Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPDiag v2015.7.7.85 Von Nicolas Coolman (2015\07\07)
~ gestartet von Hamza Bo (Administrator) (2015/07/07 20:41:21)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Version des Status: Version OK
~ Modus: Scanner
~ Bericht: C:\Users\Hamza Bo\Desktop\ZHPDiag.txt
~ Bericht: C:\Users\Hamza Bo\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Systemstart: Normal (Normal boot)
~ Windows 8.1, 64-bit (Build 9600)
---\\ Internet-browser (3) - 0s
GCIE: Google Chrome v43.0.2357.130
MFIE: Mozilla v38.0.5
MSIE: Internet Explorer v11.0.10011.0
---\\ Windows-Produkt-Informationen (3) - 6s
~ Windows Server License Manager Script : OK
System - VBScript Engine not found
Windows Activation Technologies : OK
---\\ System-Datenschutz-software (1) - 0s
Malwarebytes Anti-Malware Version 2.1.8.1057
---\\ System-Optimierungs-software (1) - 0s
CCleaner v5.07
---\\ Monitoring Software (1) - 0s
Adobe Flash Player 18 NPAPI
---\\ Informationen über das system (6) - 0s
~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
~ Total physical RAM (KB): 8275572
~ System Restore: Activé (Enable)
~ System drive C: has 563 GB free of 823 GB
---\\ Verbindung zu den Systemmodus (3) - 0s
~ Computer Name: HAMZABO
~ User Name: Hamza Bo
~ Logged in as Administrator
---\\ Aufzählung von Disk-Einheiten (2) - 0s
~ Drive C: has 563 GB free of 823 GB (System)
~ Drive D: has 102 GB free of 102 GB
---\\ Suche generische Systemdateien (22) - 1s
[MD5.D3FF80EC603DC824974CE8810576D24D] - (.Microsoft Corporation - Windows-Explorer.) () -- C:\WINDOWS\Explorer.exe [4398680]
[MD5.5E6AF45D5688FD76EF33C75EB47A4CA3] - (.Microsoft Corporation - Windows-Hostprozess (Rundll32).) () -- C:\WINDOWS\System32\rundll32.exe [59392]
[MD5.EA42887F0E8285D32D94C5F66F32DE49] - (.Microsoft Corporation - Windows-Startanwendung.) () -- C:\WINDOWS\System32\Wininit.exe [289936]
[MD5.D587D824CBA22B8BB0E6FDAC1BE33AFE] - (.Microsoft Corporation - Interneterweiterungen für Win32.) () -- C:\WINDOWS\System32\wininet.dll [2693632]
[MD5.7CB1135491D26D6A29F478F0429F2E29] - (.Microsoft Corporation - Windows-Anmeldeanwendung.) () -- C:\WINDOWS\System32\Winlogon.exe [580608]
[MD5.87E277D57972E39244B1E1BC7630E188] - (.Microsoft Corporation - Softwarelizenzierungsbibliothek.) () -- C:\WINDOWS\System32\sppcomapi.dll [430080]
[MD5.A91608BF0F2060E01DD763D33F88E64F] - (.Microsoft Corporation - Treiber für zusätzliche WinSock-Funktionen.) () -- C:\WINDOWS\System32\drivers\AFD.sys [575976]
[MD5.89DE35A0DEA4A12EB0869F97FEB1974C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [28648]
[MD5.76F171AB060947321095981D04FB7B4B] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [92672]
[MD5.BCB89115A9972B62ED6F95A0044075D0] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [174080]
[MD5.E8B9984E0723403EA62C9BD9260E010B] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\WINDOWS\System32\drivers\DfsC.sys [142848]
[MD5.8800483417D55485D1A950E1EC327E78] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\WINDOWS\System32\drivers\HDAudBus.sys [81408]
[MD5.9F3B57EB8EBEE459EA7B27D927BA7BF5] - (.Microsoft Corporation - i8042-Anschlusstreiber.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [114176]
[MD5.31C68D339A991024B85ECC9312A511BF] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [143360]
[MD5.25EE0E2D94292DDAB4C5C7618B4CBA73] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [430592]
[MD5.55F209E6A4F69EFD28972898844269FD] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [271360]
[MD5.B1FBB10C915792F3564E472A6CE2872A] - (.Microsoft Corporation - NT-Dateisystemtreiber.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [2114536]
[MD5.E7B1A1BBE71FB1AD38E99B89D5980F7A] - (.Microsoft Corporation - Treiber für parallelen Anschluss.) () -- C:\WINDOWS\System32\drivers\Parport.sys [96768]
[MD5.3D45ABA86C7429248EE11B934C35AE82] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960]
[MD5.20F5845031E94320E9EB0FA03E85F658] - (.Microsoft Corporation - Geräte-Redirector für Microsoft RDP.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [173568]
[MD5.FA9341866F1743B1C405BD6509EFF366] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\WINDOWS\System32\drivers\tdx.sys [117224]
[MD5.45EDEC10721B4981856C65DCA895E1A8] - (.Microsoft Corporation - Volumeschattenkopie-Treiber.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [378856]
---\\ Prozess läuft (1) - 1s
[MD5.BE462093F05F16C409C79C5AE4155F5A] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624] [PID.792]
---\\ Google Chrome, Startseite,Seiten of search,Ausdehnung, (G0,G1,G2) (19) - 0s
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] "https://login.rz.ruhr-uni-bochum.de/cgi-bin/start"
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] "http://www.facebook.com/?ref=logo"
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] "https://dub117.mail.live.com/default.aspx?id=64855"
G2 - GCE: Extension [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [beobeededemalmllhkmnkinmfembdimh] __MSG_tv_name__
G2 - GCE: Extension [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [bpckajjkmjncafjlkielcgheibdlnfgc] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock
G2 - GCE: Extension [User Data\Default] [ioekoebejdcmnlefjiknokhhafglcjdl] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [jfnniehafojoidolddmhfnpnbiolbppi] Roomstyler 3D planner
G2 - GCE: Extension [User Data\Default] [jpnjjlbngpejmmhgcaagljaomgnginml] __MSG_name__
G2 - GCE: Extension [User Data\Default] [kdmmkfaghgcicheaimnpffeeekheafkb] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Extension [User Data\Default] [ljphpjlafmmdmegmfbkacafhbegjfkkn] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [lkgfemnodkdnenmfkblebnkjpckkjcae] AudioSauna
G2 - GCE: Extension [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [noohoboklgjeccnihfkbdakbchbhjlch] GIFPAL
G2 - GCE: Extension [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
---\\ Mozilla Firefox, Plugins,Startseite,Seiten of search,Ausdehnung (P2,M0,M1,M2,M3) (17) - 1s
M0 - MFSP: prefs.js [Hamza Bo - qx60e3fs.default] https://login.rz.ruhr-uni-bochum.de/cgi-bin/start
M0 - MFSP: prefs.js [Hamza Bo - qx60e3fs.default] https://de-de.facebook.com/
M0 - MFSP: prefs.js [Hamza Bo - qx60e3fs.default] https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=12&ct=1433542868&rver=6.4.6456.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fmail.live.com%2Fdefault.aspx%3Frru%3Dinbox&lc=1031&id=64855&mkt=de-DE&cbcxt=mai
P2 - EXT: (.National Instruments - LabVIEW 2013 Netscape Plug-in for Win32.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nplv2013win32.dll
P2 - EXT: (.National Instruments - LabVIEW 2014 Netscape Plug-in for Win32.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nplv2014win32.dll
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazondotcom-de.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay-de.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\leo_ende_de.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia-de.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo-de.xml
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.2.1] - (.VideoLAN.) -- C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
---\\ Internet Explorer, Startseite,Seiten of search,Ausdehnung (R0,R1,R3,R4) (19) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
---\\ Internet Explorer, Proxy Management (R5) (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto Laden von Programmen (3) - 0s
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=
---\\ Hosts Datei-Umleitung (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)
---\\ Auto Laden von Programmen vom Register und Ordner (O4) (14) - 1s
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Realtek HD Audio-Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [RtHDVBg_LENOVO_MICPKEY] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [Logitech Download Assistant] . (.Microsoft Corporation - Windows-Hostprozess (Rundll32).) -- C:\Windows\System32\rundll32.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_B898FE550F83476FBF286626E8E73E3C] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe
O4 - HKCU\..\Run: [NIRegistrationWizard] . (...) -- C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe
O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe
O4 - HKUS\S-1-5-21-3204060503-2366626174-2290803782-1001\..\Run: [GoogleChromeAutoLaunch_B898FE550F83476FBF286626E8E73E3C] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-3204060503-2366626174-2290803782-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe
O4 - HKUS\S-1-5-21-3204060503-2366626174-2290803782-1001\..\Run: [NIRegistrationWizard] . (...) -- C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe
---\\ Lop.com/Domain Entführer (O17) (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 172.16.1.1
---\\ Nicht von Microsoft nicht deaktiviert Windows XP/NT/2000-Dienste (O23) (1) - 0s
O23 - Service: Power Control [2015/06/06 00:59:18] ({C5F942FD-1110-4664-86CE-0C6BDA305235}) . (.CyberLink Corp. - .) - C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl
---\\ Im Automatikbetrieb geplanten Tasks (O39) (17) - 1s
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [884]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\MATLAB R2013a Startup Accelerator.job [568]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\Wise Turbo Checker.job [376]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task [4000]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [3872]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-h.bouroum@outlook.de [2866] =>PUP.Optional.CrossRider
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\CCleanerSkipUAC [2860]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [3316]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d0a54646fff1e0 [3346]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\Health-Check [2980]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\Health-Check-auto [2694]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\Health-Check-deep [2998]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\MATLAB R2013a Startup Accelerator [3298]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for HAMZABO-Hamza Bo HamzaBo [4176]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\NIUpdateServiceStartupTask [3374]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\SpeechRuntimeTask [2354]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\Wise Turbo Checker [2448]
---\\ Installierte Software (O42) (43) - 3s
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: MATLAB R2013a - (.The MathWorks, Inc..) [HKLM][64Bits] -- Matlab R2013a
O42 - Logiciel: WinRAR 5.21 (64-Bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Lenovo Rescue System - (.CyberLink Corp..) [HKLM][64Bits] -- {46F4D124-20E5-4D12-BE52-EC177A7A4B42}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Office 15 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008F-0000-1000-0000000FF1CE}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {93F2A022-6C37-48B8-B241-FFABD9F60C30}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {C4123106-B685-48E6-B9BD-E4F911841EB4}
O42 - Logiciel: Apple Application Support (64-Bit) - (.Apple Inc..) [HKLM][64Bits] -- {D7B824DE-DA32-4772-9E5E-39C5158136A7}
O42 - Logiciel: Shared C Run-time for x64 - (.McAfee.) [HKLM][64Bits] -- {EF79C448-6946-4D71-8134-03407888C054}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: DC++ (remove only) - (...) [HKLM][64Bits] -- DC++
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Lenovo Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Lenovo Rescue System - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}
O42 - Logiciel: Malwarebytes Anti-Malware Version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Mozilla Firefox 38.0.5 (x86 de) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 38.0.5 (x86 de)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: National Instruments - Software - (.National Instruments.) [HKLM][64Bits] -- NI Uninstaller
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM][64Bits] -- Picasa 3
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
O42 - Logiciel: Adobe Photoshop CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {15FEDA5F-141C-4127-8D7E-B962D1742728}
O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM][64Bits] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E}
O42 - Logiciel: Brother MFL-Pro Suite DCP-J140W - (.Brother Industries, Ltd..) [HKLM][64Bits] -- {2FF959E3-FFE4-46C4-96DA-03F26BCFEFCC}
O42 - Logiciel: CyberLink PowerDVD 14 - (.CyberLink Corp..) [HKLM][64Bits] -- {32C8E300-BDB4-4398-92C2-E9B7D8A233DB}
O42 - Logiciel: Lenovo Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Office 15 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0000-0000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0407-0000-0000000FF1CE}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: PDF Settings CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A78FE97A-C0C8-49CE-89D0-EDD524A17392}
O42 - Logiciel: Adobe Acrobat DC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-1033-FFFF-7760-0C0F074E4100}
O42 - Logiciel: Apple Application Support (32-Bit) - (.Apple Inc..) [HKLM][64Bits] -- {AFA1153A-F547-409B-B837-3A0D6C5A3FEC}
O42 - Logiciel: Driver & Application Installation - (.Lenovo.) [HKLM][64Bits] -- {BFECCF2A-F094-4066-8BFA-29CCBB7F6602}
O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
---\\ HKCU & HKLM Software Keys (67) - 3s
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\Brother
HKLM\SOFTWARE\Wow6432Node\Brother Industries, Ltd.
