc.)

R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-09-08] (COMODO)

R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-07] (COMODO)

R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-20] (devolo AG)

S4 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-09-26] (Freemake) [Datei ist nicht signiert]

S4 GeekBuddyRSP; C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe [1467088 2012-10-31] (Comodo Security Solutions, Inc.)

R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1876816 2014-04-09] (SurfRight B.V.)

S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-02-19] (IObit)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2016-02-20] (Malwarebytes)

S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()

S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-27] () [Datei ist nicht signiert]

S4 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1\RpcAgentSrv.exe [68760 2008-12-27] (SiSoftware) [Datei ist nicht signiert]

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2016-02-19] (Safer-Networking Ltd.)

R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2016-02-19] (Safer-Networking Ltd.)

R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2016-02-19] (Safer-Networking Ltd.)

S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1570520 2016-02-04] (Secunia)

R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [837848 2016-02-04] (Secunia)

S3 SophosVirusRemovalTool; C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [152872 2015-02-27] (Sophos Limited)

S4 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)

S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)

R2 Themes; C:\Windows\system32\themeservice.dll [44544 2012-08-10] (Microsoft Corporation) [Datei ist nicht signiert]

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [97280 2006-12-12] (Brother Industries Ltd.)

R1 CLBStor; C:\Windows\System32\DRIVERS\CLBStor.sys [24560 2009-07-07] (Cyberlink Co.,Ltd.)

R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [372720 2009-07-07] (CyberLink Corporation.)

R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21184 2015-11-18] (COMODO)

R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [806032 2015-11-18] (COMODO)

R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45856 2015-08-05] (COMODO)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)

R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)

R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)

R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-02-14] (Glarysoft Ltd)

R2 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [93144 2014-04-09] ()

R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2015-05-19] (REALiX(tm))

R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105096 2015-08-05] (COMODO)

S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2016-02-21] (Malwarebytes)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2016-02-20] (Malwarebytes)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2016-02-20] (Malwarebytes Corporation)

R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-07-20] (CACE Technologies)

S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2016-02-04] (Secunia)

S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)

R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102576 2015-11-03] ()

R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25904 2015-11-03] ()

R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [701232 2015-11-03] ()

S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)

U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [146928 2009-08-28] (CyberLink Corp.)
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-02-21 01:46 - 2016-02-21 01:46 - 00000000 ____D C:\Users\User\AppData\Roaming\ProductData

2016-02-21 01:46 - 2016-02-21 01:46 - 00000000 ____D C:\ProgramData\ProductData

2016-02-20 23:34 - 2016-02-21 01:03 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2016-02-20 22:29 - 2016-02-21 01:47 - 00000000 ____D C:\FRST

2016-02-20 17:37 - 2016-02-21 00:23 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2016-02-20 17:37 - 2016-02-21 00:05 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys

2016-02-20 17:37 - 2016-02-20 17:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2016-02-20 17:37 - 2016-02-20 17:37 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys

2016-02-20 17:37 - 2016-02-20 17:37 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2016-02-20 17:37 - 2016-02-20 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2016-02-19 23:57 - 2016-02-20 00:08 - 00000000 ____D C:\Program Files\stinger

2016-02-19 23:57 - 2016-02-19 23:57 - 00000000 ____D C:\Program Files\McAfee

2016-02-19 14:25 - 2016-02-19 14:25 - 00001366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk

2016-02-19 14:25 - 2016-02-19 14:25 - 00001354 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk

2016-02-19 14:25 - 2016-02-19 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller

2016-02-19 13:54 - 2016-02-19 13:53 - 00451075 ____R C:\Windows\system32\Drivers\etc\hosts.20160219-135406.backup

2016-02-19 12:47 - 2016-02-19 12:47 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe

2016-02-19 12:47 - 2016-02-19 12:47 - 00001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk

2016-02-19 12:47 - 2016-02-19 12:47 - 00001379 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk

2016-02-19 12:47 - 2016-02-19 12:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2

2016-02-19 12:44 - 2016-02-19 12:44 - 00275064 _____ C:\Windows\Minidump\021916-46987-01.dmp

2016-02-19 12:08 - 2016-02-19 12:56 - 00000000 ____D C:\Users\User\AppData\Roaming\QuickScan

2016-02-14 12:17 - 2016-02-14 12:17 - 00000000 ____D C:\Users\User\Desktop\CTR_v1.8.4

2016-02-14 12:10 - 2016-02-16 23:32 - 00000000 ____D C:\Users\User\Desktop\3dsexplorer_v1.5.3

2016-02-13 17:03 - 2016-02-13 17:03 - 00002086 _____ C:\Users\Public\Desktop\SDFormatter.lnk

2016-02-13 17:03 - 2016-02-13 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SDFormatter

2016-02-13 17:03 - 2016-02-13 17:03 - 00000000 ____D C:\Program Files (x86)\SDA

2016-02-09 21:18 - 2016-02-09 21:18 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll

2016-02-09 21:18 - 2016-02-09 21:18 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2016-02-09 21:18 - 2016-02-09 21:18 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2016-02-09 21:18 - 2016-02-09 21:18 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll

2016-02-09 21:18 - 2016-02-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2016-02-09 21:18 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2016-02-09 21:17 - 2016-02-09 21:17 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2016-02-09 21:17 - 2016-02-09 21:17 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2016-02-09 21:17 - 2016-02-09 21:17 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2016-02-09 21:17 - 2016-02-09 21:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2016-02-09 21:17 - 2016-02-09 21:17 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2016-02-09 21:17 - 2016-02-09 21:17 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2016-02-09 21:17 - 2016-02-09 21:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2016-02-09 21:17 - 2016-01-22 07:40 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2016-02-09 21:17 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2016-02-09 21:15 - 2016-02-09 21:15 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2016-02-09 21:15 - 2016-02-09 21:15 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll

2016-02-09 21:15 - 2016-02-09 21:15 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll

2016-02-09 21:15 - 2016-02-09 21:15 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

2016-02-09 21:14 - 2016-02-09 21:14 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2016-02-09 21:14 - 2016-02-09 21:14 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2016-02-09 21:14 - 2016-02-09 21:14 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2016-02-09 21:14 - 2016-02-09 21:14 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2016-02-09 21:14 - 2016-02-09 21:14 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2016-02-09 21:14 - 2016-02-09 21:14 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2016-02-09 21:14 - 2016-02-09 21:14 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2016-02-09 21:14 - 2016-02-09 21:14 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2016-02-09 21:14 - 2016-02-09 21:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2016-02-09 21:14 - 2016-02-09 21:14 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2016-02-09 21:14 - 2016-02-09 21:14 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2016-02-09 21:14 - 2016-02-09 21:14 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2016-02-09 21:14 - 2016-02-09 21:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe

2016-02-09 21:14 - 2016-02-09 21:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2016-02-09 21:14 - 2016-02-09 21:14 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2016-02-09 21:14 - 2016-02-09 21:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2016-02-09 21:14 - 2016-02-09 21:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2016-02-09 21:14 - 2016-02-09 21:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2016-02-08 23:35 - 2016-02-11 23:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2016-02-05 13:24 - 2016-02-05 13:24 - 00439608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140.dll

2016-02-05 13:09 - 2016-02-05 13:09 - 00849360 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110.dll

2016-02-04 18:45 - 2016-02-04 18:48 - 00002166 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk

2016-02-04 18:45 - 2016-02-04 18:45 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled

2016-02-04 18:45 - 2016-02-04 18:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3

2016-02-04 18:34 - 2016-02-04 18:34 - 00001069 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk

2016-02-03 22:43 - 2016-02-03 22:43 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2016-02-03 22:43 - 2016-02-03 22:37 - 00110176 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll

2016-02-02 19:32 - 2016-02-02 19:32 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL

2016-02-02 19:32 - 2016-02-02 19:32 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll

2016-02-02 19:32 - 2016-02-02 19:32 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL

2016-02-02 19:32 - 2016-02-02 19:32 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL

2016-02-02 19:32 - 2016-02-02 19:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll

2016-02-02 19:32 - 2016-02-02 19:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL

2016-02-02 19:31 - 2016-02-02 19:31 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll

2016-02-02 19:31 - 2016-02-02 19:31 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll

2016-02-02 13:45 - 2016-02-04 18:34 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys

2016-01-31 12:54 - 2016-01-31 12:55 - 00003817 _____ C:\Users\User\AppData\LocalLow\lpm.dat

2016-01-31 12:54 - 2016-01-31 12:54 - 00003640 _____ C:\Windows\System32\Tasks\DivXUpdate

2016-01-29 17:57 - 2016-02-07 12:25 - 00000000 ____D C:\Users\User\Desktop\Tor Browser

2016-01-26 18:17 - 2016-01-26 18:17 - 00000000 ____D C:\Users\User\Doctor Web

2016-01-22 18:59 - 2016-01-22 18:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++

2016-01-22 18:58 - 2016-01-22 18:59 - 00000000 ____D C:\Users\User\AppData\Roaming\Notepad++

2016-01-22 18:58 - 2016-01-22 18:59 - 00000000 ____D C:\Program Files (x86)\Notepad++
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-02-21 01:46 - 2014-09-07 21:28 - 00000332 _____ C:\Windows\Tasks\GlaryInitialize 5.job

2016-02-21 01:46 - 2014-04-04 20:49 - 00256900 _____ C:\Windows\system32\Drivers\fvstore.dat

2016-02-21 01:45 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2016-02-21 01:43 - 2012-08-09 23:21 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat

2016-02-21 01:38 - 2012-08-22 17:00 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2016-02-21 01:12 - 2009-07-14 05:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2016-02-21 01:12 - 2009-07-14 05:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2016-02-21 00:22 - 2015-08-01 18:19 - 00000000 ____D C:\Users\User\AppData\Roaming\IObit

2016-02-21 00:22 - 2015-08-01 18:19 - 00000000 ____D C:\ProgramData\IObit

2016-02-21 00:22 - 2015-08-01 18:19 - 00000000 ____D C:\Program Files (x86)\IObit