HKLM\SOFTWARE\Wow6432Node\Business Objects
HKLM\SOFTWARE\Wow6432Node\Cadence Design Systems
HKLM\SOFTWARE\Wow6432Node\CyberLink
HKLM\SOFTWARE\Wow6432Node\DC++
HKLM\SOFTWARE\Wow6432Node\DivXNetworks
HKLM\SOFTWARE\Wow6432Node\ej-technologies
HKLM\SOFTWARE\Wow6432Node\FLEXlm License Manager
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\Innovative Solutions
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Lenovo
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\MAXSOFT-OCRON
HKLM\SOFTWARE\Wow6432Node\MicroQuill
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\National Instruments
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\ParetoLogic =>PUP.Optional.Paretologic
HKLM\SOFTWARE\Wow6432Node\SRS Labs
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\Brother
HKCU\SOFTWARE\CyberLink
HKCU\SOFTWARE\ej-technologies
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Innovative Solutions
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Lake
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\LogiShrd
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Mathworks
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\National Instruments
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\OrCAD
HKCU\SOFTWARE\ParetoLogic =>PUP.Optional.Paretologic
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\PSpice
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Remo Software
HKCU\SOFTWARE\The Silicon Realms Toolworks
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
---\\ Inhalt der Ordner Programme, ProgramFiles, ProgramData, AppData (O43) (172) - 4s
O43 - CFD: 2015/07/06 01:11:54 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2015/07/06 01:10:09 - [] D -- C:\Program Files (x86)\Adobe Media Player
O43 - CFD: 2015/06/06 00:15:39 - [] D -- C:\Program Files (x86)\Apple Software Update
O43 - CFD: 2015/06/06 00:15:30 - [] D -- C:\Program Files (x86)\Bonjour
O43 - CFD: 2015/06/23 17:13:47 - [] D -- C:\Program Files (x86)\Brother
O43 - CFD: 2015/06/23 17:13:43 - [] D -- C:\Program Files (x86)\Browny02
O43 - CFD: 2015/07/06 01:08:17 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2015/06/23 17:13:41 - [] D -- C:\Program Files (x86)\ControlCenter4
O43 - CFD: 2015/06/06 00:53:39 - [] D -- C:\Program Files (x86)\Cyberlink
O43 - CFD: 2015/06/06 00:29:09 - [] D -- C:\Program Files (x86)\DC++
O43 - CFD: 2015/06/12 21:30:53 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2015/07/07 17:37:29 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2015/06/08 17:51:06 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/07/02 16:01:38 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2015/06/06 00:15:51 - [] D -- C:\Program Files (x86)\iTunes
O43 - CFD: 2015/06/09 23:42:22 - [] D -- C:\Program Files (x86)\Lenovo
O43 - CFD: 2015/06/28 21:38:47 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 2015/06/06 01:03:21 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2015/07/02 18:29:24 - [] D -- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 2015/06/23 02:22:46 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/07/02 16:01:38 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/06/06 00:19:39 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2015/06/23 02:46:33 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2013/06/10 17:01:07 - [] D -- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 2015/07/02 16:10:24 - [] D -- C:\Program Files (x86)\National Instruments
O43 - CFD: 2015/06/06 00:56:17 - [] D -- C:\Program Files (x86)\NSIS Uninstall Information
O43 - CFD: 2015/06/23 02:46:33 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2015/06/07 14:59:22 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 2015/05/23 19:07:46 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2015/06/23 02:22:47 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2015/05/23 19:07:46 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2015/05/23 15:06:48 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 2015/05/23 15:06:45 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2015/05/23 19:07:46 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2015/05/23 15:06:48 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2015/05/23 15:06:45 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2015/05/23 15:06:45 - [] SD -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 2015/05/23 15:06:49 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/05/23 19:12:38 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/05/23 15:06:49 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/07/06 01:10:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
O43 - CFD: 2015/06/23 17:14:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
O43 - CFD: 2015/07/07 17:37:20 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cadence
O43 - CFD: 2015/06/24 16:20:51 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 2015/06/23 02:27:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 14
O43 - CFD: 2015/06/23 02:27:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DC++
O43 - CFD: 2015/06/23 02:27:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/07/02 19:03:01 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 2015/07/07 17:35:23 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JKI
O43 - CFD: 2015/06/23 02:27:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
O43 - CFD: 2015/06/23 02:27:16 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Rescue System
O43 - CFD: 2015/05/23 15:06:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/06/28 21:38:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 2015/07/02 20:12:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB
O43 - CFD: 2015/06/23 02:27:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 2015/07/02 16:00:23 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2015/07/02 16:11:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\National Instruments
O43 - CFD: 2015/06/23 02:27:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
O43 - CFD: 2015/07/02 16:10:29 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2015/05/23 15:06:49 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2015/05/23 19:12:36 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/06/23 02:27:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2015/07/02 19:03:01 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/07/06 02:00:02 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2013/06/06 14:57:19 - [0] SHD -- C:\ProgramData\Anwendungsdaten
O43 - CFD: 2015/06/06 00:15:37 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2015/06/06 00:15:50 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 2015/05/23 15:39:56 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/06/07 01:56:26 - [] D -- C:\ProgramData\Brother
O43 - CFD: 2015/05/23 15:06:45 - [0] D -- C:\ProgramData\Comms
O43 - CFD: 2015/06/23 17:13:41 - [] D -- C:\ProgramData\ControlCenter4
O43 - CFD: 2015/06/09 23:42:21 - [] D -- C:\ProgramData\CyberLink
O43 - CFD: 2015/05/23 15:39:56 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2015/05/23 15:39:56 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2013/06/06 14:57:19 - [0] SHD -- C:\ProgramData\Dokumente
O43 - CFD: 2015/06/06 00:16:02 - [] D -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
O43 - CFD: 2013/06/06 15:01:04 - [] D -- C:\ProgramData\eBay
O43 - CFD: 2015/06/18 15:56:39 - [] D -- C:\ProgramData\Innovative Solutions
O43 - CFD: 2015/06/06 00:53:28 - [] D -- C:\ProgramData\install_clap
O43 - CFD: 2015/07/07 17:35:27 - [] D -- C:\ProgramData\JKI
O43 - CFD: 2015/06/18 15:21:59 - [] D -- C:\ProgramData\Licenses
O43 - CFD: 2015/06/08 19:41:57 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2015/06/23 02:36:42 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/06/09 20:57:33 - [] D -- C:\ProgramData\Microsoft OneDrive
O43 - CFD: 2015/06/06 00:19:39 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2015/07/02 18:36:58 - [] D -- C:\ProgramData\National Instruments
O43 - CFD: 2013/06/06 13:36:22 - [] D -- C:\ProgramData\OneKey Recovery
O43 - CFD: 2015/06/06 00:56:25 - [] D -- C:\ProgramData\PDVD
O43 - CFD: 2015/06/09 20:30:52 - [] D -- C:\ProgramData\PRICache
O43 - CFD: 2015/07/07 18:51:17 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 2015/06/24 15:31:55 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2015/07/07 17:32:52 - [] D -- C:\ProgramData\sPlan70(Demo)
O43 - CFD: 2015/05/23 15:39:56 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2013/06/06 14:57:19 - [0] SHD -- C:\ProgramData\Startmenü
O43 - CFD: 2015/06/06 00:57:31 - [] D -- C:\ProgramData\SUPPORTDIR
O43 - CFD: 2015/06/18 15:57:43 - [] AD -- C:\ProgramData\Temp
O43 - CFD: 2015/05/23 15:39:56 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/06/09 20:58:08 - [] D -- C:\ProgramData\Users
O43 - CFD: 2015/05/23 15:41:15 - [] D -- C:\ProgramData\USOPrivate
O43 - CFD: 2015/07/07 19:27:49 - [] D -- C:\ProgramData\USOShared
O43 - CFD: 2013/06/06 14:57:19 - [0] SHD -- C:\ProgramData\Vorlagen
O43 - CFD: 2015/07/06 01:11:34 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2015/07/06 01:08:17 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 2015/06/16 22:44:42 - [] D -- C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 2015/06/18 15:56:35 - [] D -- C:\Program Files (x86)\Common Files\Innovative Solutions
O43 - CFD: 2015/06/23 02:14:18 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 2015/06/23 02:22:46 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 2015/07/02 16:11:43 - [] D -- C:\Program Files (x86)\Common Files\OPC Foundation
O43 - CFD: 2015/05/23 15:06:48 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2015/05/23 19:07:46 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2015/07/06 02:27:07 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\Adobe
O43 - CFD: 2015/07/06 02:14:04 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\Adobe Mini Bridge CS5
O43 - CFD: 2015/06/16 22:44:43 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\Apple Computer
O43 - CFD: 2015/06/29 16:35:55 - [] RD -- C:\Users\Hamza Bo\AppData\Roaming\Brother
O43 - CFD: 2015/07/06 04:23:45 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O43 - CFD: 2015/06/06 01:08:27 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\CyberLink
O43 - CFD: 2015/07/02 18:54:46 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\DriverCure =>PUP.Optional.Paretologic
O43 - CFD: 2015/06/08 18:43:29 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\Identities
O43 - CFD: 2015/06/23 17:12:13 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\InstallShield
O43 - CFD: 2015/07/03 00:08:56 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\LibreOffice
O43 - CFD: 2015/06/05 23:57:21 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\Macromedia
O43 - CFD: 2015/07/02 20:15:56 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\MathWorks
O43 - CFD: 2015/07/02 21:01:02 - [] SD -- C:\Users\Hamza Bo\AppData\Roaming\Microsoft
O43 - CFD: 2015/06/06 00:19:54 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\Mozilla
O43 - CFD: 2015/07/02 18:54:45 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\ParetoLogic =>PUP.Optional.Paretologic
O43 - CFD: 2015/06/18 15:21:56 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\Remo
O43 - CFD: 2015/06/18 15:22:33 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\Remo MORE
O43 - CFD: 2015/06/18 15:22:29 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\Remo Suite
O43 - CFD: 2015/07/06 02:14:04 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
O43 - CFD: 2015/07/02 20:16:25 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\Subversion
O43 - CFD: 2015/06/15 22:19:05 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\vlc
O43 - CFD: 2015/06/06 01:08:35 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\WebApp
O43 - CFD: 2015/06/06 00:58:22 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\WinRAR
O43 - CFD: 2015/07/06 00:54:34 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\yWorks
O43 - CFD: 2015/07/07 20:41:33 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\ZHP
O43 - CFD: 2015/07/07 16:20:02 - [] D -- C:\Users\Hamza Bo\AppData\Local\ActiveSync
O43 - CFD: 2015/07/07 02:00:04 - [] D -- C:\Users\Hamza Bo\AppData\Local\Adobe
O43 - CFD: 2015/06/23 02:20:11 - [0] SHD -- C:\Users\Hamza Bo\AppData\Local\Anwendungsdaten
O43 - CFD: 2015/06/06 00:15:39 - [] D -- C:\Users\Hamza Bo\AppData\Local\Apple
O43 - CFD: 2015/06/10 23:52:13 - [] D -- C:\Users\Hamza Bo\AppData\Local\Apple Computer
O43 - CFD: 2015/06/09 21:00:07 - [] D -- C:\Users\Hamza Bo\AppData\Local\Comms
O43 - CFD: 2015/06/06 00:56:20 - [] D -- C:\Users\Hamza Bo\AppData\Local\CyberLink
O43 - CFD: 2015/06/07 02:31:06 - [] D -- C:\Users\Hamza Bo\AppData\Local\Diagnostics
O43 - CFD: 2015/06/09 20:59:18 - [] D -- C:\Users\Hamza Bo\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2015/06/09 21:03:46 - [0] SHD -- C:\Users\Hamza Bo\AppData\Local\EmieBrowserModeList
O43 - CFD: 2015/06/09 21:03:46 - [0] SHD -- C:\Users\Hamza Bo\AppData\Local\EmieSiteList
O43 - CFD: 2015/06/09 21:03:46 - [0] SHD -- C:\Users\Hamza Bo\AppData\Local\EmieUserList
O43 - CFD: 2015/06/09 23:03:51 - [] D -- C:\Users\Hamza Bo\AppData\Local\GameDVR
O43 - CFD: 2015/06/12 21:31:03 - [] D -- C:\Users\Hamza Bo\AppData\Local\Google
O43 - CFD: 2015/06/18 16:16:57 - [] D -- C:\Users\Hamza Bo\AppData\Local\Innovative Solutions
O43 - CFD: 2015/06/06 00:24:35 - [] D -- C:\Users\Hamza Bo\AppData\Local\Macromedia
O43 - CFD: 2015/06/28 20:35:57 - [] D -- C:\Users\Hamza Bo\AppData\Local\Microsoft
O43 - CFD: 2015/06/06 00:19:54 - [] D -- C:\Users\Hamza Bo\AppData\Local\Mozilla
O43 - CFD: 2015/07/02 16:16:21 - [] D -- C:\Users\Hamza Bo\AppData\Local\National Instruments
O43 - CFD: 2015/06/09 20:56:27 - [0] D -- C:\Users\Hamza Bo\AppData\Local\NetworkTiles
O43 - CFD: 2015/06/24 15:28:08 - [] D -- C:\Users\Hamza Bo\AppData\Local\Packages
O43 - CFD: 2015/06/05 23:58:26 - [] D -- C:\Users\Hamza Bo\AppData\Local\Power2Go
O43 - CFD: 2015/06/08 19:41:46 - [] D -- C:\Users\Hamza Bo\AppData\Local\Programs
O43 - CFD: 2015/06/13 21:00:06 - [] D -- C:\Users\Hamza Bo\AppData\Local\Publishers
O43 - CFD: 2015/06/09 21:02:59 - [] D -- C:\Users\Hamza Bo\AppData\Local\Spartan
O43 - CFD: 2015/07/07 20:41:24 - [] D -- C:\Users\Hamza Bo\AppData\Local\Temp
O43 - CFD: 2015/06/23 02:20:11 - [0] SHD -- C:\Users\Hamza Bo\AppData\Local\Temporary Internet Files
O43 - CFD: 2015/06/09 20:55:57 - [] D -- C:\Users\Hamza Bo\AppData\Local\TileDataLayer
O43 - CFD: 2015/06/23 02:20:11 - [0] SHD -- C:\Users\Hamza Bo\AppData\Local\Verlauf
O43 - CFD: 2015/06/06 01:02:31 - [] D -- C:\Users\Hamza Bo\AppData\Local\VirtualStore
O43 - CFD: 2015/06/23 02:21:17 - [] RD -- C:\Users\Hamza Bo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/06/23 03:25:30 - [] RD -- C:\Users\Hamza Bo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/06/23 03:25:39 - [] RD -- C:\Users\Hamza Bo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/06/23 02:21:17 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/06/23 03:25:39 - [] RD -- C:\Users\Hamza Bo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2015/06/23 02:27:16 - [] RD -- C:\Users\Hamza Bo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2015/07/02 19:03:01 - [0] D -- C:\Users\Hamza Bo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
---\\ Liste der Treiber des Systems (SDL) (O58) (54) - 2s
O58 - SDL:2015/05/23 14:51:48 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [109032]
O58 - SDL:2015/05/23 14:51:48 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135592]
O58 - SDL:2015/05/23 14:51:48 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83432]
O58 - SDL:2015/05/23 14:51:48 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259560]
O58 - SDL:2015/05/23 14:51:48 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [27112]
O58 - SDL:2015/05/23 14:51:48 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [132072]
O58 - SDL:2015/05/23 14:51:48 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [17624]
O58 - SDL:2015/05/23 14:51:47 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [531432]
O58 - SDL:2015/05/23 14:51:47 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3437032]
O58 - SDL:2012/10/03 16:14:56 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys [33240]
O58 - SDL:2012/07/02 15:16:02 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\HECIx64.sys [62784]
O58 - SDL:2015/05/23 14:51:48 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64488]
O58 - SDL:2015/05/23 14:51:26 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128]
O58 - SDL:2015/05/23 14:51:26 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [122608]
O58 - SDL:2015/05/23 14:51:48 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673256]
O58 - SDL:2015/05/23 14:51:48 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412136]
O58 - SDL:2015/05/23 14:51:53 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [424936]
O58 - SDL:2015/06/09 21:15:36 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [3775416]
O58 - SDL:2012/06/19 07:40:50 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\WINDOWS\System32\drivers\IntcDAud.sys [342528]
O58 - SDL:2014/08/01 22:18:33 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\iwdbus.sys [27032]
O58 - SDL:2015/05/23 14:51:51 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [109032]
O58 - SDL:2015/05/23 14:51:51 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [104936]
O58 - SDL:2015/05/23 14:51:52 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [99304]
O58 - SDL:2015/05/23 14:51:52 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82920]
O58 - SDL:2015/06/18 08:41:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [25816]
O58 - SDL:2015/06/18 08:41:44 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [109272]
O58 - SDL:2015/07/02 19:07:31 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [113880]
O58 - SDL:2015/05/23 14:51:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59880]
O58 - SDL:2015/05/23 14:51:53 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575976]
O58 - SDL:2015/05/23 14:51:53 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [705512]
O58 - SDL:2015/05/23 14:51:53 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63976]
O58 - SDL:2015/06/18 08:42:02 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\WINDOWS\System32\drivers\mwac.sys [64216]
O58 - SDL:2015/05/23 14:51:53 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [76264]
O58 - SDL:2015/05/23 14:51:53 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150504]
O58 - SDL:2015/05/23 14:51:53 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166376]
O58 - SDL:2015/05/23 14:51:53 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58344]
O58 - SDL:2015/05/23 14:51:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [58856]
O58 - SDL:2015/01/31 15:11:46 A . (.Windows (R) Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) -- C:\WINDOWS\System32\drivers\rsblk.sys [56000]
O58 - SDL:2009/02/12 15:11:26 A . (.EldoS Corporation - RawDisk Driver. Allows write access to file.) -- C:\WINDOWS\System32\drivers\rsdrvx64.sys [26024]
O58 - SDL:2015/05/23 14:51:53 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.40 64-bit Dri.) -- C:\WINDOWS\System32\drivers\rt640x64.sys [587264]
O58 - SDL:2015/06/22 21:01:34 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys [4477696]
O58 - SDL:2015/06/09 20:58:33 A . (.Realsil Semiconductor Corporation - RTS USB READER Driver.) -- C:\WINDOWS\System32\drivers\RtsUer.sys [402960]
O58 - SDL:2012/06/15 13:50:46 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\WINDOWS\System32\drivers\RtsUVStor.sys [315536]
O58 - SDL:2015/05/23 14:51:28 A . (.Realtek Semiconductor Corporation - Realtek PCIE NDIS Driver 30382.) -- C:\WINDOWS\System32\drivers\rtwlane.sys [3558104]
O58 - SDL:2015/05/23 14:51:53 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [45032]
O58 - SDL:2015/05/23 14:51:53 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81896]
O58 - SDL:2015/05/23 14:51:53 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31208]
O58 - SDL:2015/05/23 14:52:56 A . (...) -- C:\WINDOWS\System32\drivers\Udecx.sys [44032]
O58 - SDL:2012/06/19 05:25:22 A . (.Advanced Micro Devices - AMD USB Filter Driver.) -- C:\WINDOWS\System32\drivers\usbfilter.sys [57000]
O58 - SDL:2015/05/23 14:51:54 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166888]
O58 - SDL:2015/05/23 14:51:54 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305640]
O58 - SDL:2015/05/23 14:51:53 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [27112]
O58 - SDL:2015/05/23 14:51:53 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [59368]
O58 - SDL:2012/06/13 17:10:32 A . (."CyberLink - Cyberlink Virtual Disk Driver.) -- C:\WINDOWS\System32\drivers\wsvd.sys [102376]
---\\ Neueste Dateien geändert oder erstellt (Benutzer) (O61) (7) - 75s
O61 - LFC: 2015/07/02 18:37:01 A . (..) -- C:\Users\Hamza Bo\Documents\LabVIEW Data\LVRSS\14.0.1\2fbb4440-9643-11dd-ad8b-0800200c9a67.bin [4582]
O61 - LFC: 2015/07/02 19:34:19 A . (..) -- C:\Users\Hamza Bo\Documents\LabVIEW Data\Icon Templates\Templates.14.0.1.bin [6736]
O61 - LFC: 2015/07/02 19:34:21 A . (..) -- C:\Users\Hamza Bo\Documents\LabVIEW Data\Glyphs\Glyphs.14.0.1.bin [998800]
O61 - LFC: 2015/07/02 19:44:31 A . (..) -- C:\Users\Hamza Bo\Documents\LabVIEW Data\Dependencies\NILV1401Deps_National InstrumentsLabVIEW 2014.bin [195854]
O61 - LFC: 2015/07/02 18:24:13 N . (..) -- C:\Users\Hamza Bo\Desktop\Alles\NI.LabVIEW.2014.SP1.v14.0.1.Incl.Keygen-AMPED\amped\crack\lc.exe [704512]
O61 - LFC: 2015/07/07 16:26:32 A . (..) -- C:\Users\Hamza Bo\AppData\Local\Microsoft\Internet Explorer\UrlBlock\urlblock_635718420290903895.bin [49305]
O61 - LFC: 2015/07/07 18:10:33 A . (..) -- C:\Users\Hamza Bo\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
---\\ Verbände Shell Laichen (O67) (10) - 0s
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - Registrierungs-Editor.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
---\\ Startmenü Internet (SMI) (O68) (12) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE-Hilfsprogramm für Pro-Benutzerinitalisie.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE-Hilfsprogramm für Pro-Benutzerinitalisie.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE-Hilfsprogramm für Pro-Benutzerinitalisie.) -- C:\Windows\System32\ie4uinit.exe
---\\ Suche 'Ansteckung in Internet-Browsern (SBI) (O69) (4) - 2s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {3DAC8963-81C5-46F9-AAE3-993617663D98} - (Google) - http://www.google.com/
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - http://www.google.com/
O69 - SBI: SearchScopes [HKCU] {E5292232-D977-4267-8D61-B0B80045F962} - (Bing) - http://www.bing.com/
---\\ Liste Dateien Crack & Keygen (CKF) (O82) (1) - 0s
O82 - LFC: 2015/07/02 18:24:13 N . (..) -- C:\Users\Hamza Bo\Desktop\Alles\NI.LabVIEW.2014.SP1.v14.0.1.Incl.Keygen-AMPED\amped\crack\lc.exe [704512] =>.Crack,Keygen