2016-02-21 00:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Cursors

2016-02-20 22:49 - 2012-08-09 22:52 - 00000000 ____D C:\Users\User\AppData\Roaming\UseNeXT

2016-02-20 17:37 - 2014-05-27 19:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2016-02-20 17:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf

2016-02-19 23:50 - 2013-12-11 18:57 - 00000000 ____D C:\AdwCleaner

2016-02-19 12:51 - 2012-11-21 23:14 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2

2016-02-19 12:47 - 2012-08-11 15:30 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

2016-02-19 12:44 - 2015-09-11 12:07 - 797614784 _____ C:\Windows\MEMORY.DMP

2016-02-19 12:44 - 2012-08-22 23:32 - 00000000 ____D C:\Windows\Minidump

2016-02-18 18:04 - 2011-04-12 08:43 - 00792788 _____ C:\Windows\system32\perfh007.dat

2016-02-18 18:04 - 2011-04-12 08:43 - 00202956 _____ C:\Windows\system32\perfc007.dat

2016-02-18 18:04 - 2009-07-14 06:13 - 01769774 _____ C:\Windows\system32\PerfStringBackup.INI

2016-02-17 20:07 - 2012-08-09 22:52 - 00000000 ____D C:\Users\User\Documents\UseNeXT

2016-02-17 18:54 - 2016-01-08 17:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

2016-02-17 18:54 - 2012-08-09 22:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2016-02-16 16:38 - 2015-04-14 19:16 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2016-02-13 17:02 - 2013-05-13 16:34 - 00000000 ____D C:\Users\User\AppData\Local\Downloaded Installations

2016-02-11 21:15 - 2014-08-20 18:57 - 00000000 ____D C:\Users\User\AppData\Local\Adobe

2016-02-11 21:15 - 2012-08-22 17:00 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2016-02-11 21:15 - 2012-08-09 22:19 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2016-02-11 21:15 - 2012-08-09 22:19 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2016-02-10 08:34 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache

2016-02-10 07:45 - 2009-07-14 05:45 - 00703568 _____ C:\Windows\system32\FNTCACHE.DAT

2016-02-10 07:42 - 2011-04-12 08:55 - 00000000 ____D C:\Program Files\Windows Journal

2016-02-09 22:24 - 2013-07-15 22:22 - 00000000 ____D C:\Windows\system32\MRT

2016-02-09 22:20 - 2012-05-07 12:36 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2016-02-05 13:02 - 2015-08-07 11:08 - 00617536 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110.dll

2016-02-03 22:43 - 2015-10-22 18:11 - 00000000 ____D C:\Users\User\.oracle_jre_usage

2016-02-03 22:43 - 2013-09-16 20:48 - 00000000 ____D C:\ProgramData\Oracle

2016-02-03 22:43 - 2013-09-16 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2016-02-03 22:42 - 2014-03-20 20:17 - 00000000 ____D C:\Program Files (x86)\Java

2016-02-03 22:40 - 2014-03-20 20:14 - 00000000 ____D C:\Program Files\Java

2016-02-03 22:37 - 2015-11-20 18:54 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll

2016-02-03 19:13 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF

2016-02-02 19:34 - 2012-05-07 12:02 - 01743118 _____ C:\Windows\SysWOW64\PerfStringBackup.INI

2016-01-31 12:54 - 2013-12-19 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX

2016-01-31 12:54 - 2012-08-10 14:18 - 00000000 ____D C:\Program Files (x86)\DivX

2016-01-31 12:54 - 2012-08-10 14:17 - 00000000 ____D C:\ProgramData\DivX

2016-01-31 12:53 - 2012-08-10 14:19 - 00000000 ____D C:\Users\User\AppData\Roaming\DivX

2016-01-25 19:54 - 2014-10-15 20:49 - 00000000 ____D C:\ProgramData\Package Cache

2016-01-22 11:57 - 2012-08-17 13:35 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2015-04-05 22:42 - 2015-04-05 22:42 - 0010918 _____ () C:\Program Files (x86)\hijackthis.log

2012-08-12 08:52 - 2012-08-12 08:52 - 0388608 _____ (Trend Micro Inc.) C:\Program Files (x86)\HiJackThis204.exe

2012-08-10 19:33 - 2013-08-05 21:37 - 0000713 _____ () C:\Users\User\AppData\Roaming\burnaware.ini

2013-01-06 16:18 - 2013-01-06 16:26 - 13152256 _____ () C:\Users\User\AppData\Roaming\Sandra.mdb

2012-09-03 18:04 - 2016-01-05 14:21 - 0001057 _____ () C:\Users\User\AppData\Roaming\vso_ts_preview.xml

2012-09-11 16:25 - 2014-01-17 12:47 - 0000678 _____ () C:\Users\User\AppData\Local\cookies.ini

2013-04-08 20:11 - 2013-04-08 20:11 - 0000041 ___SH () C:\ProgramData\.zreglib
 

Dateien, die verschoben oder gelöscht werden sollten:

====================

C:\Users\User\DirSync.bat
 
 

Einige Dateien in TEMP:

====================

C:\Users\User\AppData\Local\Temp\DivXSetup.exe

C:\Users\User\AppData\Local\Temp\Quarantine.exe

C:\Users\User\AppData\Local\Temp\xmlUpdater.exe
 
 