---\\ Liste den Dienststart von Svchost (SSS) (O83) (42) - 2s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard-Zertifikatpropagierungs.) -- C:\WINDOWS\System32\certprop.dll [192000]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard-Zertifikatpropagierungs.) -- C:\WINDOWS\System32\certprop.dll [192000]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Serverdienst-DLL.) -- C:\WINDOWS\system32\srvsvc.dll [283648]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Gruppenrichtlinienclient.) -- C:\WINDOWS\System32\gpsvc.dll [1334272]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE-Erweiterung.) -- C:\WINDOWS\System32\ikeext.dll [958976]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Dienst, der IPv6-Konnektivität über ein IPv.) -- C:\WINDOWS\System32\iphlpsvc.dll [949760]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL für sekundären Anmeldedienst.) -- C:\WINDOWS\system32\seclogon.dll [31232]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Anwendungsinformationsdienst.) -- C:\WINDOWS\System32\appinfo.dll [93696]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI-Ermittlungsdienst.) -- C:\WINDOWS\system32\iscsiexe.dll [151040]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost-Dienst.) -- C:\WINDOWS\System32\eapsvc.dll [112640]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Aufgabenplanungsdienst.) -- C:\WINDOWS\system32\schedsvc.dll [1166848]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [227840]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computersuchdienst-DLL.) -- C:\WINDOWS\System32\browser.dll [133120]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [324608]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remotedesktop-Konfigurationsdienst.) -- C:\Windows\System32\SessEnv.dll [370688]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problemberichte und -lösungen.) -- C:\WINDOWS\System32\wercplsupport.dll [95744]
O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\system32\dcpsvc.dll [196096]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft®-Kontodienst.) -- C:\WINDOWS\system32\wlidsvc.dll [1789440]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft-Netzwerkkonnektivitäts-Assistent.) -- C:\WINDOWS\System32\ncasvc.dll [167424]
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Netzwerkeinrichtungsdienst.) -- C:\WINDOWS\System32\NetSetupSvc.dll [182272]
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1016320]
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Updatesitzung für Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [337408]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE-Dienst.) -- C:\WINDOWS\System32\bdesvc.dll [359424]
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [63488]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - RAS-Verwaltung für automatisches Wählen.) -- C:\WINDOWS\System32\rasauto.dll [106496]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - RAS-Verbindungsverwaltung.) -- C:\WINDOWS\System32\rasmans.dll [697344]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamischer Schnittstellen-Manager.) -- C:\Windows\System32\mprdim.dll [498688]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Benachrichtigungsdienst für Systemereigniss.) -- C:\WINDOWS\System32\sens.dll [72192]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT-Hilfskomponenten.) -- C:\WINDOWS\System32\ipnathlp.dll [451072]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft(R) Windows(R) Telefonieserver.) -- C:\Windows\System32\tapisrv.dll [311808]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update-Agent.) -- C:\WINDOWS\system32\wuaueng.dll [2193408]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Intelligenter Hintergrundübertragungsdienst.) -- C:\WINDOWS\System32\qmgr.dll [1177088]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows-Shelldienste-DLL.) -- C:\Windows\System32\shsvcs.dll [592896]
O83 - Search Svchost Services: WalletSvc (WalletSvc) . (.Microsoft Corporation - Brieftaschen-Dienst.) -- C:\WINDOWS\system32\WalletService.dll [485376]
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation-Dienst.) -- C:\Windows\System32\lfsvc.dll [32768]
O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\WINDOWS\system32\RDXService.dll [876032]
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [803840]
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows-Verwaltungsdienst-DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [270848]
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - Benutzer-Manager.) -- C:\WINDOWS\System32\usermgr.dll [711680]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Geräteinstallations-Manager.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [204288]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows-Shelldesigndienste-DLL.) -- C:\WINDOWS\system32\themeservice.dll [59392]
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1158656]
---\\ Allgemeinzustand der Dienste nicht Microsoft (GSR) (SR = Running, SS = Stopped) (33) - 12s
SS - Disabled [2015/03/07 00:22:00] [ 81088] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - Disabled [2015/06/13 20:58:48] [ 268976] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - Disabled [2015/01/19 23:30:38] [ 77128] Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - Disabled [2011/08/30 23:05:32] [ 462184] Dienst "Bonjour" (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - Disabled [2012/06/05 15:56:28] [ 266240] BrYNSvc (BrYNSvc) . (.Brother Industries, Ltd..) - C:\Program Files (x86)\Browny02\BrYNSvc.exe
SS - Disabled [2015/06/09 21:15:38] [ 281488] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe
SS - Disabled [2015/06/12 21:30:40] [ 144200] Google Update-Dienst (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - Disabled [2015/06/12 21:30:40] [ 144200] Google Update-Dienst (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - Disabled [2015/02/13 13:08:44] [ 136120] Google Updater Service (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - Disabled [// ::] [ 319376] Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\WINDOWS\system32\igfxCUIService.exe
SS - Disabled [2015/04/07 00:28:50] [ 643880] iPod Service (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - Disabled [2014/12/02 07:53:40] [ 695136] NI Citadel 4 Service (LkCitadelServer) . (.National Instruments, Inc..) - C:\Windows\SysWOW64\lkcitdl.exe
SS - Disabled [2014/06/09 00:55:10] [ 53032] NI PSP Service Locator (lkClassAds) . (.National Instruments Corporation.) - C:\Windows\SysWOW64\lkads.exe
SS - Disabled [2014/06/09 01:06:20] [ 63280] NI Time Synchronization (lkTimeSync) . (.National Instruments Corporation.) - C:\Windows\SysWOW64\lktsrv.exe
SS - Disabled [2015/06/18 08:39:46] [ 1871160] (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SS - Disabled [2015/06/18 08:39:50] [ 1133880] (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SS - Disabled [2015/05/26 03:12:49] [ 148080] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - Disabled [2015/01/09 13:57:42] [ 84792] NI Configuration Manager (mxssvr) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\MAX\nimxs.exe
SS - Disabled [2014/11/21 11:35:48] [ 57184] NI Application Web Server (NIApplicationWebServer) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
SS - Disabled [2014/11/21 11:35:48] [ 80736] NI Application Web Server (64-bit) (NIApplicationWebServer64) . (.National Instruments Corporation.) - C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
SS - Disabled [2014/10/23 14:56:02] [ 569152] NI Authentication Service (niauth) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe
SS - Disabled [2014/06/09 01:18:42] [ 394544] NI Domain Service (NIDomainService) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
SS - Disabled [2010/08/02 10:00:00] [ 1427688] NI License Server (NILM License Manager) . (.Macrovision Corporation.) - C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe
SS - Disabled [2014/06/06 18:12:20] [ 320368] NI mDNS Responder Service (nimDNSResponder) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
SS - Disabled [2014/06/19 23:16:02] [ 177536] NI Network Discovery (NINetworkDiscovery) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
SS - Disabled [2014/06/06 10:31:08] [ 89928] NI Service Locator (NiSvcLoc) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
SS - Disabled [2014/11/21 11:35:48] [ 57168] NI System Web Server (NISystemWebServer) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
SS - Disabled [2014/06/10 14:37:56] [ 692040] NI Variable Engine (NITaggerService) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
SS - Disabled [2013/05/21 21:24:58] [ 172832] OpcEnum (OpcEnum) . (.OPC Foundation.) - C:\Windows\SysWOW64\Opcenum.exe
SS - Disabled [// ::] [ 1017344] @C:\WINDOWS\system32\SensorDataService.exe,-101 (SensorDataService) . (...) - C:\WINDOWS\System32\SensorDataService.exe
SS - Demand [2010/02/19 13:37:14] [ 517096] (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
S1 - Demand [2015/06/18 15:21:19] [ 14800] WiseHDInfo (WiseHDInfo) . (.wisecleaner.com.) - C:\Windows\WiseHDInfo64.dll
S1 - Auto [2014/10/16 09:11:30] [ 32456] Power Control [2015/06/06 00:59:18] ({C5F942FD-1110-4664-86CE-0C6BDA305235}) . (.CyberLink Corp..) - C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl
---\\ Zusätzliche Scan (O88) (5) - 0s
C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-h.bouroum@outlook.de =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\ParetoLogic =>PUP.Optional.Paretologic
HKCU\SOFTWARE\ParetoLogic =>PUP.Optional.Paretologic
C:\Users\Hamza Bo\AppData\Roaming\DriverCure =>PUP.Optional.Paretologic
C:\Users\Hamza Bo\AppData\Roaming\ParetoLogic =>PUP.Optional.Paretologic
---\\ Zusammenfassung der Erkennungen gefunden auf Ihrer workstation (2) - 0s
http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/blog =>PUP.Optional.Paretologic
~ End of the scan, 80682 items in 125 seconds (625)(1)()
~ gestartet von Hamza Bo (Administrator) (2015/07/07 20:41:21)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Version des Status: Version OK
~ Modus: Scanner
~ Bericht: C:\Users\Hamza Bo\Desktop\ZHPDiag.txt
~ Bericht: C:\Users\Hamza Bo\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Systemstart: Normal (Normal boot)
~ Windows 8.1, 64-bit (Build 9600)
---\\ Internet-browser (3) - 0s
GCIE: Google Chrome v43.0.2357.130
MFIE: Mozilla v38.0.5
MSIE: Internet Explorer v11.0.10011.0
---\\ Windows-Produkt-Informationen (3) - 6s
~ Windows Server License Manager Script : OK
System - VBScript Engine not found
Windows Activation Technologies : OK
---\\ System-Datenschutz-software (1) - 0s
Malwarebytes Anti-Malware Version 2.1.8.1057
---\\ System-Optimierungs-software (1) - 0s
CCleaner v5.07
---\\ Monitoring Software (1) - 0s
Adobe Flash Player 18 NPAPI
---\\ Informationen über das system (6) - 0s
~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
~ Total physical RAM (KB): 8275572
~ System Restore: Activé (Enable)
~ System drive C: has 563 GB free of 823 GB
---\\ Verbindung zu den Systemmodus (3) - 0s
~ Computer Name: HAMZABO
~ User Name: Hamza Bo
~ Logged in as Administrator
---\\ Aufzählung von Disk-Einheiten (2) - 0s
~ Drive C: has 563 GB free of 823 GB (System)
~ Drive D: has 102 GB free of 102 GB
---\\ Suche generische Systemdateien (22) - 1s
[MD5.D3FF80EC603DC824974CE8810576D24D] - (.Microsoft Corporation - Windows-Explorer.) () -- C:\WINDOWS\Explorer.exe [4398680]
[MD5.5E6AF45D5688FD76EF33C75EB47A4CA3] - (.Microsoft Corporation - Windows-Hostprozess (Rundll32).) () -- C:\WINDOWS\System32\rundll32.exe [59392]
[MD5.EA42887F0E8285D32D94C5F66F32DE49] - (.Microsoft Corporation - Windows-Startanwendung.) () -- C:\WINDOWS\System32\Wininit.exe [289936]
[MD5.D587D824CBA22B8BB0E6FDAC1BE33AFE] - (.Microsoft Corporation - Interneterweiterungen für Win32.) () -- C:\WINDOWS\System32\wininet.dll [2693632]