==================== Bamital & volsnap =================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\Windows\system32\winlogon.exe => Datei ist digital signiert

C:\Windows\system32\wininit.exe => Datei ist digital signiert

C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert

C:\Windows\explorer.exe => Datei ist digital signiert

C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert

C:\Windows\system32\svchost.exe => Datei ist digital signiert

C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert

C:\Windows\system32\services.exe => Datei ist digital signiert

C:\Windows\system32\User32.dll => Datei ist digital signiert

C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert

C:\Windows\system32\userinit.exe => Datei ist digital signiert

C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert

C:\Windows\system32\rpcss.dll => Datei ist digital signiert

C:\Windows\system32\dnsapi.dll => Datei ist digital signiert

C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
 

LastRegBack: 2016-02-18 09:09
 

==================== Ende von FRST.txt ============================

Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-02-2016

durchgeführt von User (2016-02-21 01:48:17)

Gestartet von E:\Software

Windows 7 Home Premium Service Pack 1 (X64) (2012-08-07 12:11:16)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-2609884232-144836243-1937340655-500 - Administrator - Disabled)

Gast (S-1-5-21-2609884232-144836243-1937340655-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-2609884232-144836243-1937340655-1003 - Limited - Enabled)

User (S-1-5-21-2609884232-144836243-1937340655-1000 - Administrator - Enabled) => C:\Users\User
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: COMODO Antivirus (Enabled - Up to date) {F25D0092-CDBE-B303-ADB7-88DE8CDECCF5}

AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

FW: COMODO Firewall (Enabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)

Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)

Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.159 - Adobe Systems, Inc.)

Amazon Cloud Drive (HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\23ab716f18849b6f) (Version: 2.0.2013.841 - Amazon)

Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)

AMD Catalyst Install Manager (HKLM\...\{EEB732AC-544D-09BD-7BEF-56ED6D198AB2}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)

Bricscad 11.1 (HKLM-x32\...\{BF5FF0FA-8A62-4FFC-A395-8EEE18ED84DB}) (Version: 11.1.14 - Bricsys)

Brother MFL-Pro Suite MFC-5890CN (HKLM-x32\...\{20E970DF-A7B2-4345-9DEB-72213A29645E}) (Version: 1.0.1.0 - Brother Industries, Ltd.)

BUFFALO TurboUSB for FLASH/HDD (HKLM-x32\...\UN000000) (Version:  - )

BurnAware Free 5.1 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware Technologies)

CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)

CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5571 - CDBurnerXP)

CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.5.2014 - Georgy Berdyshev)

Clarke Tech Editor Studio 3.21 (HKLM-x32\...\Clarke Tech Editor Studio_is1) (Version: 3.21 - )

Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.31 - Cliqz.com)

CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)

Codecs for Windows 7 Pack 4.0.5 (HKLM-x32\...\Codecs for Windows 7 Pack) (Version: 4.0.5 - Codecs for Windows 7 Pack)

Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 15.0 - COMODO)

COMODO Internet Security (HKLM\...\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}) (Version: 5.10.31649.2253 - COMODO Security Solutions Inc.)

ConvertXtoDVD 4.1.12.352 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.12.352 - )

CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version:  - )

CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3226 - CyberLink Corp.)

CyberLink InstantBurn (HKLM-x32\...\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}) (Version: 5.0.5509 - CyberLink Corp.)

CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3121a - CyberLink Corp.)

CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3311 - CyberLink Corp.)

CyberLink PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.5529 - CyberLink Corp.)

CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2006a - CyberLink Corp.)

CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.3228 - CyberLink Corp.)

CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2028 - CyberLink Corp.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)

D-Fend Reloaded 1.4.2 (deinstallieren) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.4.2 - Alexander Herzog)

DirSync UNICODE  2.93 (HKLM-x32\...\DirSync) (Version:  - Stephen Kalisch)

DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.8.0.13 - DivX, LLC)

dLAN Cockpit (x32 Version: 3.2.28 - devolo AG) Hidden

DriveImage XML (Private Edition) (HKLM-x32\...\{F7E1CA14-B39D-452A-960B-39423DDDD933}) (Version: 2.50.000 - Runtime Software)

Driver Booster 3.2 (HKLM-x32\...\Driver Booster_is1) (Version: 3.2 - IObit)

DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)

DVDFab 8.1.9.0 (06/07/2012) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version:  - Fengtao Software Inc.)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )

FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)

Free YouTube to MP3 Converter version 3.12.50.1111 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1111 - DVDVideoSoft Ltd.)

FreeFileSync 7.3 (HKLM-x32\...\FreeFileSync) (Version: 7.3 - www.FreeFileSync.org)

Freemake Video Converter Version 4.0.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.4 - Ellora Assets Corporation)

Garmin POI Loader (HKLM-x32\...\{5CA74EDC-CFC3-4FA0-AED7-1415CA19F250}) (Version: 2.7.2 - Garmin Ltd or its subsidiaries)

Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)

GeekBuddy (HKLM-x32\...\{E21161DD-05A2-42ED-A0EC-9C1393F51A64}) (Version: 4.2.39 - Comodo Security Solutions Inc)

Glary Utilities 5.19 (HKLM-x32\...\Glary Utilities 5) (Version: 5.19.0.32 - Glarysoft Ltd)

HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.)

HolmeZ (HKLM-x32\...\{06363132-E00C-48D6-A904-AC1B7B177793}) (Version: 1.3.0.759 - HolmeZ SoftSolutions Pte. Ltd.)

HWiNFO32 Version 4.62 (HKLM-x32\...\HWiNFO32_is1) (Version: 4.62 - Martin Malík - REALiX)

ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)

IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.2.5.126 - IObit)

IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)

Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation)

Java 8 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218072F0}) (Version: 8.0.720.15 - Oracle Corporation)

JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

KC Softwares SUMo (HKLM-x32\...\KC Softwares SUMo_is1) (Version: 3.13.6.260 - KC Softwares)

LibreOffice 5.0.3.2 (HKLM-x32\...\{D61E7AA0-0380-49B9-8DDD-7685E2306176}) (Version: 5.0.3.2 - The Document Foundation)

Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)

Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)

MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)

Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)

Mozilla Thunderbird 38.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.6.0 (x86 de)) (Version: 38.6.0 - Mozilla)

MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden

MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden

MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden

MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.9 - Notepad++ Team)

OpenDCL Runtime (HKLM-x32\...\{E0DEBD92-9FFB-4AFB-BB89-7270974C991F}) (Version: 7.0.0006 - OpenDCL Consortium)

Paragon Backup and Recovery™ 14 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)

PC Connectivity Solution (HKLM-x32\...\{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}) (Version: 12.0.17.0 - Nokia)

PDF24 Creator 7.1.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)

PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )

POIbase 1.061 (HKLM-x32\...\POIbase_is1) (Version:  - POIbase)

QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)

QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )

Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )

RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden

RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden

RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden

RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6499 - Realtek Semiconductor Corp.)

RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden

Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)

Samsung Kies (x32 Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden

Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)

Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden

SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)

SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)

SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version:  - Seagate Technology)

Secunia PSI (3.0.0.11005) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.11005 - Secunia)

SiSoftware Sandra Lite 2013.SP1 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 19.23.2013.1 - SiSoftware)

Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)

Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.4 - Sophos Limited)

Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)

Spyware Terminator 2012 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.82 - Crawler.com)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.40798 - TeamViewer)

tiptoi® Manager 3.0.7 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.0.7 - Ravensburger AG)

Unity Web Player (HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\UnityWebPlayer) (Version: 5.1.0f3 - Unity Technologies ApS)

Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)

UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)

VBA (2627.01) (x32 Version: 6.03.00.9188 - Microsoft Corporation) Hidden

VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden

Visitenkarten in 2 Minuten (HKLM-x32\...\Visitenkarten in 2 Minuten) (Version:  - )

VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)

VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden

VTech Download Manager (HKLM-x32\...\VTechDownloadManager) (Version:  - VTech)

VTech Software Installer Version 20151224 (HKLM-x32\...\{798BB333-99C2-4164-A473-D4B5C0DB4E01}_is1) (Version: 20151224 - )

WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)

Windows Aero (Tahoma Font) (HKLM\...\Windows Aero (Tahoma Font)_is1) (Version:  - Eric G.)

Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)

Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)

WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

XnView 2.13 (HKLM-x32\...\XnView_is1) (Version: 2.13 - Gougelet Pierre-e)

Zahlenbuch 3 (HKLM-x32\...\Zahlenbuch 3) (Version:  - )

Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version:  - DOSBox Team)
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {02042E52-7F45-4296-8CE8-1B6B9D27D609} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-11] (Adobe Systems Incorporated)

Task: {07109C19-93CB-45E4-B762-26F42EF9A750} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe [2016-01-31] (DivX, LLC)

Task: {103332F6-1D64-417A-B68D-27AD21E176A0} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO)

Task: {2E1449B9-B60C-4833-9BAC-E34BD59A347F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-02-19] (Safer-Networking Ltd.)

Task: {50254C7F-8723-45EA-8B39-38D6AF7EE388} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO)

Task: {5EA23C0D-D73E-44B6-A1F3-0C97360AE6CE} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2609884232-144836243-1937340655-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)

Task: {5F9D9EEC-FD76-4A54-8204-1600C1C08674} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)

Task: {79D3CE87-1655-4075-8553-7CD7D76E97E6} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2609884232-144836243-1937340655-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)

Task: {79FE34D1-5C43-4A52-A2BE-1FD200BCBF9D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2016-02-19] (Safer-Networking Ltd.)

Task: {7DBE5985-58AB-4B5C-8601-8362BBF88473} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-01-12] (Adobe Systems Incorporated)

Task: {9B6B1D0D-0A55-4CB8-A59B-93AE7D28DAAF} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-02-14] (Glarysoft Ltd)

Task: {9D630954-A4C0-415A-9305-F2FC965D4B6C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-02-19] (Safer-Networking Ltd.)