[MD5.7CB1135491D26D6A29F478F0429F2E29] - (.Microsoft Corporation - Windows-Anmeldeanwendung.) () -- C:\WINDOWS\System32\Winlogon.exe [580608]
[MD5.87E277D57972E39244B1E1BC7630E188] - (.Microsoft Corporation - Softwarelizenzierungsbibliothek.) () -- C:\WINDOWS\System32\sppcomapi.dll [430080]
[MD5.A91608BF0F2060E01DD763D33F88E64F] - (.Microsoft Corporation - Treiber für zusätzliche WinSock-Funktionen.) () -- C:\WINDOWS\System32\drivers\AFD.sys [575976]
[MD5.89DE35A0DEA4A12EB0869F97FEB1974C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [28648]
[MD5.76F171AB060947321095981D04FB7B4B] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [92672]
[MD5.BCB89115A9972B62ED6F95A0044075D0] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [174080]
[MD5.E8B9984E0723403EA62C9BD9260E010B] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\WINDOWS\System32\drivers\DfsC.sys [142848]
[MD5.8800483417D55485D1A950E1EC327E78] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\WINDOWS\System32\drivers\HDAudBus.sys [81408]
[MD5.9F3B57EB8EBEE459EA7B27D927BA7BF5] - (.Microsoft Corporation - i8042-Anschlusstreiber.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [114176]
[MD5.31C68D339A991024B85ECC9312A511BF] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [143360]
[MD5.25EE0E2D94292DDAB4C5C7618B4CBA73] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [430592]
[MD5.55F209E6A4F69EFD28972898844269FD] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [271360]
[MD5.B1FBB10C915792F3564E472A6CE2872A] - (.Microsoft Corporation - NT-Dateisystemtreiber.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [2114536]
[MD5.E7B1A1BBE71FB1AD38E99B89D5980F7A] - (.Microsoft Corporation - Treiber für parallelen Anschluss.) () -- C:\WINDOWS\System32\drivers\Parport.sys [96768]
[MD5.3D45ABA86C7429248EE11B934C35AE82] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960]
[MD5.20F5845031E94320E9EB0FA03E85F658] - (.Microsoft Corporation - Geräte-Redirector für Microsoft RDP.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [173568]
[MD5.FA9341866F1743B1C405BD6509EFF366] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\WINDOWS\System32\drivers\tdx.sys [117224]
[MD5.45EDEC10721B4981856C65DCA895E1A8] - (.Microsoft Corporation - Volumeschattenkopie-Treiber.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [378856]
---\\ Prozess läuft (1) - 1s
[MD5.BE462093F05F16C409C79C5AE4155F5A] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624] [PID.792]
---\\ Google Chrome, Startseite,Seiten of search,Ausdehnung, (G0,G1,G2) (19) - 0s
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] "https://login.rz.ruhr-uni-bochum.de/cgi-bin/start"
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] "http://www.facebook.com/?ref=logo"
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] "https://dub117.mail.live.com/default.aspx?id=64855"
G2 - GCE: Extension [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [beobeededemalmllhkmnkinmfembdimh] __MSG_tv_name__
G2 - GCE: Extension [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [bpckajjkmjncafjlkielcgheibdlnfgc] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock
G2 - GCE: Extension [User Data\Default] [ioekoebejdcmnlefjiknokhhafglcjdl] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [jfnniehafojoidolddmhfnpnbiolbppi] Roomstyler 3D planner
G2 - GCE: Extension [User Data\Default] [jpnjjlbngpejmmhgcaagljaomgnginml] __MSG_name__
G2 - GCE: Extension [User Data\Default] [kdmmkfaghgcicheaimnpffeeekheafkb] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Extension [User Data\Default] [ljphpjlafmmdmegmfbkacafhbegjfkkn] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [lkgfemnodkdnenmfkblebnkjpckkjcae] AudioSauna
G2 - GCE: Extension [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [noohoboklgjeccnihfkbdakbchbhjlch] GIFPAL
G2 - GCE: Extension [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
---\\ Mozilla Firefox, Plugins,Startseite,Seiten of search,Ausdehnung (P2,M0,M1,M2,M3) (17) - 1s
M0 - MFSP: prefs.js [Hamza Bo - qx60e3fs.default] https://login.rz.ruhr-uni-bochum.de/cgi-bin/start
M0 - MFSP: prefs.js [Hamza Bo - qx60e3fs.default] https://de-de.facebook.com/
M0 - MFSP: prefs.js [Hamza Bo - qx60e3fs.default] https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=12&ct=1433542868&rver=6.4.6456.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fmail.live.com%2Fdefault.aspx%3Frru%3Dinbox&lc=1031&id=64855&mkt=de-DE&cbcxt=mai
P2 - EXT: (.National Instruments - LabVIEW 2013 Netscape Plug-in for Win32.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nplv2013win32.dll
P2 - EXT: (.National Instruments - LabVIEW 2014 Netscape Plug-in for Win32.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nplv2014win32.dll
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazondotcom-de.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay-de.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\leo_ende_de.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia-de.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo-de.xml
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.2.1] - (.VideoLAN.) -- C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
---\\ Internet Explorer, Startseite,Seiten of search,Ausdehnung (R0,R1,R3,R4) (19) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
---\\ Internet Explorer, Proxy Management (R5) (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto Laden von Programmen (3) - 0s
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=
---\\ Hosts Datei-Umleitung (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)
---\\ Auto Laden von Programmen vom Register und Ordner (O4) (14) - 1s
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Realtek HD Audio-Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [RtHDVBg_LENOVO_MICPKEY] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [Logitech Download Assistant] . (.Microsoft Corporation - Windows-Hostprozess (Rundll32).) -- C:\Windows\System32\rundll32.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_B898FE550F83476FBF286626E8E73E3C] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe
O4 - HKCU\..\Run: [NIRegistrationWizard] . (...) -- C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe
O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe
O4 - HKUS\S-1-5-21-3204060503-2366626174-2290803782-1001\..\Run: [GoogleChromeAutoLaunch_B898FE550F83476FBF286626E8E73E3C] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-3204060503-2366626174-2290803782-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe
O4 - HKUS\S-1-5-21-3204060503-2366626174-2290803782-1001\..\Run: [NIRegistrationWizard] . (...) -- C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe
---\\ Lop.com/Domain Entführer (O17) (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 172.16.1.1
---\\ Nicht von Microsoft nicht deaktiviert Windows XP/NT/2000-Dienste (O23) (1) - 0s
O23 - Service: Power Control [2015/06/06 00:59:18] ({C5F942FD-1110-4664-86CE-0C6BDA305235}) . (.CyberLink Corp. - .) - C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl
---\\ Im Automatikbetrieb geplanten Tasks (O39) (17) - 1s
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [884]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\MATLAB R2013a Startup Accelerator.job [568]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\Wise Turbo Checker.job [376]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task [4000]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [3872]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-h.bouroum@outlook.de [2866] =>PUP.Optional.CrossRider
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\CCleanerSkipUAC [2860]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [3316]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d0a54646fff1e0 [3346]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\Health-Check [2980]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\Health-Check-auto [2694]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\Health-Check-deep [2998]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\MATLAB R2013a Startup Accelerator [3298]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for HAMZABO-Hamza Bo HamzaBo [4176]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\NIUpdateServiceStartupTask [3374]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\SpeechRuntimeTask [2354]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\System32\Tasks\Wise Turbo Checker [2448]
---\\ Installierte Software (O42) (43) - 3s
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: MATLAB R2013a - (.The MathWorks, Inc..) [HKLM][64Bits] -- Matlab R2013a
O42 - Logiciel: WinRAR 5.21 (64-Bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Lenovo Rescue System - (.CyberLink Corp..) [HKLM][64Bits] -- {46F4D124-20E5-4D12-BE52-EC177A7A4B42}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Office 15 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008F-0000-1000-0000000FF1CE}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {93F2A022-6C37-48B8-B241-FFABD9F60C30}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {C4123106-B685-48E6-B9BD-E4F911841EB4}
O42 - Logiciel: Apple Application Support (64-Bit) - (.Apple Inc..) [HKLM][64Bits] -- {D7B824DE-DA32-4772-9E5E-39C5158136A7}
O42 - Logiciel: Shared C Run-time for x64 - (.McAfee.) [HKLM][64Bits] -- {EF79C448-6946-4D71-8134-03407888C054}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: DC++ (remove only) - (...) [HKLM][64Bits] -- DC++
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Lenovo Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Lenovo Rescue System - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}
O42 - Logiciel: Malwarebytes Anti-Malware Version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Mozilla Firefox 38.0.5 (x86 de) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 38.0.5 (x86 de)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: National Instruments - Software - (.National Instruments.) [HKLM][64Bits] -- NI Uninstaller
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM][64Bits] -- Picasa 3
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
O42 - Logiciel: Adobe Photoshop CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {15FEDA5F-141C-4127-8D7E-B962D1742728}
O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM][64Bits] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E}
O42 - Logiciel: Brother MFL-Pro Suite DCP-J140W - (.Brother Industries, Ltd..) [HKLM][64Bits] -- {2FF959E3-FFE4-46C4-96DA-03F26BCFEFCC}
O42 - Logiciel: CyberLink PowerDVD 14 - (.CyberLink Corp..) [HKLM][64Bits] -- {32C8E300-BDB4-4398-92C2-E9B7D8A233DB}
O42 - Logiciel: Lenovo Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Office 15 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0000-0000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0407-0000-0000000FF1CE}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: PDF Settings CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A78FE97A-C0C8-49CE-89D0-EDD524A17392}
O42 - Logiciel: Adobe Acrobat DC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-1033-FFFF-7760-0C0F074E4100}
O42 - Logiciel: Apple Application Support (32-Bit) - (.Apple Inc..) [HKLM][64Bits] -- {AFA1153A-F547-409B-B837-3A0D6C5A3FEC}
O42 - Logiciel: Driver & Application Installation - (.Lenovo.) [HKLM][64Bits] -- {BFECCF2A-F094-4066-8BFA-29CCBB7F6602}
O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
---\\ HKCU & HKLM Software Keys (67) - 3s
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\Brother
HKLM\SOFTWARE\Wow6432Node\Brother Industries, Ltd.
HKLM\SOFTWARE\Wow6432Node\Business Objects
HKLM\SOFTWARE\Wow6432Node\Cadence Design Systems
HKLM\SOFTWARE\Wow6432Node\CyberLink
HKLM\SOFTWARE\Wow6432Node\DC++
HKLM\SOFTWARE\Wow6432Node\DivXNetworks
HKLM\SOFTWARE\Wow6432Node\ej-technologies
HKLM\SOFTWARE\Wow6432Node\FLEXlm License Manager
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\Innovative Solutions
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Lenovo
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\MAXSOFT-OCRON
HKLM\SOFTWARE\Wow6432Node\MicroQuill
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\National Instruments
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\ParetoLogic =>PUP.Optional.Paretologic
HKLM\SOFTWARE\Wow6432Node\SRS Labs
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\Brother
HKCU\SOFTWARE\CyberLink
HKCU\SOFTWARE\ej-technologies
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Innovative Solutions
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Lake
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\LogiShrd
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Mathworks
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\National Instruments
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\OrCAD
HKCU\SOFTWARE\ParetoLogic =>PUP.Optional.Paretologic
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\PSpice
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Remo Software
HKCU\SOFTWARE\The Silicon Realms Toolworks
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
---\\ Inhalt der Ordner Programme, ProgramFiles, ProgramData, AppData (O43) (172) - 4s
O43 - CFD: 2015/07/06 01:11:54 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2015/07/06 01:10:09 - [] D -- C:\Program Files (x86)\Adobe Media Player
O43 - CFD: 2015/06/06 00:15:39 - [] D -- C:\Program Files (x86)\Apple Software Update
O43 - CFD: 2015/06/06 00:15:30 - [] D -- C:\Program Files (x86)\Bonjour
O43 - CFD: 2015/06/23 17:13:47 - [] D -- C:\Program Files (x86)\Brother
O43 - CFD: 2015/06/23 17:13:43 - [] D -- C:\Program Files (x86)\Browny02
O43 - CFD: 2015/07/06 01:08:17 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2015/06/23 17:13:41 - [] D -- C:\Program Files (x86)\ControlCenter4
O43 - CFD: 2015/06/06 00:53:39 - [] D -- C:\Program Files (x86)\Cyberlink
O43 - CFD: 2015/06/06 00:29:09 - [] D -- C:\Program Files (x86)\DC++
O43 - CFD: 2015/06/12 21:30:53 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2015/07/07 17:37:29 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2015/06/08 17:51:06 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/07/02 16:01:38 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2015/06/06 00:15:51 - [] D -- C:\Program Files (x86)\iTunes
O43 - CFD: 2015/06/09 23:42:22 - [] D -- C:\Program Files (x86)\Lenovo
O43 - CFD: 2015/06/28 21:38:47 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 2015/06/06 01:03:21 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2015/07/02 18:29:24 - [] D -- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 2015/06/23 02:22:46 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/07/02 16:01:38 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/06/06 00:19:39 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2015/06/23 02:46:33 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2013/06/10 17:01:07 - [] D -- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 2015/07/02 16:10:24 - [] D -- C:\Program Files (x86)\National Instruments
O43 - CFD: 2015/06/06 00:56:17 - [] D -- C:\Program Files (x86)\NSIS Uninstall Information
O43 - CFD: 2015/06/23 02:46:33 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2015/06/07 14:59:22 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 2015/05/23 19:07:46 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2015/06/23 02:22:47 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2015/05/23 19:07:46 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2015/05/23 15:06:48 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 2015/05/23 15:06:45 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2015/05/23 19:07:46 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2015/05/23 15:06:48 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2015/05/23 15:06:45 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2015/05/23 15:06:45 - [] SD -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 2015/05/23 15:06:49 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/05/23 19:12:38 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/05/23 15:06:49 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/07/06 01:10:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
O43 - CFD: 2015/06/23 17:14:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
O43 - CFD: 2015/07/07 17:37:20 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cadence
O43 - CFD: 2015/06/24 16:20:51 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 2015/06/23 02:27:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 14
O43 - CFD: 2015/06/23 02:27:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DC++
O43 - CFD: 2015/06/23 02:27:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/07/02 19:03:01 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 2015/07/07 17:35:23 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JKI
O43 - CFD: 2015/06/23 02:27:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
O43 - CFD: 2015/06/23 02:27:16 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Rescue System
O43 - CFD: 2015/05/23 15:06:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/06/28 21:38:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 2015/07/02 20:12:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB
O43 - CFD: 2015/06/23 02:27:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 2015/07/02 16:00:23 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2015/07/02 16:11:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\National Instruments
O43 - CFD: 2015/06/23 02:27:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
O43 - CFD: 2015/07/02 16:10:29 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2015/05/23 15:06:49 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2015/05/23 19:12:36 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/06/23 02:27:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2015/07/02 19:03:01 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/07/06 02:00:02 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2013/06/06 14:57:19 - [0] SHD -- C:\ProgramData\Anwendungsdaten
O43 - CFD: 2015/06/06 00:15:37 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2015/06/06 00:15:50 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 2015/05/23 15:39:56 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/06/07 01:56:26 - [] D -- C:\ProgramData\Brother
O43 - CFD: 2015/05/23 15:06:45 - [0] D -- C:\ProgramData\Comms
O43 - CFD: 2015/06/23 17:13:41 - [] D -- C:\ProgramData\ControlCenter4
O43 - CFD: 2015/06/09 23:42:21 - [] D -- C:\ProgramData\CyberLink
O43 - CFD: 2015/05/23 15:39:56 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2015/05/23 15:39:56 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2013/06/06 14:57:19 - [0] SHD -- C:\ProgramData\Dokumente
O43 - CFD: 2015/06/06 00:16:02 - [] D -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
O43 - CFD: 2013/06/06 15:01:04 - [] D -- C:\ProgramData\eBay
O43 - CFD: 2015/06/18 15:56:39 - [] D -- C:\ProgramData\Innovative Solutions
O43 - CFD: 2015/06/06 00:53:28 - [] D -- C:\ProgramData\install_clap
O43 - CFD: 2015/07/07 17:35:27 - [] D -- C:\ProgramData\JKI
O43 - CFD: 2015/06/18 15:21:59 - [] D -- C:\ProgramData\Licenses
O43 - CFD: 2015/06/08 19:41:57 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2015/06/23 02:36:42 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/06/09 20:57:33 - [] D -- C:\ProgramData\Microsoft OneDrive
O43 - CFD: 2015/06/06 00:19:39 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2015/07/02 18:36:58 - [] D -- C:\ProgramData\National Instruments
O43 - CFD: 2013/06/06 13:36:22 - [] D -- C:\ProgramData\OneKey Recovery
O43 - CFD: 2015/06/06 00:56:25 - [] D -- C:\ProgramData\PDVD
O43 - CFD: 2015/06/09 20:30:52 - [] D -- C:\ProgramData\PRICache
O43 - CFD: 2015/07/07 18:51:17 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 2015/06/24 15:31:55 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2015/07/07 17:32:52 - [] D -- C:\ProgramData\sPlan70(Demo)
O43 - CFD: 2015/05/23 15:39:56 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2013/06/06 14:57:19 - [0] SHD -- C:\ProgramData\Startmenü
O43 - CFD: 2015/06/06 00:57:31 - [] D -- C:\ProgramData\SUPPORTDIR
O43 - CFD: 2015/06/18 15:57:43 - [] AD -- C:\ProgramData\Temp
O43 - CFD: 2015/05/23 15:39:56 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/06/09 20:58:08 - [] D -- C:\ProgramData\Users
O43 - CFD: 2015/05/23 15:41:15 - [] D -- C:\ProgramData\USOPrivate
O43 - CFD: 2015/07/07 19:27:49 - [] D -- C:\ProgramData\USOShared
O43 - CFD: 2013/06/06 14:57:19 - [0] SHD -- C:\ProgramData\Vorlagen
O43 - CFD: 2015/07/06 01:11:34 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2015/07/06 01:08:17 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 2015/06/16 22:44:42 - [] D -- C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 2015/06/18 15:56:35 - [] D -- C:\Program Files (x86)\Common Files\Innovative Solutions
O43 - CFD: 2015/06/23 02:14:18 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 2015/06/23 02:22:46 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 2015/07/02 16:11:43 - [] D -- C:\Program Files (x86)\Common Files\OPC Foundation
O43 - CFD: 2015/05/23 15:06:48 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2015/05/23 19:07:46 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2015/07/06 02:27:07 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\Adobe
O43 - CFD: 2015/07/06 02:14:04 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\Adobe Mini Bridge CS5
O43 - CFD: 2015/06/16 22:44:43 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\Apple Computer
O43 - CFD: 2015/06/29 16:35:55 - [] RD -- C:\Users\Hamza Bo\AppData\Roaming\Brother
O43 - CFD: 2015/07/06 04:23:45 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O43 - CFD: 2015/06/06 01:08:27 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\CyberLink
O43 - CFD: 2015/07/02 18:54:46 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\DriverCure =>PUP.Optional.Paretologic
O43 - CFD: 2015/06/08 18:43:29 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\Identities
O43 - CFD: 2015/06/23 17:12:13 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\InstallShield
O43 - CFD: 2015/07/03 00:08:56 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\LibreOffice
O43 - CFD: 2015/06/05 23:57:21 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\Macromedia
O43 - CFD: 2015/07/02 20:15:56 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\MathWorks
O43 - CFD: 2015/07/02 21:01:02 - [] SD -- C:\Users\Hamza Bo\AppData\Roaming\Microsoft
O43 - CFD: 2015/06/06 00:19:54 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\Mozilla
O43 - CFD: 2015/07/02 18:54:45 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\ParetoLogic =>PUP.Optional.Paretologic
O43 - CFD: 2015/06/18 15:21:56 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\Remo
O43 - CFD: 2015/06/18 15:22:33 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\Remo MORE
O43 - CFD: 2015/06/18 15:22:29 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\Remo Suite
O43 - CFD: 2015/07/06 02:14:04 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
O43 - CFD: 2015/07/02 20:16:25 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\Subversion
O43 - CFD: 2015/06/15 22:19:05 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\vlc
O43 - CFD: 2015/06/06 01:08:35 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\WebApp
O43 - CFD: 2015/06/06 00:58:22 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\WinRAR
O43 - CFD: 2015/07/06 00:54:34 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\yWorks
O43 - CFD: 2015/07/07 20:41:33 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\ZHP
O43 - CFD: 2015/07/07 16:20:02 - [] D -- C:\Users\Hamza Bo\AppData\Local\ActiveSync
O43 - CFD: 2015/07/07 02:00:04 - [] D -- C:\Users\Hamza Bo\AppData\Local\Adobe
O43 - CFD: 2015/06/23 02:20:11 - [0] SHD -- C:\Users\Hamza Bo\AppData\Local\Anwendungsdaten
O43 - CFD: 2015/06/06 00:15:39 - [] D -- C:\Users\Hamza Bo\AppData\Local\Apple
O43 - CFD: 2015/06/10 23:52:13 - [] D -- C:\Users\Hamza Bo\AppData\Local\Apple Computer
O43 - CFD: 2015/06/09 21:00:07 - [] D -- C:\Users\Hamza Bo\AppData\Local\Comms
O43 - CFD: 2015/06/06 00:56:20 - [] D -- C:\Users\Hamza Bo\AppData\Local\CyberLink
O43 - CFD: 2015/06/07 02:31:06 - [] D -- C:\Users\Hamza Bo\AppData\Local\Diagnostics
O43 - CFD: 2015/06/09 20:59:18 - [] D -- C:\Users\Hamza Bo\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2015/06/09 21:03:46 - [0] SHD -- C:\Users\Hamza Bo\AppData\Local\EmieBrowserModeList
O43 - CFD: 2015/06/09 21:03:46 - [0] SHD -- C:\Users\Hamza Bo\AppData\Local\EmieSiteList
O43 - CFD: 2015/06/09 21:03:46 - [0] SHD -- C:\Users\Hamza Bo\AppData\Local\EmieUserList
O43 - CFD: 2015/06/09 23:03:51 - [] D -- C:\Users\Hamza Bo\AppData\Local\GameDVR
O43 - CFD: 2015/06/12 21:31:03 - [] D -- C:\Users\Hamza Bo\AppData\Local\Google
O43 - CFD: 2015/06/18 16:16:57 - [] D -- C:\Users\Hamza Bo\AppData\Local\Innovative Solutions
O43 - CFD: 2015/06/06 00:24:35 - [] D -- C:\Users\Hamza Bo\AppData\Local\Macromedia
O43 - CFD: 2015/06/28 20:35:57 - [] D -- C:\Users\Hamza Bo\AppData\Local\Microsoft
O43 - CFD: 2015/06/06 00:19:54 - [] D -- C:\Users\Hamza Bo\AppData\Local\Mozilla
O43 - CFD: 2015/07/02 16:16:21 - [] D -- C:\Users\Hamza Bo\AppData\Local\National Instruments
O43 - CFD: 2015/06/09 20:56:27 - [0] D -- C:\Users\Hamza Bo\AppData\Local\NetworkTiles
O43 - CFD: 2015/06/24 15:28:08 - [] D -- C:\Users\Hamza Bo\AppData\Local\Packages
O43 - CFD: 2015/06/05 23:58:26 - [] D -- C:\Users\Hamza Bo\AppData\Local\Power2Go
O43 - CFD: 2015/06/08 19:41:46 - [] D -- C:\Users\Hamza Bo\AppData\Local\Programs
O43 - CFD: 2015/06/13 21:00:06 - [] D -- C:\Users\Hamza Bo\AppData\Local\Publishers
O43 - CFD: 2015/06/09 21:02:59 - [] D -- C:\Users\Hamza Bo\AppData\Local\Spartan
O43 - CFD: 2015/07/07 20:41:24 - [] D -- C:\Users\Hamza Bo\AppData\Local\Temp
O43 - CFD: 2015/06/23 02:20:11 - [0] SHD -- C:\Users\Hamza Bo\AppData\Local\Temporary Internet Files
O43 - CFD: 2015/06/09 20:55:57 - [] D -- C:\Users\Hamza Bo\AppData\Local\TileDataLayer
O43 - CFD: 2015/06/23 02:20:11 - [0] SHD -- C:\Users\Hamza Bo\AppData\Local\Verlauf
O43 - CFD: 2015/06/06 01:02:31 - [] D -- C:\Users\Hamza Bo\AppData\Local\VirtualStore
O43 - CFD: 2015/06/23 02:21:17 - [] RD -- C:\Users\Hamza Bo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/06/23 03:25:30 - [] RD -- C:\Users\Hamza Bo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/06/23 03:25:39 - [] RD -- C:\Users\Hamza Bo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/06/23 02:21:17 - [] D -- C:\Users\Hamza Bo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/06/23 03:25:39 - [] RD -- C:\Users\Hamza Bo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2015/06/23 02:27:16 - [] RD -- C:\Users\Hamza Bo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2015/07/02 19:03:01 - [0] D -- C:\Users\Hamza Bo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
---\\ Liste der Treiber des Systems (SDL) (O58) (54) - 2s
O58 - SDL:2015/05/23 14:51:48 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [109032]
O58 - SDL:2015/05/23 14:51:48 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135592]
O58 - SDL:2015/05/23 14:51:48 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83432]
O58 - SDL:2015/05/23 14:51:48 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259560]
O58 - SDL:2015/05/23 14:51:48 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [27112]
O58 - SDL:2015/05/23 14:51:48 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [132072]
O58 - SDL:2015/05/23 14:51:48 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [17624]
O58 - SDL:2015/05/23 14:51:47 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [531432]
O58 - SDL:2015/05/23 14:51:47 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3437032]
O58 - SDL:2012/10/03 16:14:56 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys [33240]
O58 - SDL:2012/07/02 15:16:02 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\HECIx64.sys [62784]
O58 - SDL:2015/05/23 14:51:48 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64488]
O58 - SDL:2015/05/23 14:51:26 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128]
O58 - SDL:2015/05/23 14:51:26 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [122608]
O58 - SDL:2015/05/23 14:51:48 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673256]
O58 - SDL:2015/05/23 14:51:48 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412136]
O58 - SDL:2015/05/23 14:51:53 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [424936]
O58 - SDL:2015/06/09 21:15:36 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [3775416]
O58 - SDL:2012/06/19 07:40:50 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\WINDOWS\System32\drivers\IntcDAud.sys [342528]
O58 - SDL:2014/08/01 22:18:33 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\iwdbus.sys [27032]
O58 - SDL:2015/05/23 14:51:51 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [109032]
O58 - SDL:2015/05/23 14:51:51 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [104936]
O58 - SDL:2015/05/23 14:51:52 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [99304]
O58 - SDL:2015/05/23 14:51:52 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82920]
O58 - SDL:2015/06/18 08:41:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [25816]
O58 - SDL:2015/06/18 08:41:44 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [109272]
O58 - SDL:2015/07/02 19:07:31 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [113880]
O58 - SDL:2015/05/23 14:51:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59880]
O58 - SDL:2015/05/23 14:51:53 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575976]
O58 - SDL:2015/05/23 14:51:53 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [705512]
O58 - SDL:2015/05/23 14:51:53 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63976]
O58 - SDL:2015/06/18 08:42:02 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\WINDOWS\System32\drivers\mwac.sys [64216]
O58 - SDL:2015/05/23 14:51:53 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [76264]
O58 - SDL:2015/05/23 14:51:53 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150504]
O58 - SDL:2015/05/23 14:51:53 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166376]
O58 - SDL:2015/05/23 14:51:53 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58344]
O58 - SDL:2015/05/23 14:51:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [58856]
O58 - SDL:2015/01/31 15:11:46 A . (.Windows (R) Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) -- C:\WINDOWS\System32\drivers\rsblk.sys [56000]
O58 - SDL:2009/02/12 15:11:26 A . (.EldoS Corporation - RawDisk Driver. Allows write access to file.) -- C:\WINDOWS\System32\drivers\rsdrvx64.sys [26024]
O58 - SDL:2015/05/23 14:51:53 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.40 64-bit Dri.) -- C:\WINDOWS\System32\drivers\rt640x64.sys [587264]
O58 - SDL:2015/06/22 21:01:34 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys [4477696]
O58 - SDL:2015/06/09 20:58:33 A . (.Realsil Semiconductor Corporation - RTS USB READER Driver.) -- C:\WINDOWS\System32\drivers\RtsUer.sys [402960]
O58 - SDL:2012/06/15 13:50:46 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\WINDOWS\System32\drivers\RtsUVStor.sys [315536]
O58 - SDL:2015/05/23 14:51:28 A . (.Realtek Semiconductor Corporation - Realtek PCIE NDIS Driver 30382.) -- C:\WINDOWS\System32\drivers\rtwlane.sys [3558104]
O58 - SDL:2015/05/23 14:51:53 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [45032]
O58 - SDL:2015/05/23 14:51:53 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81896]
O58 - SDL:2015/05/23 14:51:53 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31208]
O58 - SDL:2015/05/23 14:52:56 A . (...) -- C:\WINDOWS\System32\drivers\Udecx.sys [44032]
O58 - SDL:2012/06/19 05:25:22 A . (.Advanced Micro Devices - AMD USB Filter Driver.) -- C:\WINDOWS\System32\drivers\usbfilter.sys [57000]
O58 - SDL:2015/05/23 14:51:54 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166888]
O58 - SDL:2015/05/23 14:51:54 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305640]
O58 - SDL:2015/05/23 14:51:53 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [27112]
O58 - SDL:2015/05/23 14:51:53 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [59368]
O58 - SDL:2012/06/13 17:10:32 A . (."CyberLink - Cyberlink Virtual Disk Driver.) -- C:\WINDOWS\System32\drivers\wsvd.sys [102376]
---\\ Neueste Dateien geändert oder erstellt (Benutzer) (O61) (7) - 75s
O61 - LFC: 2015/07/02 18:37:01 A . (..) -- C:\Users\Hamza Bo\Documents\LabVIEW Data\LVRSS\14.0.1\2fbb4440-9643-11dd-ad8b-0800200c9a67.bin [4582]
O61 - LFC: 2015/07/02 19:34:19 A . (..) -- C:\Users\Hamza Bo\Documents\LabVIEW Data\Icon Templates\Templates.14.0.1.bin [6736]
O61 - LFC: 2015/07/02 19:34:21 A . (..) -- C:\Users\Hamza Bo\Documents\LabVIEW Data\Glyphs\Glyphs.14.0.1.bin [998800]
O61 - LFC: 2015/07/02 19:44:31 A . (..) -- C:\Users\Hamza Bo\Documents\LabVIEW Data\Dependencies\NILV1401Deps_National InstrumentsLabVIEW 2014.bin [195854]
O61 - LFC: 2015/07/02 18:24:13 N . (..) -- C:\Users\Hamza Bo\Desktop\Alles\NI.LabVIEW.2014.SP1.v14.0.1.Incl.Keygen-AMPED\amped\crack\lc.exe [704512]
O61 - LFC: 2015/07/07 16:26:32 A . (..) -- C:\Users\Hamza Bo\AppData\Local\Microsoft\Internet Explorer\UrlBlock\urlblock_635718420290903895.bin [49305]
O61 - LFC: 2015/07/07 18:10:33 A . (..) -- C:\Users\Hamza Bo\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
---\\ Verbände Shell Laichen (O67) (10) - 0s
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.scr>
O67 - Shell Spawning: <.html>
---\\ Startmenü Internet (SMI) (O68) (12) - 0s
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
---\\ Suche 'Ansteckung in Internet-Browsern (SBI) (O69) (4) - 2s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {3DAC8963-81C5-46F9-AAE3-993617663D98} - (Google) - http://www.google.com/
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - http://www.google.com/
O69 - SBI: SearchScopes [HKCU] {E5292232-D977-4267-8D61-B0B80045F962} - (Bing) - http://www.bing.com/
---\\ Liste Dateien Crack & Keygen (CKF) (O82) (1) - 0s
O82 - LFC: 2015/07/02 18:24:13 N . (..) -- C:\Users\Hamza Bo\Desktop\Alles\NI.LabVIEW.2014.SP1.v14.0.1.Incl.Keygen-AMPED\amped\crack\lc.exe [704512] =>.Crack,Keygen
---\\ Liste den Dienststart von Svchost (SSS) (O83) (42) - 2s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard-Zertifikatpropagierungs.) -- C:\WINDOWS\System32\certprop.dll [192000]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard-Zertifikatpropagierungs.) -- C:\WINDOWS\System32\certprop.dll [192000]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Serverdienst-DLL.) -- C:\WINDOWS\system32\srvsvc.dll [283648]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Gruppenrichtlinienclient.) -- C:\WINDOWS\System32\gpsvc.dll [1334272]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE-Erweiterung.) -- C:\WINDOWS\System32\ikeext.dll [958976]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Dienst, der IPv6-Konnektivität über ein IPv.) -- C:\WINDOWS\System32\iphlpsvc.dll [949760]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL für sekundären Anmeldedienst.) -- C:\WINDOWS\system32\seclogon.dll [31232]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Anwendungsinformationsdienst.) -- C:\WINDOWS\System32\appinfo.dll [93696]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI-Ermittlungsdienst.) -- C:\WINDOWS\system32\iscsiexe.dll [151040]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost-Dienst.) -- C:\WINDOWS\System32\eapsvc.dll [112640]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Aufgabenplanungsdienst.) -- C:\WINDOWS\system32\schedsvc.dll [1166848]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [227840]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computersuchdienst-DLL.) -- C:\WINDOWS\System32\browser.dll [133120]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [324608]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remotedesktop-Konfigurationsdienst.) -- C:\Windows\System32\SessEnv.dll [370688]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problemberichte und -lösungen.) -- C:\WINDOWS\System32\wercplsupport.dll [95744]
O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\system32\dcpsvc.dll [196096]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft®-Kontodienst.) -- C:\WINDOWS\system32\wlidsvc.dll [1789440]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft-Netzwerkkonnektivitäts-Assistent.) -- C:\WINDOWS\System32\ncasvc.dll [167424]
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Netzwerkeinrichtungsdienst.) -- C:\WINDOWS\System32\NetSetupSvc.dll [182272]
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1016320]
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Updatesitzung für Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [337408]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE-Dienst.) -- C:\WINDOWS\System32\bdesvc.dll [359424]
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [63488]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - RAS-Verwaltung für automatisches Wählen.) -- C:\WINDOWS\System32\rasauto.dll [106496]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - RAS-Verbindungsverwaltung.) -- C:\WINDOWS\System32\rasmans.dll [697344]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamischer Schnittstellen-Manager.) -- C:\Windows\System32\mprdim.dll [498688]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Benachrichtigungsdienst für Systemereigniss.) -- C:\WINDOWS\System32\sens.dll [72192]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT-Hilfskomponenten.) -- C:\WINDOWS\System32\ipnathlp.dll [451072]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft(R) Windows(R) Telefonieserver.) -- C:\Windows\System32\tapisrv.dll [311808]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update-Agent.) -- C:\WINDOWS\system32\wuaueng.dll [2193408]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Intelligenter Hintergrundübertragungsdienst.) -- C:\WINDOWS\System32\qmgr.dll [1177088]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows-Shelldienste-DLL.) -- C:\Windows\System32\shsvcs.dll [592896]
O83 - Search Svchost Services: WalletSvc (WalletSvc) . (.Microsoft Corporation - Brieftaschen-Dienst.) -- C:\WINDOWS\system32\WalletService.dll [485376]
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation-Dienst.) -- C:\Windows\System32\lfsvc.dll [32768]
O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\WINDOWS\system32\RDXService.dll [876032]
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [803840]
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows-Verwaltungsdienst-DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [270848]
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - Benutzer-Manager.) -- C:\WINDOWS\System32\usermgr.dll [711680]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Geräteinstallations-Manager.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [204288]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows-Shelldesigndienste-DLL.) -- C:\WINDOWS\system32\themeservice.dll [59392]
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1158656]
---\\ Allgemeinzustand der Dienste nicht Microsoft (GSR) (SR = Running, SS = Stopped) (33) - 12s
SS - Disabled [2015/03/07 00:22:00] [ 81088] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - Disabled [2015/06/13 20:58:48] [ 268976] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - Disabled [2015/01/19 23:30:38] [ 77128] Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - Disabled [2011/08/30 23:05:32] [ 462184] Dienst "Bonjour" (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - Disabled [2012/06/05 15:56:28] [ 266240] BrYNSvc (BrYNSvc) . (.Brother Industries, Ltd..) - C:\Program Files (x86)\Browny02\BrYNSvc.exe
SS - Disabled [2015/06/09 21:15:38] [ 281488] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe
SS - Disabled [2015/06/12 21:30:40] [ 144200] Google Update-Dienst (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - Disabled [2015/06/12 21:30:40] [ 144200] Google Update-Dienst (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - Disabled [2015/02/13 13:08:44] [ 136120] Google Updater Service (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - Disabled [// ::] [ 319376] Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\WINDOWS\system32\igfxCUIService.exe
SS - Disabled [2015/04/07 00:28:50] [ 643880] iPod Service (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - Disabled [2014/12/02 07:53:40] [ 695136] NI Citadel 4 Service (LkCitadelServer) . (.National Instruments, Inc..) - C:\Windows\SysWOW64\lkcitdl.exe
SS - Disabled [2014/06/09 00:55:10] [ 53032] NI PSP Service Locator (lkClassAds) . (.National Instruments Corporation.) - C:\Windows\SysWOW64\lkads.exe
SS - Disabled [2014/06/09 01:06:20] [ 63280] NI Time Synchronization (lkTimeSync) . (.National Instruments Corporation.) - C:\Windows\SysWOW64\lktsrv.exe
SS - Disabled [2015/06/18 08:39:46] [ 1871160] (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SS - Disabled [2015/06/18 08:39:50] [ 1133880] (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SS - Disabled [2015/05/26 03:12:49] [ 148080] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - Disabled [2015/01/09 13:57:42] [ 84792] NI Configuration Manager (mxssvr) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\MAX\nimxs.exe
SS - Disabled [2014/11/21 11:35:48] [ 57184] NI Application Web Server (NIApplicationWebServer) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
SS - Disabled [2014/11/21 11:35:48] [ 80736] NI Application Web Server (64-bit) (NIApplicationWebServer64) . (.National Instruments Corporation.) - C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
SS - Disabled [2014/10/23 14:56:02] [ 569152] NI Authentication Service (niauth) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe
SS - Disabled [2014/06/09 01:18:42] [ 394544] NI Domain Service (NIDomainService) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
SS - Disabled [2010/08/02 10:00:00] [ 1427688] NI License Server (NILM License Manager) . (.Macrovision Corporation.) - C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe
SS - Disabled [2014/06/06 18:12:20] [ 320368] NI mDNS Responder Service (nimDNSResponder) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
SS - Disabled [2014/06/19 23:16:02] [ 177536] NI Network Discovery (NINetworkDiscovery) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
SS - Disabled [2014/06/06 10:31:08] [ 89928] NI Service Locator (NiSvcLoc) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
SS - Disabled [2014/11/21 11:35:48] [ 57168] NI System Web Server (NISystemWebServer) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
SS - Disabled [2014/06/10 14:37:56] [ 692040] NI Variable Engine (NITaggerService) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
SS - Disabled [2013/05/21 21:24:58] [ 172832] OpcEnum (OpcEnum) . (.OPC Foundation.) - C:\Windows\SysWOW64\Opcenum.exe
SS - Disabled [// ::] [ 1017344] @C:\WINDOWS\system32\SensorDataService.exe,-101 (SensorDataService) . (...) - C:\WINDOWS\System32\SensorDataService.exe
SS - Demand [2010/02/19 13:37:14] [ 517096] (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
S1 - Demand [2015/06/18 15:21:19] [ 14800] WiseHDInfo (WiseHDInfo) . (.wisecleaner.com.) - C:\Windows\WiseHDInfo64.dll
S1 - Auto [2014/10/16 09:11:30] [ 32456] Power Control [2015/06/06 00:59:18] ({C5F942FD-1110-4664-86CE-0C6BDA305235}) . (.CyberLink Corp..) - C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl
---\\ Zusätzliche Scan (O88) (5) - 0s
C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-h.bouroum@outlook.de =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\ParetoLogic =>PUP.Optional.Paretologic
HKCU\SOFTWARE\ParetoLogic =>PUP.Optional.Paretologic
C:\Users\Hamza Bo\AppData\Roaming\DriverCure =>PUP.Optional.Paretologic
C:\Users\Hamza Bo\AppData\Roaming\ParetoLogic =>PUP.Optional.Paretologic
---\\ Zusammenfassung der Erkennungen gefunden auf Ihrer workstation (2) - 0s
http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/blog =>PUP.Optional.Paretologic
~ End of the scan, 80682 items in 125 seconds (625)(1)()