Task: {B62D4E37-DE7F-4F68-8506-5DF05B7626F4} - System32\Tasks\{E303911E-F7A7-4210-B29F-2C4BCE4F74F6} => pcalua.exe -a I:\StorioSetup.exe -d I:\

Task: {C50F6062-ECD6-47D2-A46D-B53BACA3DFEA} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-07] (COMODO)

Task: {D3348319-238F-4626-A71F-90A4F9AAA57E} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO)

Task: {D4D42E4F-A5BD-43CD-BBE9-3A45519BB5AA} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO)

Task: {DFA35058-E7A9-4D0D-89D2-BF7603A31F96} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-02-14] (Glarysoft Ltd)
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
 

==================== Verknüpfungen =============================
 

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2012-08-10 16:24 - 2009-11-05 06:40 - 00085504 _____ () C:\Windows\System32\cpwmon64.dll

2011-12-19 17:59 - 2015-01-08 23:02 - 00067808 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav

2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll

2011-07-28 16:44 - 2011-07-28 16:44 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll

2011-07-28 16:55 - 2011-07-28 16:55 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2016-02-19 12:47 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl

2016-02-19 12:47 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl

2016-02-19 12:47 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl

2016-02-19 12:47 - 2016-02-19 12:47 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll

2016-02-19 12:47 - 2016-02-19 12:47 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll

2012-08-31 20:13 - 2015-08-30 21:02 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll

2012-08-31 20:13 - 2015-08-30 21:02 - 00051744 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll

2012-08-10 16:13 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

2016-02-19 14:25 - 2015-12-23 16:27 - 00355616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl

2016-02-19 14:25 - 2015-12-23 16:27 - 00190240 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl

2016-02-19 14:25 - 2015-12-23 16:27 - 00057632 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 

AlternateDataStreams: C:\Windows:0B2A40BB4D06387A

AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\aaclient.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\CPFilters.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\EncDec.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ExplorerFrame.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\fixmapi.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ftbusui.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ftcserco.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ftd2xx.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\FTLang.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ftserui2.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\icaapi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID

AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\inseng.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\jnwmon.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\KBDAZE.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\KBDAZEL.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\kbdgeoqw.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mapi32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mapistub.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mcupdate_GenuineIntel.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msvcp110.dll:$CmdZnID

AlternateDataStreams: C:\Windows\system32\msvcr110.dll:$CmdZnID

AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msxml6.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msxml6r.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mtxoci.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\nlsbres.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\occache.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\qedit.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\RtNicProp64.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\RTNUninst64.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\schedsvc.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\sdnclean64.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\sysmain.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ucrtbase.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Vim.RWBlock.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\vimbase.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\vimsdk.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\webcheck.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID

AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID

AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\aaclient.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\certcli.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\CMDLGIT.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\COMDLG32.OCX:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\CPFilters.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\d3d10warp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\davclnt.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\devolopacket.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\devolopcap.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\dwmapi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\EncDec.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ExplorerFrame.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\fixmapi.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ftd2xx.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\inseng.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\KBDAZE.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\KBDAZEL.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\kbdgeoqw.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ksuser.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mapi32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mapistub.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MSCAL.OCX:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MSCMCIT.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\Mscomctl.ocx:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MSINET.ocx:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MSMASK32.OCX:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MSMSKIT.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msorcl32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msvcp140.dll:$CmdZnID

AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msxml6.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msxml6r.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mtxoci.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\nlsbres.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\notepad.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\occache.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ole32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\qasf.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\SQLite3VB.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\tsgqec.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ucrtbase.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\Vantage.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\VB6IT.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\webcheck.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WebClnt.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wmpmde.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ZLibWAPI.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\zmbv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\drmkaud.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ftdibus.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ftser2k.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\psi_mf_amd64.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\Rtlh64.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ssadbus.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ssadcmnt.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ssadmdfl.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ssadmdm.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ssadserd.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ssadwhnt.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ssudbus.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ssudmdm.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\tssecsrv.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\UimBus.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\UimFIO.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\uim_devim.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\uim_im.sys:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\Drivers\npf_devolo.sys:$CmdTcID
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SophosVirusRemovalTool => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SophosVirusRemovalTool => ""="Service"
 

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com

IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com

IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com

IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com

IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com

IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com

IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com

IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com

IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com

IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com

IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com

IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com

IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com

IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com

IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net

IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net

IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info

IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com

IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com

IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 

Da befinden sich 7872 mehr Seiten.
 

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\007guard.com -> install.007guard.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\008i.com -> 008i.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\008k.com -> www.008k.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\00hq.com -> www.00hq.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\010402.com -> 010402.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\0scan.com -> www.0scan.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\1-2005-search.com -> www.1-2005-search.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\1000gratisproben.com -> www.1000gratisproben.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\1001namen.com -> www.1001namen.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\100888290cs.com -> mir.100888290cs.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\100sexlinks.com -> www.100sexlinks.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\10sek.com -> www.10sek.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\12-26.net -> user1.12-26.net

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\12-27.net -> user1.12-27.net

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\123fporn.info -> www.123fporn.info

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\123moviedownload.com -> www.123moviedownload.com

IE restricted site: HKU\S-1-5-21-2609884232-144836243-1937340655-1000\...\123simsen.com -> www.123simsen.com
 

Da befinden sich 7872 mehr Seiten.
 
 

==================== Hosts Inhalt: ==========================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2009-07-14 03:34 - 2016-02-19 13:54 - 00451075 ____R C:\Windows\system32\Drivers\etc\hosts
 

127.0.0.1        www.007guard.com

127.0.0.1        007guard.com

127.0.0.1        008i.com

127.0.0.1        www.008k.com

127.0.0.1        008k.com

127.0.0.1        www.00hq.com

127.0.0.1        00hq.com

127.0.0.1        010402.com

127.0.0.1        www.032439.com

127.0.0.1        032439.com

127.0.0.1        www.0scan.com

127.0.0.1        0scan.com

127.0.0.1        www.1000gratisproben.com

127.0.0.1        1000gratisproben.com

127.0.0.1        1001namen.com

127.0.0.1        www.1001namen.com

127.0.0.1        100888290cs.com

127.0.0.1        www.100888290cs.com

127.0.0.1        www.100sexlinks.com

127.0.0.1        100sexlinks.com

127.0.0.1        www.10sek.com

127.0.0.1        10sek.com

127.0.0.1        www.1-2005-search.com

127.0.0.1        1-2005-search.com

127.0.0.1        www.123fporn.info

127.0.0.1        123fporn.info

127.0.0.1        123haustiereundmehr.com

127.0.0.1        www.123haustiereundmehr.com

127.0.0.1        123moviedownload.com

127.0.0.1        www.123moviedownload.com
 

Da befinden sich 15471 zusätzliche Einträge.
 
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-2609884232-144836243-1937340655-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 10.0.0.138

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall ist deaktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

MSCONFIG\Services: AdobeARMservice => 2

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3

MSCONFIG\Services: Freemake Improver => 2

MSCONFIG\Services: GeekBuddyRSP => 2

MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2

MSCONFIG\Services: RichVideo => 2

MSCONFIG\Services: SandraAgentSrv => 3

MSCONFIG\Services: SDScannerService => 2

MSCONFIG\Services: SDUpdateService => 2

MSCONFIG\Services: SDWSCService => 2

MSCONFIG\Services: Secunia PSI Agent => 3

MSCONFIG\Services: Secunia Update Agent => 2

MSCONFIG\Services: ServiceLayer => 3

MSCONFIG\Services: SkypeUpdate => 2

MSCONFIG\Services: SophosVirusRemovalTool => 3

MSCONFIG\Services: ST2012_Svc => 2

MSCONFIG\Services: TeamViewer => 2

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start GeekBuddy.lnk => C:\Windows\pss\Start GeekBuddy.lnk.CommonStartup

MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Amazon Cloud Drive.lnk => C:\Windows\pss\Amazon Cloud Drive.lnk.Startup

MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Persbackup.lnk => C:\Windows\pss\Persbackup.lnk.Startup

MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"

MSCONFIG\startupreg: adm_tray.exe => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: AgentMonitor => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe

MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\User\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe

MSCONFIG\startupreg: BrMfcWnd => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN

MSCONFIG\startupreg: BrowserChoice => "C:\Windows\System32\browserchoice.exe" /run

MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

MSCONFIG\startupreg: CloneCDTray => "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s

MSCONFIG\startupreg: COMODO => C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe

MSCONFIG\startupreg: CPA => C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe

MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun

MSCONFIG\startupreg: InstantBurn => C:\PROGRA~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe

MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

MSCONFIG\startupreg: MDS_Menu => "C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\MediaShow4" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1"

MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray

MSCONFIG\startupreg: PDVD8LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"

MSCONFIG\startupreg: RemoteControl8 => "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"

MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean

MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"

MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe

MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

MSCONFIG\startupreg: UpdatePDRShortCut => "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\8.0"

MSCONFIG\startupreg: UpdatePPShortCut => "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"

MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

MSCONFIG\startupreg: Viber => "C:\Users\User\AppData\Local\Viber\Viber.exe" StartMinimized
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [{17BDECFA-FD1B-4A31-A02F-7B2D28218DA7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{550236F4-DE96-44D5-816E-AFDECE19C15C}] => (Allow) LPort=2869

FirewallRules: [{FF860A2D-3081-4C35-8B94-347F72DE97A1}] => (Allow) LPort=1900

FirewallRules: [{5A74865E-8ED1-4C25-B751-E013620970FF}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

FirewallRules: [{C7283B86-8AC5-4F07-9209-7C0B61D57A65}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe

FirewallRules: [{77D1A2DA-6E41-4806-A194-9BC6941A891F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.EXE

FirewallRules: [{51F7E175-44B4-459A-90AB-992AEABC21F5}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe

FirewallRules: [{886416AE-2DED-4184-8948-3E3F2BBAEB97}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe

FirewallRules: [{86FADBFF-8492-4146-99DB-B99B932D13BE}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1\RpcAgentSrv.exe

FirewallRules: [{06B518C8-1A4B-4B9C-8F0B-F5EDCEA4C9CA}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

FirewallRules: [{314A0D8C-91F3-4551-A4B1-F8357E979217}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

FirewallRules: [{542A7092-E444-4263-BD36-2E4CE549E8F9}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe

FirewallRules: [{8329F1A0-3422-44D0-A76E-D8A7913EBE30}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe

FirewallRules: [{90A2E05D-D0AD-4723-BE70-0D931D854876}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe

FirewallRules: [{F2CD9A7F-97B1-406C-8BCF-03C88C2832CE}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe

FirewallRules: [{7463C39E-BF6B-448B-A621-93A5F8E6C0FD}] => (Allow) C:\Users\User\AppData\Local\Viber\Viber.exe

FirewallRules: [{9771BD04-EC1C-4288-BB95-4D33C33B961C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{3B8618D2-2A00-4F2D-9EF7-7A6894ED10F9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{08C8AE22-0025-43EE-9C0F-A6883A7F1E40}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{453221A6-0A0D-4998-83B8-2A0E89C0A693}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{867C9E5A-64A8-419C-B9BA-591D1E989D54}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{AC98667C-2EE5-4EE6-98BE-FD9D87074B7A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{2A7EE8B2-0D4B-46E4-BAF9-521B47D602F3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{C3273065-A5C8-4D16-BF5F-CF0FBBFB9D44}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

FirewallRules: [{8CF97821-A3AF-416B-893B-DB83FF2E6A44}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

FirewallRules: [{6D853A11-728B-43F9-B59C-90ABCC0BA666}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1\WNt500x64\RpcSandraSrv.exe

FirewallRules: [{97B23E44-9B39-4E63-B233-7756B31F299F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{1A367D12-322B-4B19-9CEE-388AAA2008CD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 

==================== Wiederherstellungspunkte =========================
 

13-02-2016 17:03:04 Installed SDFormatter.

16-02-2016 08:36:45 Windows Update

19-02-2016 11:55:13 Windows Update

21-02-2016 00:00:23 Malwarebytes Anti-Rootkit Restore Point

21-02-2016 00:20:44 JRT Pre-Junkware Removal

21-02-2016 01:08:33 JRT Pre-Junkware Removal
 

==================== Fehlerhafte Geräte im Gerätemanager =============
 
 

==================== Fehlereinträge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (02/21/2016 01:45:18 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (02/21/2016 01:03:47 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (02/21/2016 12:03:48 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (02/20/2016 05:29:57 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (02/20/2016 05:01:43 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (02/20/2016 09:21:18 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (02/19/2016 11:54:54 PM) (Source: MsiInstaller) (EventID: 11606) (User: PETROS)

Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.
 

Error: (02/19/2016 11:54:53 PM) (Source: MsiInstaller) (EventID: 11606) (User: PETROS)

Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.
 

Error: (02/19/2016 11:41:33 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 

Error: (02/19/2016 10:37:21 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 

Systemfehler:

=============

Error: (02/21/2016 01:45:20 AM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

Uim_VIM
 

Error: (02/21/2016 01:03:49 AM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

Uim_VIM
 

Error: (02/21/2016 12:03:51 AM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

Uim_VIM
 

Error: (02/21/2016 12:01:42 AM) (Source: DCOM) (EventID: 10010) (User: )

Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 

Error: (02/20/2016 05:29:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

Uim_VIM
 

Error: (02/20/2016 05:29:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: Der Dienst "MBAMService" ist vom Dienst "MBAMProtector" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

%%193
 

Error: (02/20/2016 05:29:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "MBAMProtector" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%193
 

Error: (02/20/2016 05:29:36 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: Das System wurde zuvor am ‎20.‎02.‎2016 um 17:27:29 unerwartet heruntergefahren.
 

Error: (02/20/2016 05:26:46 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 

Error: (02/20/2016 05:01:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

Uim_VIM
 
 

CodeIntegrity:

===================================

  Date: 2016-02-21 01:32:30.401

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-02-21 00:57:16.506

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-02-21 00:18:17.407

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-02-20 18:19:52.321

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-02-20 17:45:03.304

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-02-19 23:08:09.104

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-02-19 22:58:12.371

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-02-19 22:44:00.858

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-02-19 13:53:19.534

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-02-19 12:39:57.866

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: AMD A8-3870 APU with Radeon(tm) HD Graphics

Prozentuale Nutzung des RAM: 25%

Installierter physikalischer RAM: 7657.34 MB

Verfügbarer physikalischer RAM: 5700.41 MB

Summe virtueller Speicher: 15312.88 MB

Verfügbarer virtueller Speicher: 13070.79 MB
 

==================== Laufwerke ================================
 

Drive c: () (Fixed) (Total:465.66 GB) (Free:389.55 GB) NTFS

Drive e: (HOPPY LABEL) (Fixed) (Total:931.51 GB) (Free:203.63 GB) NTFS

Drive h: (Elements) (Fixed) (Total:1863.01 GB) (Free:322.73 GB) NTFS
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E40D0D72)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
 

========================================================

Disk: 1 (Size: 931.5 GB) (Disk ID: E8900690)

Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 

========================================================

Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0024A9D5)

Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 

==================== Ende von Addition.txt ============================

Bitte Finger weg von IOBit!

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

Driver Booster 3.2
IObit Uninstaller
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .