| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Firewall lässt sich nicht mehr starten Fehlercode 0x8007042cWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
06.05.2015, 14:07
| #1 |
| |  Firewall lässt sich nicht mehr starten Fehlercode 0x8007042c Guten Tag, Ich habe ein Problem entdeckt nähmlich dass ich meine Windows Firewall nicht mehr starten kann. Ich habe schon auf den Microsoft Supportseiten die Schritte durchgemacht aber es funktioniert immer noch nicht. Habe dann mit Malwarebytes den Computer gescannt und es wurde ein Trojaner gefunden der gelöscht wurde. Das Problem besteht aber leider weiter. Ich brauch Hilfe ! Mit freundlichen Grüßen Sinon |
|
06.05.2015, 14:07
| #2 |
| /// the machine /// TB-Ausbilder    | Firewall lässt sich nicht mehr starten Fehlercode 0x8007042c hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
06.05.2015, 14:17
| #3 |
| | Firewall lässt sich nicht mehr starten Fehlercode 0x8007042c FRST
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015 Ran by Tim (administrator) on TIM-PC on 06-05-2015 15:09:40 Running from C:\Users\Tim\Downloads Loaded Profiles: Tim & Mutter & (Available profiles: Tim & Mutter) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 9 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Windows\SysWOW64\PnkBstrB.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe () C:\Users\Tim\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Acer Group) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Akamai Technologies, Inc.) C:\Users\Tim\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\Tim\AppData\Local\Akamai\netsession_win.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDWebCam.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMovieViewer.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe (Acer Incorporated) C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe (Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (GamersFirst) C:\Users\Tim\AppData\Local\GamersFirst\LIVE!\Live.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe () C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe (Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Sony Corporation) C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe (ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Acer Incorporated) C:\Program Files (x86)\Packard Bell\Software Suite SE\SEDevDetect.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Creative Technology Ltd.) C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe (Valve Corporation) D:\Steam\Steam.exe (Valve Corporation) D:\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\CTHKSvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Valve Corporation) D:\Steam\bin\steamwebhelper.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11474024 2010-10-05] (Realtek Semiconductor) HKLM\...\Run: [Cm106Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-14] (Intel Corporation) HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe [611872 2010-08-04] () HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.) HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1557160 2012-04-09] (Ask) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG) HKLM-x32\...\Run: [ROC_ROC_JULY_P1] => "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 HKLM-x32\...\Run: [ROC_ROC_NT] => "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.) HKLM-x32\...\Run: [Reader Application Helper] => C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2013-03-18] (Sony Corporation) HKLM-x32\...\Run: [RoccatKone+] => C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [557056 2013-10-25] (ROCCAT GmbH) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation) HKLM-x32\...\Run: [Sound Blaster Tactic3D Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe [2091008 2014-07-03] (Creative Technology Ltd) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG) HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] ATTENTION! ====> ZeroAccess? HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\Run: [Steam] => D:\Steam\steam.exe [2888384 2015-05-02] (Valve Corporation) HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Tim\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.) HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\Run: [Software Suite SE] => C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe [2275360 2009-09-29] (Acer Incorporated) HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [455392 2015-04-10] (Sony) HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-10-28] () HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.) HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\MountPoints2: {29bc1e75-6bb2-11e0-8c1c-806e6f6e6963} - E:\arun.exe HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\MountPoints2: {44861a00-38a3-11e2-b7b7-1078d2eab5cf} - H:\Startme.exe HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\MountPoints2: {469aff53-f626-11e3-891b-806e6f6e6963} - H:\XSManager.exe HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION! HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => D:\Steam\steam.exe [2888384 2015-05-02] (Valve Corporation) HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Akamai NetSession Interface] => C:\Users\Tim\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.) HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Software Suite SE] => C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe [2275360 2009-09-29] (Acer Incorporated) HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [455392 2015-04-10] (Sony) HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-10-28] () HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.) HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {29bc1e75-6bb2-11e0-8c1c-806e6f6e6963} - E:\arun.exe HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {44861a00-38a3-11e2-b7b7-1078d2eab5cf} - H:\Startme.exe HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {469aff53-f626-11e3-891b-806e6f6e6963} - H:\XSManager.exe HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ebbabdca-f100-11e1-97f1-1078d2eab5cf} - G:\setup.exe HKU\S-1-5-21-4287805056-2247546581-1725692130-1009\...\MountPoints2: {69157ac6-5122-11e3-9cc9-1078d2eab5cf} - H:\LGAutoRun.exe HKU\S-1-5-21-4287805056-2247546581-1725692130-1009\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Packard Bell.scr [456224 2010-07-29] () HKU\S-1-5-21-4287805056-2247546581-1725692130-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {69157ac6-5122-11e3-9cc9-1078d2eab5cf} - H:\LGAutoRun.exe HKU\S-1-5-21-4287805056-2247546581-1725692130-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Packard Bell.scr [456224 2010-07-29] () Startup: C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk [2012-10-16] ShortcutTarget: GamersFirst LIVE!.lnk -> C:\Users\Tim\AppData\Local\GamersFirst\LIVE!\Live.exe (GamersFirst) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = webssearches HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1407806947&from=wld&uid=WDCXWD10EARS-22Y5B1_WD-WCAV5M94984749847&q={searchTerms} HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1407806947&from=wld&uid=WDCXWD10EARS-22Y5B1_WD-WCAV5M94984749847&q={searchTerms} HKU\S-1-5-21-4287805056-2247546581-1725692130-1009\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland ? mit Hotmail Nachfolger Outlook und Messenger Skype HKU\S-1-5-21-4287805056-2247546581-1725692130-1009\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland ? mit Hotmail Nachfolger Outlook und Messenger Skype HKU\S-1-5-21-4287805056-2247546581-1725692130-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland ? mit Hotmail Nachfolger Outlook und Messenger Skype HKU\S-1-5-21-4287805056-2247546581-1725692130-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland ? mit Hotmail Nachfolger Outlook und Messenger Skype URLSearchHook: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=1454238500274019&q={searchTerms} SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=109&systemid=431&sr=0&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox SearchScopes: HKLM-x32 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = ${SEARCH_URL}{searchTerms} SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=1454238500274019&q={searchTerms} SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=109&systemid=431&sr=0&q={searchTerms} SearchScopes: HKLM-x32 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050 SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = SearchScopes: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001 -> DefaultScope {3A2BEB13-1BB8-40FD-A364-AAFE9BFBB29A} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=512435&p={searchTerms} SearchScopes: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1407806947&from=wld&uid=WDCXWD10EARS-22Y5B1_WD-WCAV5M94984749847&q={searchTerms} SearchScopes: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001 -> {3A2BEB13-1BB8-40FD-A364-AAFE9BFBB29A} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=512435&p={searchTerms} SearchScopes: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = SearchScopes: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = SearchScopes: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = SearchScopes: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = SearchScopes: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {3A2BEB13-1BB8-40FD-A364-AAFE9BFBB29A} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=512435&p={searchTerms} SearchScopes: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1407806947&from=wld&uid=WDCXWD10EARS-22Y5B1_WD-WCAV5M94984749847&q={searchTerms} SearchScopes: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {3A2BEB13-1BB8-40FD-A364-AAFE9BFBB29A} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=512435&p={searchTerms} SearchScopes: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = SearchScopes: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = SearchScopes: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = SearchScopes: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = SearchScopes: HKU\S-1-5-21-4287805056-2247546581-1725692130-1009 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKU\S-1-5-21-4287805056-2247546581-1725692130-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-10] (Oracle Corporation) BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-07] (Oracle Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: StumbleUpon -> {DB616CFF-D989-48A8-9C85-E2A8D56AB2CA} -> C:\Users\Tim\AppData\LocalLow\StumbleUpon\IE\StumbleUpon.dll [2011-11-22] (StumbleUpon Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-07] (Oracle Corporation) Toolbar: HKLM-x32 - ChatZum Toolbar - {37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1} - C:\Program Files (x86)\ChatZum Toolbar\tbunsiB6E5.tmp\tbcore3.dll [2012-11-15] () Toolbar: HKU\.DEFAULT -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKU\.DEFAULT -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001 -> No Name - {37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1} - No File Toolbar: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1} - No File DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) Winsock: Catalog5 01 mswsock.dll File Not found ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" Winsock: Catalog5 05 mswsock.dll File Not found ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll" Winsock: Catalog5-x64 01 mswsock.dll File Not found ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" Winsock: Catalog5-x64 05 mswsock.dll File Not found ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll" Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default FF NewTab: search.chatzum.com FF DefaultSearchEngine: Yahoo! FF DefaultSearchUrl: FF SelectedSearchEngine: Yahoo! FF Keyword.URL: hxxp://utils.chatzum.com/?url= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] () FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-10-10] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-02-20] () FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB) FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll [2013-11-12] (EA Digital Illusions CE AB) FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-07] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-05-07] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation) FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [2013-06-29] (Nexon) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-06-21] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-06-21] (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-10-28] (Pando Networks) FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc.) FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2013-03-18] (Sony Corporation) FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2012-06-29] (Sony Network Entertainment International LLC) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll [2013-07-16] () FF Plugin HKU\S-1-5-21-4287805056-2247546581-1725692130-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tim\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-27] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-4287805056-2247546581-1725692130-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-10-28] (Pando Networks) FF Plugin HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tim\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-27] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-10-28] (Pando Networks) FF SearchPlugin: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\searchplugins\chatzum.xml [2012-10-13] FF SearchPlugin: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\searchplugins\SearchTheWeb.xml [2012-04-06] FF SearchPlugin: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\searchplugins\Startpins.xml [2012-10-17] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2012-09-30] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml [2012-11-10] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\webssearches.xml [2014-08-12] FF Extension: No Name - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com [2014-11-02] FF Extension: Avira Browser Safety - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\Extensions\abs@avira.com [2015-01-16] FF Extension: Amazon-Icon - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\Extensions\amazon-icon@giga.de [2014-08-12] FF Extension: No Name - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\Extensions\crossriderapp2258@crossrider.com [2013-06-23] FF Extension: No Name - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\Extensions\crossriderapp3491@crossrider.com [2013-06-23] FF Extension: No Name - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\Extensions\ffxtlbra@softonic.com [2012-06-03] FF Extension: ccoNtiinuetosavey - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\Extensions\p.6hh@uyacthgta.co.uk [2013-06-23] FF Extension: No Name - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\Extensions\specialsavings@superfish.com [2012-04-06] FF Extension: StumbleUpon - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\Extensions\toolbar@stumbleupon.com [2012-05-14] FF Extension: QuickShare Widget - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\Extensions\{4ce84ad6-88cc-483b-871f-397ec28101aa} [2013-07-12] FF Extension: ChatZum Toolbar - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\Extensions\{ADFA33FD-16F5-4355-8504-DF4D664CFE83} [2013-06-23] FF Extension: DealPly - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}.xpi [2012-02-18] FF Extension: Hotspot Shield Helper (Please allow this installation) - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2012-06-04] FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2015-03-11] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] FF HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [specialsavings@superfish.com] - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles/95e71w6e.default\extensions\specialsavings@superfish.com FF Extension: No Name - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles/95e71w6e.default\extensions\specialsavings@superfish.com [2012-04-06] FF Extension: No Name - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [Not Found] StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-30] CHR Extension: (Google Drive) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-30] CHR Extension: (YouTube) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-30] CHR Extension: (Adblock Plus) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-24] CHR Extension: (Google Search) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-30] CHR Extension: (No Name) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp [2013-09-01] CHR Extension: (Avira Browser Safety) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-01-16] CHR Extension: (Bookmark Manager) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21] CHR Extension: (No Name) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2013-09-01] CHR Extension: (No Name) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan [2013-07-02] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13] CHR Extension: (Google Wallet) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21] CHR Extension: (No Name) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj [2013-09-01] CHR Extension: (No Name) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-08-12] CHR Extension: (Gmail) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-30] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [engeblojhfeingnjnfpiceofljnjpldp] - C:\Users\Tim\AppData\Local\CRE\engeblojhfeingnjnfpiceofljnjpldp.crx [Not Found] CHR HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [amfclgbdpgndipgoegfpkkgobahigbcl] - C:\Users\Tim\AppData\Local\Smartbar/Application\0Extension.crx [Not Found] CHR HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [engeblojhfeingnjnfpiceofljnjpldp] - C:\Users\Tim\AppData\Local\CRE\engeblojhfeingnjnfpiceofljnjpldp.crx [Not Found] CHR HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx [Not Found] CHR HKLM-x32\...\Chrome\Extension: [engeblojhfeingnjnfpiceofljnjpldp] - C:\Users\Tim\AppData\Local\CRE\engeblojhfeingnjnfpiceofljnjpldp.crx [Not Found] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] CHR HKLM-x32\...\Chrome\Extension: [ndkkhdppcfchlghnlhifennhcadbnfld] - C:\Users\Tim\AppData\Local\Temp\ccex.crx [Not Found] CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx [Not Found] CHR HKLM-x32\...\Chrome\Extension: [pgifblbjgdjhcelbanblbhkhmbnnmhfg] - C:\Users\Tim\AppData\LocalLow\StumbleUpon\CHROME\StumbleUpon.crx [2011-11-22] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-05] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2012-11-05] (Creative Labs) [File not signed] R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed] S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-11-01] (EasyAntiCheat Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation) R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4204272 2012-08-28] (INCA Internet Co., Ltd.) [File not signed] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-05-02] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2013-12-27] () R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2013-12-27] () S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-02-15] (Sony Corporation) [File not signed] R2 StumbleUponUpdater; C:\Users\Tim\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe [18432 2011-11-22] () [File not signed] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH) R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group) R2 vToolbarUpdater11.0.2; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe [932736 2012-04-29] () S2 wuauserv; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) S2 wuauserv; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation) S2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.) S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2012-07-04] (LG Electronics Inc.) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-04-18] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG) S2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-04] (Avira Operations GmbH & Co. KG) R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-04-18] () R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-05-06] (Malwarebytes Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.) S4 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105744 2012-05-02] (Trend Micro Inc.) R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2013-05-31] (Creative Technology Ltd.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-07-09] (Apple, Inc.) [File not signed] S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2011-03-31] (C-Media Electronics Inc) S3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.) S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X] S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X] S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-06 15:09 - 2015-05-06 15:10 - 00049634 _____ () C:\Users\Tim\Downloads\FRST.txt 2015-05-06 15:09 - 2015-05-06 15:09 - 02101760 _____ (Farbar) C:\Users\Tim\Downloads\FRST64.exe 2015-05-06 15:09 - 2015-05-06 15:09 - 00000000 ____D () C:\FRST 2015-05-06 14:48 - 2015-05-06 14:51 - 162818840 _____ (Microsoft Corporation) C:\Users\Tim\Downloads\msert.exe 2015-05-06 14:44 - 2015-05-06 14:44 - 01010176 _____ () C:\Users\Tim\Downloads\MicrosoftFixit50884.msi 2015-05-06 14:06 - 2015-05-06 14:06 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\ParadoxInteractive 2015-05-06 13:47 - 2015-05-06 13:53 - 00000000 ____D () C:\Users\Tim\Desktop\Privat Wichtig 2015-05-06 13:46 - 2015-05-06 13:46 - 00000000 ____D () C:\Users\Tim\Desktop\Zuhause wichtig 2015-05-02 16:05 - 2015-05-02 16:05 - 00453296 _____ () C:\Windows\Minidump\050215-16177-01.dmp 2015-05-02 15:29 - 2015-05-02 15:29 - 00000000 ____D () C:\Users\Tim\AppData\Local\GamersFirst LIVE! 2015-05-02 15:25 - 2015-05-02 15:25 - 00603160 _____ () C:\Windows\Minidump\050215-14118-01.dmp 2015-05-02 15:04 - 2015-05-02 15:04 - 00000000 ____D () C:\Users\Tim\Documents\Respawn 2015-05-02 15:04 - 2011-06-11 00:15 - 05601616 _____ (Microsoft Corporation) C:\Windows\system32\mfc100u.dll 2015-05-02 15:04 - 2011-06-11 00:15 - 05574984 _____ (Microsoft Corporation) C:\Windows\system32\mfc100.dll 2015-05-02 15:04 - 2011-06-11 00:15 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll 2015-05-02 15:04 - 2011-06-11 00:15 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll 2015-05-02 15:04 - 2010-03-18 14:27 - 00827744 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll 2015-05-02 10:26 - 2015-05-02 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall 2015-05-02 04:45 - 2015-05-02 04:52 - 00000000 ____D () C:\Users\Tim\AppData\Local\Origin 2015-05-02 04:40 - 2015-05-02 04:45 - 00000000 ____D () C:\Program Files (x86)\Origin 2015-05-02 04:40 - 2015-05-02 04:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2015-04-24 23:00 - 2015-04-24 23:00 - 00262144 _____ () C:\Windows\Minidump\042415-30357-01.dmp 2015-04-24 22:43 - 2015-04-24 22:43 - 00000000 ____D () C:\Users\Tim\AppData\Local\NVIDIA Corporation 2015-04-24 22:43 - 2015-03-28 05:44 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-04-24 22:43 - 2015-03-28 05:43 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-04-24 22:25 - 2015-04-24 22:25 - 00543400 _____ () C:\Windows\Minidump\042415-17565-01.dmp 2015-04-24 22:02 - 2015-04-24 22:02 - 00585544 _____ () C:\Windows\Minidump\042415-21933-01.dmp 2015-04-24 21:37 - 2015-04-24 21:37 - 00582584 _____ () C:\Windows\Minidump\042415-22089-01.dmp 2015-04-23 18:33 - 2015-04-23 18:33 - 00639104 _____ () C:\Windows\Minidump\042315-20794-01.dmp 2015-04-20 22:48 - 2015-04-20 22:48 - 00000000 _____ () C:\Windows\SysWOW64\sho4E5B.tmp 2015-04-17 19:16 - 2015-05-05 14:03 - 00000184 _____ () C:\Users\Tim\.packettracer 2015-04-17 19:16 - 2015-04-17 19:27 - 00000000 ____D () C:\Users\Tim\Cisco Packet Tracer 6.2sv 2015-04-17 19:15 - 2015-04-17 19:15 - 00001221 _____ () C:\Users\Tim\Desktop\Cisco Packet Tracer Student.lnk 2015-04-17 19:15 - 2015-04-17 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Packet Tracer Student 2015-04-17 19:15 - 2015-04-17 19:15 - 00000000 ____D () C:\Program Files (x86)\Cisco Packet Tracer 6.2sv 2015-04-12 17:27 - 2015-04-12 17:27 - 00000218 _____ () C:\Users\Tim\.recently-used.xbel 2015-04-11 04:23 - 2015-04-11 04:23 - 00005690 _____ () C:\Users\Tim\Documents\unturned backup synx.reg 2015-04-10 01:42 - 2015-04-10 01:42 - 00014764 _____ () C:\Users\Tim\Documents\unturned backup.reg 2015-04-09 16:11 - 2015-04-09 16:11 - 00001107 _____ () C:\Users\Public\Desktop\Avira.lnk ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-06 14:54 - 2011-08-25 07:29 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Skype 2015-05-06 14:53 - 2011-08-26 16:19 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-06 14:51 - 2011-10-16 12:31 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\TS3Client 2015-05-06 14:43 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-05-06 14:43 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-05-06 14:40 - 2013-01-23 15:16 - 00000000 ____D () C:\Users\Tim\AppData\Local\Updater3491 2015-05-06 14:40 - 2012-12-07 21:19 - 00000000 ____D () C:\Users\Tim\AppData\Local\VisualBeeExe 2015-05-06 14:40 - 2012-12-07 21:19 - 00000000 ____D () C:\ProgramData\VisualBee 2015-05-06 14:40 - 2012-11-15 22:55 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker 2015-05-06 14:40 - 2012-11-02 16:00 - 00000000 ____D () C:\Users\Tim\AppData\Local\CRE 2015-05-06 14:40 - 2012-10-26 21:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-05-06 14:40 - 2012-05-17 21:47 - 00000000 ____D () C:\Program Files\Web Assistant 2015-05-06 14:40 - 2012-04-06 23:17 - 00000000 ____D () C:\Program Files (x86)\SpecialSavings 2015-05-06 14:40 - 2012-03-28 16:47 - 00000000 ____D () C:\Program Files (x86)\Searchqu Toolbar 2015-05-06 14:32 - 2015-01-18 15:10 - 00000000 ____D () C:\Users\Tim\Downloads\Age Of Empires II HD [MULTI2][RELOADED][WwW.GamesTorrents.CoM] 2015-05-06 14:06 - 2014-11-01 15:12 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-05-06 14:06 - 2014-11-01 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-05-06 14:06 - 2014-11-01 15:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-05-06 14:06 - 2013-12-06 19:32 - 00001078 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-05-06 14:06 - 2013-04-20 16:46 - 00000000 ____D () C:\ProgramData\Package Cache 2015-05-06 14:06 - 2012-09-30 16:44 - 00113370 _____ () C:\Windows\WindowsUpdate.log 2015-05-06 14:06 - 2010-11-05 04:55 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-05-06 14:03 - 2013-08-29 22:57 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin 2015-05-06 13:54 - 2012-09-04 17:58 - 00000000 ____D () C:\Users\Tim\Desktop\Spiele 2015-05-06 13:53 - 2012-03-31 17:51 - 00000000 ____D () C:\Users\Tim\Desktop\bilder 2015-05-06 13:51 - 2012-04-20 21:54 - 00000000 ____D () C:\Users\Tim\Desktop\Meine musik 2015-05-06 13:41 - 2014-01-20 20:40 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames 2015-05-06 13:35 - 2011-10-22 17:42 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-05-05 20:56 - 2011-09-04 20:58 - 00000000 ____D () C:\Users\Tim\AppData\Local\CrashDumps 2015-05-05 18:59 - 2011-08-26 16:19 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-05 17:45 - 2012-06-22 17:31 - 00000000 ____D () C:\Users\Tim\AppData\Local\LogMeIn Hamachi 2015-05-05 14:27 - 2012-09-30 16:27 - 00191975 _____ () C:\Windows\setupact.log 2015-05-05 13:55 - 2015-01-16 15:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-05-05 13:52 - 2015-01-16 15:05 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-05-05 13:52 - 2015-01-16 15:05 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-05-04 16:09 - 2011-03-17 21:17 - 00710954 _____ () C:\Windows\system32\perfh007.dat 2015-05-04 16:09 - 2011-03-17 21:17 - 00155026 _____ () C:\Windows\system32\perfc007.dat 2015-05-04 16:09 - 2009-07-14 07:13 - 01653064 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-05-03 19:08 - 2013-03-11 16:31 - 00000000 ____D () C:\ProgramData\Origin 2015-05-03 14:22 - 2011-09-23 23:33 - 00000000 ____D () C:\Users\Tim\AppData\Local\PMB Files 2015-05-03 13:49 - 2013-08-16 22:02 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-05-03 13:49 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-03 05:20 - 2012-02-03 17:02 - 00009774 _____ () C:\Windows\WinInit.Ini 2015-05-02 16:10 - 2011-04-21 03:08 - 00000000 ____D () C:\ProgramData\Skype 2015-05-02 16:05 - 2015-04-05 06:12 - 455928493 _____ () C:\Windows\MEMORY.DMP 2015-05-02 16:05 - 2013-06-25 20:22 - 00000000 ____D () C:\Windows\Minidump 2015-05-02 15:25 - 2012-09-30 16:27 - 02245472 _____ () C:\Windows\PFRO.log 2015-05-02 10:26 - 2011-10-09 11:48 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-05-02 09:44 - 2012-10-10 23:34 - 00382258 _____ () C:\Windows\DirectX.log 2015-05-02 04:45 - 2013-03-11 16:34 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Origin 2015-05-02 04:29 - 2012-10-10 21:19 - 00000000 ____D () C:\Program Files (x86)\Kalypso Media 2015-05-02 04:26 - 2012-06-03 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamersFirst 2015-05-02 04:25 - 2011-12-18 15:05 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\SoftGrid Client 2015-04-30 20:40 - 2012-10-26 21:00 - 00424288 _____ () C:\Windows\DPINST.LOG 2015-04-30 20:40 - 2012-09-06 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2015-04-25 19:20 - 2013-07-06 16:12 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\.technic 2015-04-25 19:11 - 2012-09-27 17:23 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\.techniclauncher 2015-04-24 22:48 - 2013-08-03 01:28 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\.minecraft 2015-04-24 22:43 - 2013-08-28 20:00 - 00000000 ____D () C:\Users\Tim\AppData\Local\NVIDIA 2015-04-24 22:43 - 2013-08-16 22:02 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2015-04-24 22:43 - 2011-04-21 02:59 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2015-04-24 22:43 - 2011-04-21 02:59 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2015-04-24 22:42 - 2015-02-20 01:12 - 00000000 ____D () C:\Program Files (x86)\Minecraft 2015-04-24 22:38 - 2015-02-20 01:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft 2015-04-23 20:13 - 2012-06-11 19:46 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\FileZilla 2015-04-17 19:16 - 2011-08-25 00:23 - 00000000 ____D () C:\Users\Tim 2015-04-15 13:40 - 2012-10-26 21:05 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-04-15 13:40 - 2012-10-26 21:05 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-04-15 13:40 - 2011-08-26 16:20 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-04-12 17:27 - 2014-08-27 18:41 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\gedit 2015-04-12 17:27 - 2014-08-27 17:47 - 00000000 ____D () C:\Users\Tim\.gconfd 2015-04-12 17:27 - 2014-08-27 17:47 - 00000000 ____D () C:\Users\Tim\.gconf 2015-04-11 23:24 - 2014-11-19 16:45 - 00000000 ____D () C:\Users\Tim\.VirtualBox 2015-04-09 16:11 - 2015-01-16 15:01 - 00000000 ____D () C:\Program Files (x86)\Avira ==================== Files in the root of some directories ======= 2012-05-29 19:22 - 2012-05-29 19:30 - 0002372 _____ () C:\Users\Tim\AppData\Roaming\result.db 2012-11-17 17:51 - 2012-12-02 18:38 - 0581168 _____ () C:\Users\Tim\AppData\Roaming\technic-launcher.jar 2012-11-17 17:51 - 2012-11-17 17:51 - 0579274 _____ () C:\Users\Tim\AppData\Roaming\technic-launcher.jar.bak 2013-02-25 21:00 - 2013-02-25 21:00 - 0000000 _____ () C:\Users\Tim\AppData\Roaming\technic-launcher.jar.temp 2012-05-19 14:05 - 2013-04-29 16:50 - 0000600 _____ () C:\Users\Tim\AppData\Roaming\winscp.rnd 2012-03-25 17:02 - 2012-03-25 17:02 - 0000091 _____ () C:\Users\Tim\AppData\Local\fusioncache.dat 2013-02-04 19:13 - 2013-02-04 19:13 - 0000036 _____ () C:\Users\Tim\AppData\Local\housecall.guid.cache 2012-06-03 15:00 - 2012-06-03 15:30 - 0000786 _____ () C:\Users\Tim\AppData\Local\PMB Files.聰an 2012-09-13 18:38 - 2014-07-07 18:09 - 0000600 _____ () C:\Users\Tim\AppData\Local\PUTTY.RND 2015-03-05 16:11 - 2015-03-19 18:07 - 0007599 _____ () C:\Users\Tim\AppData\Local\Resmon.ResmonCfg 2011-12-11 11:20 - 2011-12-11 11:20 - 0000000 _____ () C:\Users\Tim\AppData\Local\{424F20BB-2050-451E-A65D-912DCA8D43CF} ZeroAccess: C:\$Recycle.Bin\S-1-5-21-4287805056-2247546581-1725692130-1001\$1aa914ecf3b5e394aa78297c9342598c ZeroAccess: C:\$Recycle.Bin\S-1-5-18\$1aa914ecf3b5e394aa78297c9342598c Some content of TEMP: ==================== C:\Users\Mutter\AppData\Local\Temp\avgnt.exe C:\Users\Mutter\AppData\Local\Temp\bfguni.exe C:\Users\Mutter\AppData\Local\Temp\dufgmr4c.exe C:\Users\Mutter\AppData\Local\Temp\soiygu3.exe C:\Users\Tim\AppData\Local\Temp\55ca504aac49333397fe479deb5c7b7c.dll C:\Users\Tim\AppData\Local\Temp\7z.dll C:\Users\Tim\AppData\Local\Temp\afgytdrp.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_109136_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_114872_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_117081_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_123326_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_128721_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_130027_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_150910_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_162427_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_174814_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_180471_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_21956_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_251389_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_256465_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_267606_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_272518_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_306852_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_330463_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_338666_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_341608_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_350210_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_358144_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_362698_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_4001_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_400305_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_404027_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_433201_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_475957_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_48055_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_497234_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_515542_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_565034_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_576759_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_58682_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_589879_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_626285_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_649975_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_651552_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_699983_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_722687_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_729132_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_730147_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_756803_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_779645_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_78772_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_789480_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_808149_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_829703_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_845896_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_887991_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_902942_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_916882_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_927550_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_958797_setup.exe C:\Users\Tim\AppData\Local\Temp\afgytdrp_998646_setup.exe C:\Users\Tim\AppData\Local\Temp\amazonicon_v8.exe C:\Users\Tim\AppData\Local\Temp\amazoninstallernircmdc.exe C:\Users\Tim\AppData\Local\Temp\avgnt.exe C:\Users\Tim\AppData\Local\Temp\bfguni.exe C:\Users\Tim\AppData\Local\Temp\CH.dll C:\Users\Tim\AppData\Local\Temp\CoJBiBLauncher.exe C:\Users\Tim\AppData\Local\Temp\detectionapi_rd.dll C:\Users\Tim\AppData\Local\Temp\detectionui_r.exe C:\Users\Tim\AppData\Local\Temp\directx10tests_rd.dll C:\Users\Tim\AppData\Local\Temp\directx11tests_rd.dll C:\Users\Tim\AppData\Local\Temp\directx9tests_rd.dll C:\Users\Tim\AppData\Local\Temp\dufgmr4c.exe C:\Users\Tim\AppData\Local\Temp\gu64cd7.exe C:\Users\Tim\AppData\Local\Temp\htmlayout.dll C:\Users\Tim\AppData\Local\Temp\i4jdel0.exe C:\Users\Tim\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll C:\Users\Tim\AppData\Local\Temp\jna1101498630185197989.dll C:\Users\Tim\AppData\Local\Temp\jna1210596943680424389.dll C:\Users\Tim\AppData\Local\Temp\jna1292294944839020467.dll C:\Users\Tim\AppData\Local\Temp\jna153262720220404931.dll C:\Users\Tim\AppData\Local\Temp\jna1651984554571406499.dll C:\Users\Tim\AppData\Local\Temp\jna1916980782641634547.dll C:\Users\Tim\AppData\Local\Temp\jna1940644218735386857.dll C:\Users\Tim\AppData\Local\Temp\jna3025547219810494680.dll C:\Users\Tim\AppData\Local\Temp\jna3928675742867850066.dll C:\Users\Tim\AppData\Local\Temp\jna4009740717899516994.dll C:\Users\Tim\AppData\Local\Temp\jna4345419081856247210.dll C:\Users\Tim\AppData\Local\Temp\jna4548586458236250842.dll C:\Users\Tim\AppData\Local\Temp\jna5017778874159931800.dll C:\Users\Tim\AppData\Local\Temp\jna5440727853953731935.dll C:\Users\Tim\AppData\Local\Temp\jna5510204881371804531.dll C:\Users\Tim\AppData\Local\Temp\jna5961313665843189284.dll C:\Users\Tim\AppData\Local\Temp\jna5987834140924202263.dll C:\Users\Tim\AppData\Local\Temp\jna6029652907971955699.dll C:\Users\Tim\AppData\Local\Temp\jna7153932798563309462.dll C:\Users\Tim\AppData\Local\Temp\jna8433967730932210679.dll C:\Users\Tim\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe C:\Users\Tim\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Tim\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\Tim\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\Tim\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe C:\Users\Tim\AppData\Local\Temp\kjfytdrp.exe C:\Users\Tim\AppData\Local\Temp\lgps_lgps.exe C:\Users\Tim\AppData\Local\Temp\local.dll C:\Users\Tim\AppData\Local\Temp\NGMDll.dll C:\Users\Tim\AppData\Local\Temp\NGMResource.dll C:\Users\Tim\AppData\Local\Temp\NGMSetup.exe C:\Users\Tim\AppData\Local\Temp\nvStInst.exe C:\Users\Tim\AppData\Local\Temp\ping.exe C:\Users\Tim\AppData\Local\Temp\sdanircmdc.exe C:\Users\Tim\AppData\Local\Temp\sdapskill.exe C:\Users\Tim\AppData\Local\Temp\sdaspwn.exe C:\Users\Tim\AppData\Local\Temp\SecurityScan_Release.exe C:\Users\Tim\AppData\Local\Temp\SendMsg.dll C:\Users\Tim\AppData\Local\Temp\setup_ex.exe C:\Users\Tim\AppData\Local\Temp\sevnz.exe C:\Users\Tim\AppData\Local\Temp\SkypeSetup.exe C:\Users\Tim\AppData\Local\Temp\soiygu3.exe C:\Users\Tim\AppData\Local\Temp\sonarinst.exe C:\Users\Tim\AppData\Local\Temp\sy94bur6.exe C:\Users\Tim\AppData\Local\Temp\tbDVDV.dll C:\Users\Tim\AppData\Local\Temp\tmp48EC.tmp.exe C:\Users\Tim\AppData\Local\Temp\tmp48ED.tmp.exe C:\Users\Tim\AppData\Local\Temp\tmpC4A6.tmp.exe C:\Users\Tim\AppData\Local\Temp\tmpC4A7.tmp.exe C:\Users\Tim\AppData\Local\Temp\ubi2151.tmp.exe C:\Users\Tim\AppData\Local\Temp\ubi5F94.tmp.exe C:\Users\Tim\AppData\Local\Temp\ubi75D5.tmp.exe C:\Users\Tim\AppData\Local\Temp\unicows.dll C:\Users\Tim\AppData\Local\Temp\uninst1.exe C:\Users\Tim\AppData\Local\Temp\uninstall1327833.exe C:\Users\Tim\AppData\Local\Temp\update.exe C:\Users\Tim\AppData\Local\Temp\Updater.exe C:\Users\Tim\AppData\Local\Temp\uttBD30.tmp.exe C:\Users\Tim\AppData\Local\Temp\uttC3E5.tmp.exe C:\Users\Tim\AppData\Local\Temp\uttE1C.tmp.exe C:\Users\Tim\AppData\Local\Temp\vpbypc35.exe C:\Users\Tim\AppData\Local\Temp\vrtytdrp.exe C:\Users\Tim\AppData\Local\Temp\YgoUpdater.exe C:\Users\Tim\AppData\Local\Temp\YTDownloaderFull.exe C:\Users\Tim\AppData\Local\Temp\YTDUninst.exe C:\Users\Tim\AppData\Local\Temp\ytd_bu10_setup(1).exe C:\Users\Tim\AppData\Local\Temp\_isBEAD.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-04-25 10:10 ==================== End Of Log ============================ |
|
06.05.2015, 14:31
| #4 |
| | Firewall lässt sich nicht mehr starten Fehlercode 0x8007042c AdditionFRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2015
Ran by Tim at 2015-05-06 15:10:33
Running from C:\Users\Tim\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4287805056-2247546581-1725692130-500 - Administrator - Disabled)
ASPNET (S-1-5-21-4287805056-2247546581-1725692130-1005 - Limited - Enabled)
Gast (S-1-5-21-4287805056-2247546581-1725692130-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4287805056-2247546581-1725692130-1002 - Limited - Enabled)
Mutter (S-1-5-21-4287805056-2247546581-1725692130-1009 - Administrator - Enabled) => C:\Users\Mutter
Tim (S-1-5-21-4287805056-2247546581-1725692130-1001 - Administrator - Enabled) => C:\Users\Tim
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ace of Spades (HKLM-x32\...\{6037B8AD-7D5B-4D50-9BCA-A586C44EEF34}) (Version: 0.75.015 - Ben Aksoy)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) Hidden
Age of Empires II HD (c) Microsoft Studios version 1 (HKLM-x32\...\QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1) (Version: 1 - )
Akamai NetSession Interface (HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Akamai) (Version: - Akamai Technologies, Inc)
Alpha Protocol (HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\{D37FE0E3-B1A9-4E41-AB5D-DA62E04D2C42}) (Version: 1.00.0000 - SEGA Corporation)
Alpha Protocol (HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{D37FE0E3-B1A9-4E41-AB5D-DA62E04D2C42}) (Version: 1.00.0000 - SEGA Corporation)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.00 - Sunflowers)
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Artist Colony (HKLM-x32\...\BFG-Artist Colony) (Version: - )
ArtMoney SE v7.41 (HKLM-x32\...\ArtMoney SE_is1) (Version: 7.41 - System SoftLab)
AudioConverter Studio 8.1 (HKLM-x32\...\AudioConverter Studio_is1) (Version: - ManiacTools.com)
AVG 2013 (Version: 13.0.2591 - AVG Technologies) Hidden
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Azada (HKLM-x32\...\BFG-Azada) (Version: - )
Batman: Arkham Asylum Game of the Year Edition (HKLM-x32\...\{CFABC775-5386-4BA5-86B4-505BBD36E812}) (Version: 1.0.0.0 - Square Enix Limited)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.1 - EA Digital Illusions CE AB)
Baumaschinen Simulator 2011 Version 1.1 (HKLM-x32\...\{219AE2B6-DDB2-4A0B-B092-AD6337EA72BA}_is1) (Version: - rondomedia Marketing & Vertriebs GmbH)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
BigMacroTool 1.5 (HKLM-x32\...\{620CAD2D-0757-43A9-AA5F-C8D48A1E4D85}_is1) (Version: - TLProd)
BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version: - Gaijin Games)
Black & White® 2 (HKLM-x32\...\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}) (Version: 1.00.0000 - Lionhead Studios)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version: - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version: - 2K Australia)
BrickForce 1.9.87 (HKLM-x32\...\BrickForce) (Version: 1.9.87 - Infernum Productions AG)
Bridge Constructor v1.2 (HKLM-x32\...\Bridge Constructor_is1) (Version: 1.2 - )
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bus-Simulator 2008 (HKLM-x32\...\Bus-Simulator 2008_is1) (Version: - astragon Software GmbH)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - )
Call of Duty: Modern Warfare 3 - Dedicated Server (HKLM-x32\...\Steam App 42750) (Version: - Infinity Ward - Sledgehammer Games)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward - Sledgehammer Games)
Call of Juarez - Bound in Blood (HKLM-x32\...\InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}) (Version: 1.00.0000 - Ubisoft)
Call of Juarez - Bound in Blood (x32 Version: 1.00.0000 - Ubisoft) Hidden
Call of Juarez (HKLM-x32\...\InstallShield_{3E7940A4-495B-4DC5-B5C9-D2EE1DE9E5EF}) (Version: 1.1.1.0 - Ubisoft)
Call of Juarez (x32 Version: 1.1.1.0 - Ubisoft) Hidden
Car Mechanic Simulator 2014 (HKLM-x32\...\Steam App 270850) (Version: - PlayWay S.A.)
CCleaner (HKLM\...\CCleaner) (Version: 3.23 - Piriform)
ChatZum Toolbar (HKLM-x32\...\ChatZum Toolbar) (Version: 1.0.14 - ChatZum)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco Packet Tracer 6.2 Student (HKLM-x32\...\Cisco Packet Tracer 6.2 Student_is1) (Version: - Cisco Systems, Inc.)
Company of Heroes - FAKEMSI (x32 Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes (HKLM-x32\...\Company of Heroes) (Version: 2.0.0.1 - THQ Inc.)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - )
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
CraftBukkit (HKLM-x32\...\{5C13C5F3-6E30-449F-8872-DF8AC35AE285}_is1) (Version: RB - Fateful Productions)
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Realm: Königin der Flammen (HKLM-x32\...\BFG-Dark Realm - Koenigin der Flammen) (Version: - )
Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland)
Die Schlacht um Mittelerde(tm) (HKLM-x32\...\{3F290582-3F4E-4B96-009C-E0BABAA40C42}) (Version: - )
DIE SIEDLER - Aufstieg eines Königreichs (HKLM-x32\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
Die Siedler II - Die nächste Generation (HKLM-x32\...\S2TNG) (Version: - )
Die Sims™ 2 (HKLM-x32\...\{2C82E097-694E-44ea-A947-2750679469CF}) (Version: - Electronic Arts)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die*Sims*Mittelalter (HKLM-x32\...\{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}) (Version: 2.0.113 - Electronic Arts)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
Divinity II - Ego Draconis (HKLM-x32\...\Divinity II - Ego Draconis_is1) (Version: - dtp)
DLC Quest (HKLM-x32\...\Steam App 230050) (Version: - Going Loud Studios)
Dragon's Prophet (EU) (HKLM-x32\...\Steam App 259020) (Version: - )
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version: - )
DUNGEONS Game of the Year edition (HKLM-x32\...\{B6505079-4610-4434-9558-53D7F9CBF6B3}) (Version: 1.3.3.0 - Realmforge Studios GmbH)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
Emergency 2012 (HKLM-x32\...\Emergency 2012) (Version: - Quadriga Games GmbH)
Emergency 2013 (HKLM-x32\...\Emergency 2013) (Version: - Quadriga Games)
Emergency 2014 (HKLM-x32\...\Emergency 2014) (Version: - Quadriga Games)
Emergency4 (HKLM-x32\...\{9A4C534E-431F-4A17-97D4-D1682B19A054}) (Version: 1.03.001 - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
FilesFrog Update Checker (HKLM-x32\...\FilesFrog Update Checker) (Version: - ) <==== ATTENTION
FileZilla Client 3.9.0.5 (HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
FileZilla Client 3.9.0.5 (HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
fTalk (HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\fTalk) (Version: 3.0.0.3076 - Bandoo Media Inc) <==== ATTENTION
fTalk (HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\fTalk) (Version: 3.0.0.3076 - Bandoo Media Inc) <==== ATTENTION
GamersFirst LIVE! (HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\GamersFirst LIVE!) (Version: - GamersFirst)
GamersFirst LIVE! (HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GamersFirst LIVE!) (Version: - GamersFirst)
GameShadow (HKLM-x32\...\{B2390904-74BD-48AA-B2CC-6612F8D46379}) (Version: 2.03.0000 - GameShadow Ltd)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)
gedit 2.30.1 (HKLM-x32\...\gedit_is1) (Version: 2.30.1 - GNOME)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Great Adventures: Lost in Mountains (HKLM-x32\...\BFG-Great Adventures - Lost in Mountains) (Version: - )
Hacker Evolution: Untold - Demo (HKLM-x32\...\Steam App 70140) (Version: - exosyphen studios)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3009 - Packard Bell)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Packard Bell)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
inCloak VPN (HKLM-x32\...\{23493C78-637B-4A3F-BE08-CE9A2E6241A9}) (Version: 1.03 - Your Company Name)
Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.600 - Oracle)
Java(TM) 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle)
Java(TM) 7 Update 3 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417003FF}) (Version: 7.0.30 - Oracle)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version: - JC2-MP Team)
Kane and Lynch: Dead Men (HKLM-x32\...\{A66C4716-7E10-4A53-8101-00C3C11D6A9C}) (Version: 1.00.0000 - Eidos)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)
Landwirtschafts Simulator 2013 (HKLM-x32\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
Logitech Gaming Software 8.50 (HKLM\...\Logitech Gaming Software) (Version: 8.50.281 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
LOGO!Soft Comfort V7.0 (HKLM\...\LOGO!Soft Comfort V7.0 ) (Version: 7.0.0.0 - Siemens AG)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Magicka 2 Sneak Peek (HKLM-x32\...\Steam App 351950) (Version: - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Media Go (HKLM-x32\...\{2BF9702B-52EE-4841-83C4-B5E640B6C97A}) (Version: 2.2.223 - Sony)
Media Go Video Playback Engine 1.96.115.08260 (HKLM-x32\...\{065DBB54-6E55-A609-2E1E-F0617E827D53}) (Version: 1.96.115.08260 - Sony)
MEDUSA NX USB 5.1 Gaming Headset (HKLM\...\C-Media CM106 Like Sound Driver) (Version: - )
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50861 - Microsoft Corporation)
Microsoft Flight (HKLM-x32\...\Steam App 203850) (Version: - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual Basic PowerPacks 10.0 (HKLM-x32\...\{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}) (Version: 10.0.20911 - Microsoft)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version: - DICE)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 6.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 6.0.2 (x86 de)) (Version: 6.0.2 - Mozilla)
Mozilla Thunderbird 12.0.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 12.0.1 (x86 de)) (Version: 12.0.1 - Mozilla)
Mp3tag v2.53 (HKLM-x32\...\Mp3tag) (Version: v2.53 - Florian Heidenreich)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{4e606022-ef9e-4620-8da4-823684f99fef}) (Version: - Nero AG)
Nexon Game Manager (HKLM-x32\...\{289AC7E0-0AEE-4a7b-913C-709D9803D23E}) (Version: - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9.8 - )
NVIDIA 3D Vision Controller-Treiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Oracle VM VirtualBox 4.3.18 (HKLM\...\{74B7E6F9-DCAC-4ADB-B2D0-EEFDD1B5AC25}) (Version: 4.3.18 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{be322306-587c-4462-b7d2-86566d8bb6d9}) (Version: latest - ppy Pty Ltd)
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.1.3 - WildTangent)
Packard Bell InfoCentre (HKLM-x32\...\Packard Bell InfoCentre) (Version: 3.02.3000 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3015 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.03.3003 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0825.2010 - Packard Bell )
Packard Bell Software Suite SE (HKLM-x32\...\Packard Bell Software Suite SE) (Version: 2.01.3003 - Packard Bell)
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Packard Bell)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
Patrizier IV (HKLM-x32\...\{25B473C3-2C62-482B-858F-94ED76880F79}) (Version: 1.3.0.0 - Kalypso Media)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - Overkill)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version: - )
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayLinc (HKLM-x32\...\{6EEAB9B3-1F74-4DC5-8D71-6CA0E2769E9B}) (Version: 2.5.2 - SCI)
PlayStation(R)Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.07.00849 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.9.4.14625 - Sony Computer Entertainment Inc.)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polarity version 1.0 (HKLM-x32\...\{FE5BB6CA-7A9B-4CCE-90BC-470D06BDFAA9}_is1) (Version: 1.0 - GP Games)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
PPSSPP version 0.9.8 (HKLM-x32\...\PPSSPP_is1) (Version: 0.9.8 - )
Prince of Persia (HKLM-x32\...\{7C11154F-3539-4CB5-979D-EF7913473E53}) (Version: 1.0 - Ubisoft)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
QuickShare (HKLM-x32\...\{57EA96CA-4648-4CB3-8594-3E1A9E37E86F}) (Version: 1.6.1.872 - Linkury Inc.) <==== ATTENTION
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Reader for PC (HKLM-x32\...\{11CBB0F5-989E-4B16-AE7E-D569AC4BF241}) (Version: 2.0.02.15180 - Sony Corporation)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version: - Wild Shadow Studios)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6215 - Realtek Semiconductor Corp.)
Rise of the Triad (HKLM-x32\...\Steam App 217140) (Version: - Interceptor Entertainment)
Risen - ModStarter 1.3.4.1 (Online Mods DB version) (HKLM-x32\...\Risen - ModStarter_is1) (Version: - LordOfWAR(WorldOfRisen.de), Odin68(Mighty DWARF Mod-Team))
Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
Roads Of Rome (HKLM-x32\...\Roads Of Rome_is1) (Version: - Realore Studios)
ROCCAT Kone[+] Mouse Driver (HKLM-x32\...\{B99CB207-4704-4C51-9309-0FA90AA26DD4}) (Version: - Roccat GmbH)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
RPG Maker VX Ace (HKLM-x32\...\RPGVXAce_E_is1) (Version: 1.02 - Enterbrain)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
San Andreas Mod Installer (HKLM-x32\...\San Andreas Mod Installer1.1) (Version: 1.1 - cpmusick)
Sanny Builder 3.08 (HKLM-x32\...\Sanny Builder 3_is1) (Version: - )
Sauerbraten (HKLM-x32\...\Sauerbraten) (Version: - )
Search Protection (HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\Search Protection) (Version: 10.6.0.1 - Spigot, Inc.) <==== ATTENTION
Search Protection (HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Search Protection) (Version: 10.6.0.1 - Spigot, Inc.) <==== ATTENTION
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Silent Hunter 5 (HKLM-x32\...\{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}) (Version: 1.2.0 - Ubisoft)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - Silicon Laboratories)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{0FC86BBD-9912-437D-8B92-D70A6FD63DCF}) (Version: 6.2.00 - Silicon Laboratories, Inc.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.6.201305161305 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.259 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.259 - Sony)
Sound Blaster Tactic(3D) (HKLM-x32\...\{92000C16-939B-44CA-802F-0D552019D7C8}) (Version: 1.0 - Creative Technology Limited)
Sound Blaster Tactic(3D) Alpha (HKLM-x32\...\{2226247D-9846-4370-A1EF-FAA6958F7632}) (Version: 1.0 - Creative Technology Limited)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold 2 Deluxe (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.100 - Firefly Studios)
stunnel (HKLM-x32\...\stunnel) (Version: - )
Supraball (HKLM-x32\...\Steam App 321400) (Version: - )
SweetIM for Messenger 3.7 (HKLM-x32\...\{7683B745-6060-41FD-AA75-0BBB383FEAD4}) (Version: 3.7.0005 - SweetIM Technologies Ltd.) <==== ATTENTION
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Expendabros (HKLM-x32\...\Steam App 312990) (Version: - Free Lives)
The Forest (HKLM-x32\...\Steam App 242760) (Version: - Endnight Games Ltd)
The Island Castaway (HKLM-x32\...\TheIslandCastaway) (Version: - )
The Showdown Effect (HKLM-x32\...\Steam App 204080) (Version: - Arrowhead Game Studios)
The War Z (HKLM-x32\...\Steam App 226700) (Version: - Hammerpoint Interactive)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
Tom Clancy's Ghost Recon Advanced Warfighter® 2 (HKLM-x32\...\{F78AC3C0-578C-49AB-BD4E-3107A6036A13}) (Version: 1.00.0000 - UBISOFT)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.00.1000 - Ubisoft)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\UnityWebPlayer) (Version: 4.6.5f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 4.6.5f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Update Manager for SweetPacks 1.1 (HKLM-x32\...\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}) (Version: 1.1.0008 - SweetIM Technologies Ltd.) <==== ATTENTION
Updater (HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.1.22229 - Ask.com) <==== ATTENTION
Updater (HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.1.22229 - Ask.com) <==== ATTENTION
Updater (HKU\S-1-5-21-4287805056-2247546581-1725692130-1009\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.1.22229 - Ask.com) <==== ATTENTION
Updater (HKU\S-1-5-21-4287805056-2247546581-1725692130-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.1.22229 - Ask.com) <==== ATTENTION
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
Uplink (HKLM-x32\...\Steam App 1510) (Version: - Introversion Software)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A1A75F4F-9C9F-11E2-8FCB-F04DA23A5C58}) (Version: 12.0.563 - Sony)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VirtualDJ PRO Full (HKLM-x32\...\{82BEEB3F-D0BF-42EE-8739-F4827C4805B7}) (Version: 7.0.4 - Atomix Productions)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VisualBee for Microsoft PowerPoint (HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\VisualBee for Microsoft PowerPoint) (Version: V3.6 - VisualBee.com)
Vittalia Installer (HKLM-x32\...\Vittalia) (Version: 1.0 - www.FILEWIN.com) <==== ATTENTION
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Web Assistant 2.0.0.600 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.600 - IncrediBar) <==== ATTENTION
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3005 - Packard Bell)
WildTangent Games App (Packard Bell Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-packardbell) (Version: 4.0.5.31 - WildTangent)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
WindowsMangerProtect20.0.0.502 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.502 - WindowsProtect LIMITED) <==== ATTENTION
WinRAR 4.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Yontoo 1.10.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.02 - Yontoo LLC) <==== ATTENTION
Zoo Empire (HKLM-x32\...\BFG-Zoo Empire) (Version: - )
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Tim\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Tim\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Tim\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Tim\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Tim\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
02-05-2015 09:42:06 DirectX wurde installiert
06-05-2015 13:56:49 Removed Aeria Ignite
06-05-2015 14:04:14 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
06-05-2015 14:05:39 Removed S4 League_EU
06-05-2015 14:06:21 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
06-05-2015 14:44:54 Installed Microsoft Fix it 50884
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-11-01 15:00 - 00001297 ____A C:\Windows\system32\Drivers\etc\hosts
255.255.255.255 easyanticheat.se # misleading site
255.255.255.255 www.easyanticheat.se # misleading site
255.255.255.255 easyanticheat.com # misleading site
255.255.255.255 www.easyanticheat.com # misleading site
255.255.255.255 easyanticheat.info # misleading site
255.255.255.255 www.easyanticheat.info # misleading site
255.255.255.255 easyanticheat.org # misleading site
255.255.255.255 www.easyanticheat.org # misleading site
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0425BFF7-3C2B-4134-8BD0-D4C6D0DCDC67} - System32\Tasks\{B44B2322-D170-4C8F-AAB3-34342C17D7C3} => C:\Riot Games\League of Legends\lol.launcher.exe [2011-04-28] ()
Task: {07BB6F8D-5502-4504-AEEC-F200BAE532DE} - System32\Tasks\{B94942BD-4E0C-407C-AAC0-09230552462F} => C:\Users\Tim\Desktop\GTA San Andreas\gta_sa.exe
Task: {0E3A7364-A561-4104-A7C6-F563952A487F} - System32\Tasks\{153E3B81-1C75-4AE9-930D-5187350CAD8F} => C:\Users\Tim\Desktop\GTA San Andreas\gta_sa.exe
Task: {1C8974A0-ADEE-4C41-AA05-1A1B3440B051} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-09-24] (Piriform Ltd)
Task: {23E8E418-7EBE-4D94-8425-E13654C54336} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {260EB22E-41EE-42C5-931B-6AEFF66B197F} - System32\Tasks\{8D19657B-70CA-470F-9A8D-1347FAC30D9A} => C:\Users\Tim\Desktop\GTA San Andreas\gta_sa.exe
Task: {27090533-2E3E-43D7-A3AF-926008C2A2F2} - System32\Tasks\{01D21C21-80E8-4E0D-A425-DD6181C1089A} => E:\ShelExec.exe
Task: {279D4126-EC09-43B6-B39A-4AFD7566E9CA} - System32\Tasks\{A2410DB4-56AA-422D-BBFE-81399F63E5D1} => pcalua.exe -a "D:\Users\Tim\AppData\Local\TeamSpeak 3 Client\plugins\ts3overlay\InstallHook.exe" -d "D:\Users\Tim\AppData\Local\TeamSpeak 3 Client\plugins\ts3overlay\" -c 10000
Task: {307F77B3-B916-4721-9E36-8D34935C3277} - System32\Tasks\{638238E2-685D-4A80-99E9-7EBB6A0280B8} => C:\Users\Tim\Desktop\GTA San Andreas\gta_sa.exe
Task: {36D1972D-4385-4019-B191-65B825604951} - System32\Tasks\{B5540E01-6EFE-4A48-8272-90811766710C} => pcalua.exe -a E:\SimsMedievalSetup.exe -d E:\
Task: {4120934B-E10F-4995-A39D-A44B855AA248} - System32\Tasks\{41755917-9839-4580-90DB-A77D2C5E4AC5} => C:\Program Files (x86)\vpn\Start.exe [2015-02-10] (inCloak Network Ltd.)
Task: {42096CEE-1B3C-4E56-A93C-D3D82B55DB56} - System32\Tasks\{5A24FCE3-D728-42D0-A2B3-18310956A3F8} => C:\Users\Tim\Desktop\GTA San Andreas\gta_sa.exe
Task: {4A0C5322-6007-40CD-BC10-48849E12F620} - System32\Tasks\FFMPEGUpd => C:\PROGRA~2\FFMPEG\FFMPEG~1.EXE
Task: {532A8B08-3649-435A-ACFC-4520C5F1B506} - System32\Tasks\{476619E9-1B35-4B9C-86D4-959D726B1EF7} => C:\Users\Tim\Desktop\GTA San Andreas\gta_sa.exe
Task: {55CDFE24-4989-40C2-9038-76BA6BDDC8D7} - System32\Tasks\{B91AB9B7-94FC-4FF7-AAAE-69CA31377952} => pcalua.exe -a C:\Users\Tim\Desktop\Emulator\ePSXe.exe -d C:\Users\Tim\Desktop\Emulator
Task: {5C20FA60-C365-4E69-9B33-DA8ACE99449F} - \GoforFilesUpdate No Task File <==== ATTENTION
Task: {5CCE660E-A7EB-42CD-B652-A0FC8ADFB8D2} - \VisualBeeRecovery No Task File <==== ATTENTION
Task: {5EBB951C-47D1-4B77-BE08-6AE938AF129A} - System32\Tasks\{C8A33CDA-7909-44BD-8500-0AA926B99F82} => C:\Users\Tim\Desktop\GTA San Andreas\gta_sa.exe
Task: {60A12422-E0B5-4C7B-BD98-A939320E871D} - \Updater3491.exe No Task File <==== ATTENTION
Task: {60A2846B-0136-4B43-B060-934482399A80} - \SMupdate1 No Task File <==== ATTENTION
Task: {60E11A1B-E045-4E46-B9F0-3C1FF0572D8A} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ATTENTION
Task: {63F48CF1-5994-4DE7-A68A-38638840FD41} - System32\Tasks\{3823B102-8117-411F-8D0B-5396FE7EAA42} => pcalua.exe -a D:\Steam\steam.exe -c steam://uninstall/6860
Task: {65E4A204-35B1-43B5-AFEA-37A604A4CAB9} - System32\Tasks\{6F242E5A-A9D2-4B60-A562-CDACC488F897} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/35110
Task: {6CCE4D9B-6774-41E7-9AC1-8CC48CF4E354} - System32\Tasks\{B6051D3F-FB31-442A-98CF-F89F65EA719B} => D:\Steam\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe [2013-08-17] (EA Digital Illusions CE AB)
Task: {6CD3ED26-E25A-4B40-BE8B-2D7407211E54} - System32\Tasks\{5185A404-927F-4C93-9F12-9CFC6F5A4BA1} => pcalua.exe -a C:\ProgramData\{5F9E318F-6857-4A05-90D8-6E92501E2136}\LiveZilla_3.3.2.2_Full.exe -c REMOVE=TRUE MODIFY=FALSE
Task: {76FC08B9-FD11-4FD4-A93B-633286B24343} - System32\Tasks\{8A537692-3E07-4997-ABDA-C220F574FE3D} => C:\Program Files (x86)\Anno 1701\Anno1701.exe
Task: {7C9C92E0-550F-4829-9D51-08B17B619A18} - System32\Tasks\{6B568C2E-E65B-4E1D-BFEF-F895FC4F7C5C} => pcalua.exe -a "C:\Users\Tim\Desktop\Minecraft Modinstaller für Minimap Mod 1.2.5\Installer Only Windows.exe" -d "C:\Users\Tim\Desktop\Minecraft Modinstaller für Minimap Mod 1.2.5"
Task: {8B60701C-2CF3-4055-B7E5-0DF3C109440E} - System32\Tasks\{499ABA23-A28A-41E6-893F-8290B05110A7} => pcalua.exe -a C:\Users\Tim\AppData\Local\Temp\Rar$EXa0.376\DirectX\DXSetup.exe -d C:\Users\Tim\AppData\Local\Temp\Rar$EXa0.376
Task: {8DD9E939-D7ED-4A55-B892-481FBABCDE69} - System32\Tasks\{51A77C4B-07B9-4117-806B-41D247C3E0AE} => C:\Users\Tim\Desktop\GTA San Andreas\gta_sa.exe
Task: {9DA6FD2A-61D0-40BD-B200-B26981706264} - System32\Tasks\{13D0AC58-02F7-40F1-984E-B64D752A9686} => pcalua.exe -a C:\ProgramData\{5F9E318F-6857-4A05-90D8-6E92501E2136}\LiveZilla_3.3.2.2_Full.exe -c REMOVE=TRUE MODIFY=FALSE
Task: {B48C7D42-FAB3-4918-9806-21DFB9670D3F} - System32\Tasks\{71C6D839-CF08-48A5-8A22-596D43A9F7CF} => C:\Users\Tim\Desktop\GTA San Andreas\gta_sa.exe
Task: {B4B292B0-B32F-4A2B-AD4A-7C41F4B41E28} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BCF7DDBE-830B-4FDB-8226-8FFECFE05859} - System32\Tasks\{1E6DB138-1570-4C35-9A04-450522EA093F} => C:\Users\Tim\Desktop\GTA San Andreas\gta_sa.exe
Task: {C3024297-13B0-4FA6-AA42-4609B0570BB3} - System32\Tasks\{42611867-8B6E-4DE8-ABF1-4B72C4E61ADB} => pcalua.exe -a "C:\Users\Tim\Desktop\minecraft\Minecraft Modinstaller für Minimap Mod 1.2.5\Installer Only Windows.exe" -d "C:\Users\Tim\Desktop\minecraft\Minecraft Modinstaller für Minimap Mod 1.2.5"
Task: {C6BE480D-FA5F-4805-9EDD-48D04834C275} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {D69F8BE0-70DD-402F-97DA-C34EEAC6D3B7} - System32\Tasks\{EFD1781B-4A58-49F7-88B3-DFE310147975} => pcalua.exe -a "C:\Users\Tim\Downloads\Zombe Mod Installer.exe" -d C:\Users\Tim\Downloads
Task: {E0753B3C-AB71-46EB-B1A4-767201F18E06} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {EC986B8F-F825-4294-888D-4E6BB9C4F3C4} - System32\Tasks\{7ABA7BBC-70C4-4D5A-927A-8EA617E7CD56} => C:\Users\Tim\Desktop\GTA San Andreas\gta_sa.exe
Task: {F3ECD103-4BC7-4771-947F-962AED62A57E} - System32\Tasks\{A16B9C10-BE8A-498C-80A3-06E283A846E2} => E:\ShelExec.exe
Task: {FAC4D579-0D41-452B-958D-48BE16F8DEAF} - \DealPlyUpdate No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2011-04-07 23:19 - 2013-06-21 12:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-06-03 18:25 - 2013-12-27 00:14 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-06-03 18:25 - 2013-12-27 00:19 - 00107832 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2011-11-22 10:59 - 2011-11-22 10:59 - 00018432 _____ () C:\Users\Tim\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe
2012-04-29 21:42 - 2012-04-29 21:42 - 00932736 ____N () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-09-28 20:19 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2010-08-04 14:40 - 2010-08-04 14:40 - 00611872 _____ () C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
2012-10-26 20:59 - 2014-06-23 09:07 - 00113376 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2014-02-28 11:14 - 2014-02-28 11:14 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-08-04 15:43 - 2014-08-04 15:43 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-08-04 15:43 - 2014-08-04 15:43 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-08-04 15:46 - 2014-08-04 15:46 - 00563656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-08-04 15:46 - 2014-08-04 15:46 - 00579016 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-24 22:43 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2008-06-05 08:01 - 2008-06-05 08:01 - 00344064 _____ () C:\Program Files (x86)\Packard Bell\Software Suite SE\sqlite3.dll
2012-10-26 20:59 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2012-10-26 20:59 - 2014-12-04 15:18 - 00241152 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2013-04-19 15:15 - 2013-05-20 12:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
2013-03-18 15:46 - 2013-03-18 15:46 - 00606720 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2012-04-27 00:38 - 2012-04-27 00:38 - 20758016 _____ () C:\Users\Tim\AppData\Local\GamersFirst\LIVE!\libcef.dll
2010-08-04 11:47 - 2010-08-04 11:47 - 00144896 _____ () C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyHook.dll
2013-03-18 13:56 - 2013-03-18 13:56 - 00880640 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\fsk.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00040264 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00239944 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\Fskin.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00026952 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskinLocalize.dll
2013-02-15 12:17 - 2013-02-15 12:17 - 00798720 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskSecurity.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00125256 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00016200 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskPower.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00024904 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskNetInterface.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00017224 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00015176 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00034632 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ticket.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00018760 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00092488 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookUsb.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00149832 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\readerAppHelper.dll
2013-03-18 13:58 - 2013-03-18 13:58 - 00178504 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\USBDetector.dll
2013-12-24 19:55 - 2010-06-22 14:50 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\hiddriver.dll
2012-02-11 13:31 - 2014-03-24 10:37 - 00074240 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2012-02-11 13:31 - 2014-03-24 10:33 - 00274944 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2012-05-11 12:43 - 2012-05-11 12:43 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\005e39dd4fc7c1bda871002fd7d32f4b\IsdiInterop.ni.dll
2010-11-05 04:55 - 2010-09-14 03:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-03-31 17:41 - 2015-04-16 19:40 - 00776192 _____ () D:\Steam\SDL2.dll
2015-03-31 17:41 - 2015-04-23 04:16 - 04962816 _____ () D:\Steam\v8.dll
2015-03-31 17:41 - 2015-04-23 04:16 - 01556992 _____ () D:\Steam\icui18n.dll
2015-03-31 17:41 - 2015-04-23 04:16 - 01187840 _____ () D:\Steam\icuuc.dll
2015-03-31 17:41 - 2015-05-02 01:31 - 02396352 _____ () D:\Steam\video.dll
2014-08-22 15:04 - 2014-12-01 23:31 - 02396672 _____ () D:\Steam\libavcodec-56.dll
2014-08-22 15:04 - 2014-12-01 23:31 - 00442880 _____ () D:\Steam\libavutil-54.dll
2014-08-22 15:04 - 2014-12-01 23:31 - 00479744 _____ () D:\Steam\libavformat-56.dll
2014-08-22 15:04 - 2014-12-01 23:31 - 00332800 _____ () D:\Steam\libavresample-2.dll
2014-08-22 15:04 - 2014-12-01 23:31 - 00485888 _____ () D:\Steam\libswscale-3.dll
2015-03-31 17:41 - 2015-05-02 01:31 - 00702656 _____ () D:\Steam\bin\chromehtml.DLL
2011-10-22 17:32 - 2015-04-30 23:02 - 40953984 _____ () D:\Steam\bin\libcef.dll
2015-05-02 04:45 - 2015-05-02 04:45 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-05-02 04:45 - 2015-05-02 04:45 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2015-05-02 04:45 - 2015-05-02 04:45 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2015-05-02 04:45 - 2015-05-02 04:45 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2015-05-02 04:45 - 2015-05-02 04:45 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2015-05-02 04:45 - 2015-05-02 04:45 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2015-05-02 04:45 - 2015-05-02 04:45 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2015-05-02 04:45 - 2015-05-02 04:45 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2015-05-02 04:45 - 2015-05-02 04:45 - 00228352 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll
2014-09-06 18:44 - 2014-09-06 18:44 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2015-04-29 20:41 - 2015-04-28 04:07 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-04-29 20:41 - 2015-04-28 04:07 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
2015-04-29 20:41 - 2015-04-28 04:07 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll
2015-04-24 21:42 - 2015-04-30 23:02 - 09273984 _____ () D:\Steam\bin\pdf.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:178093AE
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:58306E4C
AlternateDataStreams: C:\ProgramData\TEMP:70E897B5
AlternateDataStreams: C:\ProgramData\TEMP:862BDB1A
AlternateDataStreams: C:\ProgramData\TEMP:A6CDBCAC
AlternateDataStreams: C:\ProgramData\TEMP:ADDDF689
AlternateDataStreams: C:\ProgramData\TEMP:FD786DCA
AlternateDataStreams: C:\Users\Tim\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Tim\AppData\Roaming:NT
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\aeriagames.com -> hxxp://aeriagames.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4287805056-2247546581-1725692130-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4287805056-2247546581-1725692130-1009\Control Panel\Desktop\\Wallpaper -> C:\Users\Mutter\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4287805056-2247546581-1725692130-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Mutter\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/06/2015 02:03:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm msiexec.exe, Version 5.0.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 12c0
Startzeit: 01d087f3b24c198d
Endzeit: 4
Anwendungspfad: C:\Windows\SysWOW64\msiexec.exe
Berichts-ID:
Error: (05/06/2015 00:24:43 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]
Error: (05/06/2015 00:09:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13213
Error: (05/06/2015 00:09:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13213
Error: (05/06/2015 00:09:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/06/2015 00:09:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12168
Error: (05/06/2015 00:09:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12168
Error: (05/06/2015 00:09:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/06/2015 00:09:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11169
Error: (05/06/2015 00:09:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11169
System errors:
=============
Error: (05/06/2015 02:48:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows-Firewall" ist vom Dienst "Basisfiltermodul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%5
Error: (05/06/2015 02:48:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Basisfiltermodul" wurde mit folgendem Fehler beendet:
%%5
Error: (05/06/2015 02:48:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Basisfiltermodul" wurde mit folgendem Fehler beendet:
%%5
Error: (05/06/2015 02:48:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows-Firewall" ist vom Dienst "Basisfiltermodul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%5
Error: (05/06/2015 02:39:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Basisfiltermodul" wurde mit folgendem Fehler beendet:
%%5
Error: (05/06/2015 02:39:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows-Firewall" ist vom Dienst "Basisfiltermodul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%5
Error: (05/06/2015 02:38:50 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows-Firewall" ist vom Dienst "Basisfiltermodul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%5
Error: (05/06/2015 02:38:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Basisfiltermodul" wurde mit folgendem Fehler beendet:
%%5
Error: (05/06/2015 02:38:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows-Firewall" ist vom Dienst "Basisfiltermodul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%5
Error: (05/06/2015 02:38:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Basisfiltermodul" wurde mit folgendem Fehler beendet:
%%5
Microsoft Office Sessions:
=========================
Error: (05/06/2015 02:03:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: msiexec.exe5.0.7601.1751412c001d087f3b24c198d4C:\Windows\SysWOW64\msiexec.exe
Error: (05/06/2015 00:24:43 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]
Error: (05/06/2015 00:09:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13213
Error: (05/06/2015 00:09:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13213
Error: (05/06/2015 00:09:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/06/2015 00:09:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12168
Error: (05/06/2015 00:09:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12168
Error: (05/06/2015 00:09:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/06/2015 00:09:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11169
Error: (05/06/2015 00:09:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11169
CodeIntegrity Errors:
===================================
Date: 2013-04-18 15:03:35.604
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-18 15:03:35.558
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-18 15:03:35.386
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-18 15:03:35.339
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-17 18:04:58.385
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-17 18:04:58.338
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-17 18:04:58.151
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-17 18:04:58.119
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-17 17:35:40.517
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-17 17:35:40.470
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2300 CPU @ 2.80GHz
Percentage of memory in use: 65%
Total physical RAM: 6126.02 MB
Available physical RAM: 2129.16 MB
Total Pagefile: 12250.23 MB
Available Pagefile: 6405.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: (Packard Bell) (Fixed) (Total:456.44 GB) (Free:57.74 GB) NTFS
Drive d: (DATA) (Fixed) (Total:457.47 GB) (Free:60.35 GB) NTFS
Drive e: (BW2) (CDROM) (Total:3.54 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2BA6379E)
Partition 1: (Not Active) - (Size=17.5 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=456.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=457.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
so habe ich Gemacht nur es hat nicht in 1 Beitrag reingepasst |
|
07.05.2015, 07:13
| #5 |
| /// the machine /// TB-Ausbilder | Firewall lässt sich nicht mehr starten Fehlercode 0x8007042c Du bist ein kleiner Adware-Sammler oder?  Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.05.2015, 15:53
| #6 |
| | Firewall lässt sich nicht mehr starten Fehlercode 0x8007042c Ich konnte nicht mit dem Revo Uninstaller : Yontoo 1.10.02 Web Assistant 2.0.0.600 Updater Deinstallieren Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.05.07.03
rootkit: v2015.04.21.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Tim :: TIM-PC [administrator]
07.05.2015 16:00:57
mbar-log-2015-05-07 (16-00-57).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 500925
Time elapsed: 49 minute(s), 1 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 6
C:\$Recycle.Bin\S-1-5-18\$1aa914ecf3b5e394aa78297c9342598c\U (Trojan.Siredef.C) -> Delete on reboot. [d0ff0a865535f83efd1a35cc946c3bc5]
C:\$Recycle.Bin\S-1-5-21-4287805056-2247546581-1725692130-1001\$1aa914ecf3b5e394aa78297c9342598c\U (Trojan.Siredef.C) -> Delete on reboot. [27a8b5dbf793eb4ba37460a1f40c2ad6]
C:\$Recycle.Bin\S-1-5-18\$1aa914ecf3b5e394aa78297c9342598c\L (Trojan.Siredef.C) -> Delete on reboot. [e1ee751b2c5eba7cb069da27f10faf51]
C:\$Recycle.Bin\S-1-5-21-4287805056-2247546581-1725692130-1001\$1aa914ecf3b5e394aa78297c9342598c\L (Trojan.Siredef.C) -> Delete on reboot. [8847dbb5a4e6af87a97038c958a830d0]
C:\$Recycle.Bin\S-1-5-18\$1aa914ecf3b5e394aa78297c9342598c (Trojan.Siredef.C) -> Delete on reboot. [7c53e4ac93f7e353c9510df411efff01]
C:\$Recycle.Bin\S-1-5-21-4287805056-2247546581-1725692130-1001\$1aa914ecf3b5e394aa78297c9342598c (Trojan.Siredef.C) -> Delete on reboot. [4c83256b90fad4621109f90835cb41bf]
Files Detected: 4
C:\$Recycle.Bin\S-1-5-18\$1aa914ecf3b5e394aa78297c9342598c\L\00000004.@ (Trojan.Siredef.C) -> Delete on reboot. [e1ee751b2c5eba7cb069da27f10faf51]
C:\$Recycle.Bin\S-1-5-18\$1aa914ecf3b5e394aa78297c9342598c\L\201d3dde (Trojan.Siredef.C) -> Delete on reboot. [e1ee751b2c5eba7cb069da27f10faf51]
C:\$Recycle.Bin\S-1-5-18\$1aa914ecf3b5e394aa78297c9342598c\L\4cce1f70 (Trojan.Siredef.C) -> Delete on reboot. [e1ee751b2c5eba7cb069da27f10faf51]
C:\$Recycle.Bin\S-1-5-18\$1aa914ecf3b5e394aa78297c9342598c\L\76603ac3 (Trojan.Siredef.C) -> Delete on reboot. [e1ee751b2c5eba7cb069da27f10faf51]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
07.05.2015, 18:02
| #7 |
| | Firewall lässt sich nicht mehr starten Fehlercode 0x8007042cCode:
ATTFilter 16:54:36.0722 0x273c TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
16:54:40.0996 0x273c ============================================================
16:54:40.0996 0x273c Current date / time: 2015/05/07 16:54:40.0996
16:54:40.0996 0x273c SystemInfo:
16:54:40.0996 0x273c
16:54:40.0996 0x273c OS Version: 6.1.7601 ServicePack: 1.0
16:54:40.0996 0x273c Product type: Workstation
16:54:40.0996 0x273c ComputerName: TIM-PC
16:54:40.0996 0x273c UserName: Tim
16:54:40.0997 0x273c Windows directory: C:\Windows
16:54:40.0997 0x273c System windows directory: C:\Windows
16:54:40.0997 0x273c Running under WOW64
16:54:40.0997 0x273c Processor architecture: Intel x64
16:54:40.0997 0x273c Number of processors: 4
16:54:40.0997 0x273c Page size: 0x1000
16:54:40.0997 0x273c Boot type: Normal boot
16:54:40.0997 0x273c ============================================================
16:54:41.0343 0x273c KLMD registered as C:\Windows\system32\drivers\65958839.sys
16:54:41.0788 0x273c System UUID: {EA74B567-58BF-7BAD-73AD-F8D05DD857C5}
16:54:42.0521 0x273c Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:54:42.0532 0x273c ============================================================
16:54:42.0532 0x273c \Device\Harddisk0\DR0:
16:54:42.0532 0x273c MBR partitions:
16:54:42.0532 0x273c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2300800, BlocksNum 0x32000
16:54:42.0533 0x273c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2332800, BlocksNum 0x390E1800
16:54:42.0533 0x273c \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3B414000, BlocksNum 0x392F2000
16:54:42.0533 0x273c ============================================================
16:54:42.0578 0x273c C: <-> \Device\Harddisk0\DR0\Partition2
16:54:42.0608 0x273c D: <-> \Device\Harddisk0\DR0\Partition3
16:54:42.0680 0x273c ============================================================
16:54:42.0681 0x273c Initialize success
16:54:42.0681 0x273c ============================================================
16:55:29.0209 0x23f8 ============================================================
16:55:29.0209 0x23f8 Scan started
16:55:29.0209 0x23f8 Mode: Manual; SigCheck; TDLFS;
16:55:29.0209 0x23f8 ============================================================
16:55:29.0209 0x23f8 KSN ping started
16:55:43.0111 0x23f8 KSN ping finished: true
16:55:43.0970 0x23f8 ================ Scan system memory ========================
16:55:43.0970 0x23f8 System memory - ok
16:55:43.0971 0x23f8 ================ Scan services =============================
16:55:44.0114 0x23f8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:55:44.0428 0x23f8 1394ohci - ok
16:55:44.0477 0x23f8 [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
16:55:44.0571 0x23f8 acedrv11 - ok
16:55:44.0605 0x23f8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:55:44.0622 0x23f8 ACPI - ok
16:55:44.0650 0x23f8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:55:44.0720 0x23f8 AcpiPmi - ok
16:55:44.0801 0x23f8 [ 34400005DE52842C4D6D4EE978B4D7CE, E7C3121812284B9FE6A12910C67C98354BAF5DB74865A5B4E0C2E64852BDB50A ] AdobeActiveFileMonitor8.0 c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
16:55:44.0821 0x23f8 AdobeActiveFileMonitor8.0 - ok
16:55:44.0929 0x23f8 [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:55:44.0952 0x23f8 AdobeFlashPlayerUpdateSvc - ok
16:55:44.0995 0x23f8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:55:45.0016 0x23f8 adp94xx - ok
16:55:45.0041 0x23f8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:55:45.0056 0x23f8 adpahci - ok
16:55:45.0072 0x23f8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:55:45.0084 0x23f8 adpu320 - ok
16:55:45.0102 0x23f8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:55:45.0252 0x23f8 AeLookupSvc - ok
16:55:45.0291 0x23f8 [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\Windows\system32\drivers\afd.sys
16:55:45.0357 0x23f8 AFD - ok
16:55:45.0391 0x23f8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
16:55:45.0400 0x23f8 agp440 - ok
16:55:45.0415 0x23f8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:55:45.0484 0x23f8 ALG - ok
16:55:45.0515 0x23f8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:55:45.0527 0x23f8 aliide - ok
16:55:45.0540 0x23f8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:55:45.0551 0x23f8 amdide - ok
16:55:45.0566 0x23f8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:55:45.0605 0x23f8 AmdK8 - ok
16:55:45.0627 0x23f8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:55:45.0642 0x23f8 AmdPPM - ok
16:55:45.0691 0x23f8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:55:45.0705 0x23f8 amdsata - ok
16:55:45.0724 0x23f8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:55:45.0740 0x23f8 amdsbs - ok
16:55:45.0759 0x23f8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:55:45.0770 0x23f8 amdxata - ok
16:55:45.0827 0x23f8 [ 8660C7BFE2CBA7E0B3F5D9ECD05D780E, BCA25159ACB3DB4AFA848F64C11AEAC9D17724DE1DCA6090AEFDC79C72499FEF ] AndNetDiag C:\Windows\system32\DRIVERS\lgandnetdiag64.sys
16:55:45.0876 0x23f8 AndNetDiag - ok
16:55:45.0902 0x23f8 [ 620F9CDFC8987FE26F6E0DC37D645B45, E307EAB2E123EF40AD0603F24DFE7629669FA64A7FDA7CC1100DB482EB295092 ] ANDNetModem C:\Windows\system32\DRIVERS\lgandnetmodem64.sys
16:55:45.0928 0x23f8 ANDNetModem - ok
16:55:45.0982 0x23f8 [ 7AA8B780C65D4A3C0128ED0E264BF194, F55A3DE8998A859DFE1EFF6996154AD6BBD298CBFFFB6CBF92529152241043AE ] andnetndis C:\Windows\system32\DRIVERS\lgandnetndis64.sys
16:55:46.0034 0x23f8 andnetndis - ok
16:55:46.0174 0x23f8 [ D908096B873B940BB438CE63BA35BD1E, F1C79C907E6CDBC2770C16AFFAE0D6F9B9B7DA21F5074D602AC5FE1597975748 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
16:55:46.0214 0x23f8 AntiVirMailService - ok
16:55:46.0269 0x23f8 [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:55:46.0289 0x23f8 AntiVirSchedulerService - ok
16:55:46.0338 0x23f8 [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:55:46.0357 0x23f8 AntiVirService - ok
16:55:46.0456 0x23f8 [ 0F3D12E5FAE0082DB3F306095CA6B027, 726D054357031F45B43C87D798E84FA93439ECA6C691EB8C76FE524B50C25B32 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
16:55:46.0511 0x23f8 AntiVirWebService - ok
16:55:46.0552 0x23f8 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
16:55:46.0725 0x23f8 AppID - ok
16:55:46.0741 0x23f8 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:55:46.0818 0x23f8 AppIDSvc - ok
16:55:46.0854 0x23f8 [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo C:\Windows\System32\appinfo.dll
16:55:46.0908 0x23f8 Appinfo - ok
16:55:47.0020 0x23f8 [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:55:47.0031 0x23f8 Apple Mobile Device - ok
16:55:47.0051 0x23f8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
16:55:47.0064 0x23f8 arc - ok
16:55:47.0080 0x23f8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:55:47.0092 0x23f8 arcsas - ok
16:55:47.0182 0x23f8 [ 041672BAC20B34EAEDEB033129655DD8, 14264732F0CACF5732C7652C411F0A1C3B4A4417C31DD289C8AFF170BE683E5A ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:55:47.0201 0x23f8 aspnet_state - ok
16:55:47.0230 0x23f8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:55:47.0292 0x23f8 AsyncMac - ok
16:55:47.0333 0x23f8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:55:47.0344 0x23f8 atapi - ok
16:55:47.0384 0x23f8 [ 64F07381335E37C142F6D176705FFCA6, 8F7F633B891FE653D3298578897711A04E7B2B08E51CEE131C50102EFD45AC0E ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
16:55:47.0409 0x23f8 atksgt - ok
16:55:47.0468 0x23f8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:55:47.0561 0x23f8 AudioEndpointBuilder - ok
16:55:47.0579 0x23f8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:55:47.0617 0x23f8 AudioSrv - ok
16:55:47.0645 0x23f8 AVGIDSAgent - ok
16:55:47.0677 0x23f8 [ 43B6D229C7DBA9F0FC0FC0C318DB5350, F5A525DBD71FC4A323E92839C6D27F323FB304B7E9FFA35E89E9B419570AA4C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
16:55:47.0693 0x23f8 avgntflt - ok
16:55:47.0747 0x23f8 [ 626D1BAD7A1975A8FEE8876A8AD0EEA7, 59772746A2DF3B7E8D021756B8A64569AC8468CA1C802EB594494224354F1E60 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
16:55:47.0766 0x23f8 avipbb - ok
16:55:47.0848 0x23f8 [ 0D32033DCB359FD98B4C3513EF849FE6, 5870D67526BC29D888DAF8DBAB04B1E97ED5C7C51484ED400A5E65D0EB61576A ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
16:55:47.0864 0x23f8 Avira.OE.ServiceHost - ok
16:55:47.0893 0x23f8 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
16:55:47.0908 0x23f8 avkmgr - ok
16:55:47.0940 0x23f8 [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
16:55:47.0952 0x23f8 avnetflt - ok
16:55:47.0984 0x23f8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:55:48.0054 0x23f8 AxInstSV - ok
16:55:48.0083 0x23f8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:55:48.0117 0x23f8 b06bdrv - ok
16:55:48.0138 0x23f8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:55:48.0172 0x23f8 b57nd60a - ok
16:55:48.0197 0x23f8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:55:48.0238 0x23f8 BDESVC - ok
16:55:48.0250 0x23f8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:55:48.0294 0x23f8 Beep - ok
16:55:48.0385 0x23f8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
16:55:48.0462 0x23f8 BFE - ok
16:55:48.0538 0x23f8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
16:55:48.0626 0x23f8 BITS - ok
16:55:48.0644 0x23f8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:55:48.0667 0x23f8 blbdrive - ok
16:55:48.0737 0x23f8 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:55:48.0755 0x23f8 Bonjour Service - ok
16:55:48.0783 0x23f8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:55:48.0803 0x23f8 bowser - ok
16:55:48.0818 0x23f8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:55:48.0856 0x23f8 BrFiltLo - ok
16:55:48.0867 0x23f8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:55:48.0878 0x23f8 BrFiltUp - ok
16:55:48.0902 0x23f8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
16:55:48.0923 0x23f8 Browser - ok
16:55:48.0946 0x23f8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:55:48.0994 0x23f8 Brserid - ok
16:55:49.0006 0x23f8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:55:49.0029 0x23f8 BrSerWdm - ok
16:55:49.0048 0x23f8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:55:49.0060 0x23f8 BrUsbMdm - ok
16:55:49.0069 0x23f8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:55:49.0079 0x23f8 BrUsbSer - ok
16:55:49.0097 0x23f8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:55:49.0123 0x23f8 BTHMODEM - ok
16:55:49.0148 0x23f8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:55:49.0185 0x23f8 bthserv - ok
16:55:49.0341 0x23f8 [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
16:55:49.0378 0x23f8 c2cautoupdatesvc - ok
16:55:49.0484 0x23f8 [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
16:55:49.0527 0x23f8 c2cpnrsvc - ok
16:55:49.0550 0x23f8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:55:49.0578 0x23f8 cdfs - ok
16:55:49.0610 0x23f8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:55:49.0623 0x23f8 cdrom - ok
16:55:49.0655 0x23f8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:55:49.0699 0x23f8 CertPropSvc - ok
16:55:49.0720 0x23f8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:55:49.0733 0x23f8 circlass - ok
16:55:49.0751 0x23f8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
16:55:49.0767 0x23f8 CLFS - ok
16:55:49.0827 0x23f8 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:55:49.0835 0x23f8 clr_optimization_v2.0.50727_32 - ok
16:55:49.0872 0x23f8 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:55:49.0887 0x23f8 clr_optimization_v2.0.50727_64 - ok
16:55:49.0954 0x23f8 [ 397C2677C25CBE213F3270245A401624, 8121E37108DE7A0402DC5111EBF452F91893B63EECE3AAD9EACF61C40D3FC182 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:55:49.0974 0x23f8 clr_optimization_v4.0.30319_32 - ok
16:55:50.0009 0x23f8 [ 29139759FCC4E4E0531ABE2EA82CE646, CFF7B2F4A9B37D343BE18DC40161DC03FA9DB308CAE9E0B3DF1FCDC3EBAC0C08 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:55:50.0029 0x23f8 clr_optimization_v4.0.30319_64 - ok
16:55:50.0044 0x23f8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:55:50.0061 0x23f8 CmBatt - ok
16:55:50.0080 0x23f8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:55:50.0094 0x23f8 cmdide - ok
16:55:50.0151 0x23f8 [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG C:\Windows\system32\Drivers\cng.sys
16:55:50.0186 0x23f8 CNG - ok
16:55:50.0198 0x23f8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:55:50.0206 0x23f8 Compbatt - ok
16:55:50.0234 0x23f8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:55:50.0246 0x23f8 CompositeBus - ok
16:55:50.0249 0x23f8 COMSysApp - ok
16:55:50.0261 0x23f8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:55:50.0269 0x23f8 crcdisk - ok
16:55:50.0300 0x23f8 [ C8BD651E13895B93ED9EC5B4F1DF42BC, D86D6BF0BA3C09B49B3A52C86A7F3B3856A27F79EDD86A8FFA469D9A5F196E8D ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
16:55:50.0306 0x23f8 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
16:55:52.0860 0x23f8 Detect skipped due to KSN trusted
16:55:52.0860 0x23f8 Creative ALchemy AL6 Licensing Service - ok
16:55:52.0912 0x23f8 [ 4F5414602E2544A4554D95517948B705, 50121AD32ACF73F541DF3B655020F7B610B3E7B5E8C7B39D37D5958F28CB376E ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:55:52.0946 0x23f8 CryptSvc - ok
16:55:53.0031 0x23f8 [ EDBA1382E5D7D1E71442B43E170CF8D4, 10E7A90FDC8498EBB8043A4B8BAD14104E68EBAE91149C5D1C1660E0D73995C9 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
16:55:53.0055 0x23f8 CTAudSvcService - detected UnsignedFile.Multi.Generic ( 1 )
16:55:55.0611 0x23f8 Detect skipped due to KSN trusted
16:55:55.0611 0x23f8 CTAudSvcService - ok
16:55:55.0724 0x23f8 [ 72794D112CBAFF3BC0C29BF7350D4741, 060C207F27306A3464FBCD8B08BDC97E34923ECA349933ECB059848BD08F41ED ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:55:55.0751 0x23f8 cvhsvc - ok
16:55:55.0808 0x23f8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:55:55.0879 0x23f8 DcomLaunch - ok
16:55:55.0913 0x23f8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:55:55.0948 0x23f8 defragsvc - ok
16:55:55.0985 0x23f8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:55:56.0034 0x23f8 DfsC - ok
16:55:56.0073 0x23f8 [ E428DFFA96FAD07D8CA3C9082563A225, F3D2E94A9FF2CF68CC99A8B42B8DEA5E57D46000D1845DC0908224493480C79F ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
16:55:56.0084 0x23f8 dg_ssudbus - ok
16:55:56.0120 0x23f8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:55:56.0162 0x23f8 Dhcp - ok
16:55:56.0172 0x23f8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:55:56.0198 0x23f8 discache - ok
16:55:56.0207 0x23f8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:55:56.0216 0x23f8 Disk - ok
16:55:56.0247 0x23f8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:55:56.0299 0x23f8 Dnscache - ok
16:55:56.0335 0x23f8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:55:56.0387 0x23f8 dot3svc - ok
16:55:56.0425 0x23f8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:55:56.0473 0x23f8 DPS - ok
16:55:56.0490 0x23f8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:55:56.0502 0x23f8 drmkaud - ok
16:55:56.0573 0x23f8 [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:55:56.0631 0x23f8 DXGKrnl - ok
16:55:56.0651 0x23f8 [ 6BAFD9819D9FEC2EDBAEBC8493C711A4, 689A30C9F881D8C49F90A6C75DA816055B43B84776E815C1DE80B3933ADBB174 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
16:55:56.0666 0x23f8 e1cexpress - ok
16:55:56.0679 0x23f8 EagleX64 - ok
16:55:56.0698 0x23f8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
16:55:56.0726 0x23f8 EapHost - ok
16:55:56.0740 0x23f8 EasyAntiCheat - ok
16:55:56.0831 0x23f8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:55:56.0961 0x23f8 ebdrv - ok
16:55:56.0999 0x23f8 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe
16:55:57.0028 0x23f8 EFS - ok
16:55:57.0082 0x23f8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:55:57.0181 0x23f8 ehRecvr - ok
16:55:57.0203 0x23f8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:55:57.0265 0x23f8 ehSched - ok
16:55:57.0305 0x23f8 [ A05FC7ECA0966EBB70E4D17B855A853B, 16A0C8138A3BBD8BE2658261131F9777940CFB1431018A10710E5C1A88AB70EA ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
16:55:57.0321 0x23f8 ElbyCDIO - ok
16:55:57.0353 0x23f8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:55:57.0381 0x23f8 elxstor - ok
16:55:57.0409 0x23f8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:55:57.0418 0x23f8 ErrDev - ok
16:55:57.0453 0x23f8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:55:57.0503 0x23f8 EventSystem - ok
16:55:57.0509 0x23f8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
16:55:57.0540 0x23f8 exfat - ok
16:55:57.0567 0x23f8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:55:57.0617 0x23f8 fastfat - ok
16:55:57.0679 0x23f8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:55:57.0762 0x23f8 Fax - ok
16:55:57.0767 0x23f8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:55:57.0800 0x23f8 fdc - ok
16:55:57.0819 0x23f8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:55:57.0868 0x23f8 fdPHost - ok
16:55:57.0881 0x23f8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:55:57.0929 0x23f8 FDResPub - ok
16:55:57.0951 0x23f8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:55:57.0960 0x23f8 FileInfo - ok
16:55:57.0972 0x23f8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:55:57.0998 0x23f8 Filetrace - ok
16:55:58.0055 0x23f8 [ ABEDFD48AC042C6AAAD32452E77217A1, BC45A1C36BDBC20EF4E7D3CFB5368912382D964CB34D050ED255F56307F4C910 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:55:58.0099 0x23f8 FLEXnet Licensing Service - ok
16:55:58.0109 0x23f8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:55:58.0119 0x23f8 flpydisk - ok
16:55:58.0154 0x23f8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:55:58.0179 0x23f8 FltMgr - ok
16:55:58.0257 0x23f8 [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache C:\Windows\system32\FntCache.dll
16:55:58.0352 0x23f8 FontCache - ok
16:55:58.0396 0x23f8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:55:58.0410 0x23f8 FontCache3.0.0.0 - ok
16:55:58.0422 0x23f8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:55:58.0434 0x23f8 FsDepends - ok
16:55:58.0467 0x23f8 [ C2E475625F2C6F7DCDE4E920523A0573, C316D2223008BD5EA022AFB79CC21B841939FA8D511729455E787E59A27A0DE6 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
16:55:58.0480 0x23f8 fssfltr - ok
16:55:58.0602 0x23f8 [ 4E2E6FEDFE4A3445DBD0C623A242362D, 3A580014BA8D5A8031FF26940D8DA6792F6041BF7B4B243E3F3C678F1AAB0310 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:55:58.0697 0x23f8 fsssvc - ok
16:55:58.0731 0x23f8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:55:58.0746 0x23f8 Fs_Rec - ok
16:55:58.0782 0x23f8 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:55:58.0806 0x23f8 fvevol - ok
16:55:58.0811 0x23f8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:55:58.0822 0x23f8 gagp30kx - ok
16:55:58.0855 0x23f8 [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:55:58.0867 0x23f8 GamesAppService - ok
16:55:58.0893 0x23f8 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:55:58.0902 0x23f8 GEARAspiWDM - ok
16:55:59.0027 0x23f8 [ EBF714703106C1D5BC3E7B4C389A5828, D09472BCF71B58CF8F463131AD778F4D2E189047EE6B9AF088BCDE7B25398682 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
16:55:59.0057 0x23f8 GfExperienceService - ok
16:55:59.0089 0x23f8 [ 16C2A6BCDDA8952C2035DEC861492A19, 9023CD3A2C1009786A48EF7FBCC97ED1724C836279424A4D465CCE1AFA2DBDDA ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
16:55:59.0097 0x23f8 ggflt - ok
16:55:59.0144 0x23f8 [ 6B503DF845EABF3457E49FBBDA26C10E, A1553E3822EDEA26D8E67FCC7F9EA40DFBED49EC92FD5674AAF938F2D58CF964 ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
16:55:59.0156 0x23f8 ggsemc - ok
16:55:59.0215 0x23f8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
16:55:59.0315 0x23f8 gpsvc - ok
16:55:59.0354 0x23f8 [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
16:55:59.0368 0x23f8 GREGService - ok
16:55:59.0435 0x23f8 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:55:59.0449 0x23f8 gupdate - ok
16:55:59.0454 0x23f8 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:55:59.0467 0x23f8 gupdatem - ok
16:55:59.0503 0x23f8 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
16:55:59.0519 0x23f8 hamachi - ok
16:55:59.0685 0x23f8 [ 03CABA844BC03C99DB84146BF51A9259, 81E6340B9C9DAC97FE5C6F26FEACAB204E857FD5B0490E52D209066B83610DBB ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
16:55:59.0739 0x23f8 Hamachi2Svc - ok
16:55:59.0750 0x23f8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:55:59.0771 0x23f8 hcw85cir - ok
16:55:59.0810 0x23f8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:55:59.0834 0x23f8 HdAudAddService - ok
16:55:59.0855 0x23f8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:55:59.0887 0x23f8 HDAudBus - ok
16:55:59.0891 0x23f8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:55:59.0904 0x23f8 HidBatt - ok
16:55:59.0909 0x23f8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:55:59.0923 0x23f8 HidBth - ok
16:55:59.0926 0x23f8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:55:59.0939 0x23f8 HidIr - ok
16:55:59.0978 0x23f8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
16:56:00.0037 0x23f8 hidserv - ok
16:56:00.0042 0x23f8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:56:00.0052 0x23f8 HidUsb - ok
16:56:00.0081 0x23f8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:56:00.0131 0x23f8 hkmsvc - ok
16:56:00.0160 0x23f8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:56:00.0188 0x23f8 HomeGroupListener - ok
16:56:00.0219 0x23f8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:56:00.0256 0x23f8 HomeGroupProvider - ok
16:56:00.0262 0x23f8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:56:00.0276 0x23f8 HpSAMD - ok
16:56:00.0318 0x23f8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:56:00.0375 0x23f8 HTTP - ok
16:56:00.0412 0x23f8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:56:00.0421 0x23f8 hwpolicy - ok
16:56:00.0460 0x23f8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:56:00.0471 0x23f8 i8042prt - ok
16:56:00.0493 0x23f8 [ F7CE9BE72EDAC499B713ECA6DAE5D26F, AF158C8ADF0815C406435AB051C8D8DD0ECBDBA8644CB75D7611980D70662193 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:56:00.0508 0x23f8 iaStor - ok
16:56:00.0547 0x23f8 [ B25F192EA1F84A316EB7C19EFCCCF33D, 00BACE87CCA40722FF3AD7243439201CDCC23D0BA01E25F928BF63DA12816F8F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:56:00.0556 0x23f8 IAStorDataMgrSvc - ok
16:56:00.0600 0x23f8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:56:00.0630 0x23f8 iaStorV - ok
16:56:00.0679 0x23f8 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:56:00.0716 0x23f8 idsvc - ok
16:56:00.0720 0x23f8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:56:00.0729 0x23f8 iirsp - ok
16:56:00.0784 0x23f8 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
16:56:00.0839 0x23f8 IKEEXT - ok
16:56:00.0931 0x23f8 [ C03463214D23B46B991F582821C8DF69, 506AC5AAA65D865A61C14E94CC77054BDFA1CB756939636AE508FDC5685CB14D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:56:01.0022 0x23f8 IntcAzAudAddService - ok
16:56:01.0059 0x23f8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
16:56:01.0071 0x23f8 intelide - ok
16:56:01.0095 0x23f8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:56:01.0113 0x23f8 intelppm - ok
16:56:01.0133 0x23f8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:56:01.0171 0x23f8 IPBusEnum - ok
16:56:01.0200 0x23f8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:56:01.0249 0x23f8 IpFilterDriver - ok
16:56:01.0350 0x23f8 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] IphlpSvc C:\Windows\System32\iphlpsvc.dll
16:56:01.0421 0x23f8 IphlpSvc - ok
16:56:01.0462 0x23f8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:56:01.0507 0x23f8 IPMIDRV - ok
16:56:01.0515 0x23f8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:56:01.0558 0x23f8 IPNAT - ok
16:56:01.0606 0x23f8 [ 4EFFC8FF6D349E971E94B1C670C0C66A, E92DA19CE9725BB4CC34DF94873C6B441AE61679A8C615780E1A1E9404C8FA26 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:56:01.0624 0x23f8 iPod Service - ok
16:56:01.0636 0x23f8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:56:01.0698 0x23f8 IRENUM - ok
16:56:01.0707 0x23f8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:56:01.0719 0x23f8 isapnp - ok
16:56:01.0766 0x23f8 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:56:01.0786 0x23f8 iScsiPrt - ok
16:56:01.0800 0x23f8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:56:01.0810 0x23f8 kbdclass - ok
16:56:01.0849 0x23f8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:56:01.0867 0x23f8 kbdhid - ok
16:56:01.0877 0x23f8 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe
16:56:01.0887 0x23f8 KeyIso - ok
16:56:01.0923 0x23f8 [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:56:01.0934 0x23f8 KSecDD - ok
16:56:01.0964 0x23f8 [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:56:01.0977 0x23f8 KSecPkg - ok
16:56:01.0987 0x23f8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:56:02.0016 0x23f8 ksthunk - ok
16:56:02.0049 0x23f8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:56:02.0085 0x23f8 KtmRm - ok
16:56:02.0108 0x23f8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:56:02.0139 0x23f8 LanmanServer - ok
16:56:02.0171 0x23f8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:56:02.0211 0x23f8 LanmanWorkstation - ok
16:56:02.0244 0x23f8 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
16:56:02.0252 0x23f8 LGBusEnum - ok
16:56:02.0296 0x23f8 [ F705A641C18DF31B48B5DBDA94B425E4, 1F47EE43CAFE5458E56467E127EE99B5FDBFF8B810CF92B232094B475DD42B21 ] LGPBTDD C:\Windows\system32\Drivers\LGPBTDD.sys
16:56:02.0309 0x23f8 LGPBTDD - ok
16:56:02.0345 0x23f8 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
16:56:02.0355 0x23f8 LGVirHid - ok
16:56:02.0389 0x23f8 [ 83BA097ACAAD0B00505634A62D90F93A, 6F1FE2F413A4A939D2D921F537EBB9330E2A65A7C38BD380CF9405792FD03052 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
16:56:02.0401 0x23f8 lirsgt - ok
16:56:02.0409 0x23f8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:56:02.0454 0x23f8 lltdio - ok
16:56:02.0497 0x23f8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:56:02.0536 0x23f8 lltdsvc - ok
16:56:02.0548 0x23f8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:56:02.0574 0x23f8 lmhosts - ok
16:56:02.0632 0x23f8 [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
16:56:02.0654 0x23f8 LMIGuardianSvc - ok
16:56:02.0695 0x23f8 [ 926EBA26A8B49D1597751CED06B50862, 886FC610E379BD77146ADDC376D77437D88B593C7F1C3FEE2B93D934A67310F8 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:56:02.0715 0x23f8 LMS - ok
16:56:02.0721 0x23f8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:56:02.0731 0x23f8 LSI_FC - ok
16:56:02.0736 0x23f8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:56:02.0746 0x23f8 LSI_SAS - ok
16:56:02.0750 0x23f8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:56:02.0760 0x23f8 LSI_SAS2 - ok
16:56:02.0765 0x23f8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:56:02.0775 0x23f8 LSI_SCSI - ok
16:56:02.0786 0x23f8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
16:56:02.0814 0x23f8 luafv - ok
16:56:02.0852 0x23f8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:56:02.0885 0x23f8 Mcx2Svc - ok
16:56:02.0888 0x23f8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:56:02.0897 0x23f8 megasas - ok
16:56:02.0906 0x23f8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:56:02.0920 0x23f8 MegaSR - ok
16:56:02.0943 0x23f8 [ 1C6E73FC46B509EFF9D0086AA37132DF, B4FB5512D75112C553FC22593F6123A7C9B9B7825D40148F604CCEFEB149FD97 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:56:02.0951 0x23f8 MEIx64 - ok
16:56:02.0960 0x23f8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:56:03.0003 0x23f8 MMCSS - ok
16:56:03.0021 0x23f8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:56:03.0062 0x23f8 Modem - ok
16:56:03.0066 0x23f8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:56:03.0087 0x23f8 monitor - ok
16:56:03.0102 0x23f8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:56:03.0110 0x23f8 mouclass - ok
16:56:03.0121 0x23f8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:56:03.0147 0x23f8 mouhid - ok
16:56:03.0177 0x23f8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:56:03.0187 0x23f8 mountmgr - ok
16:56:03.0221 0x23f8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
16:56:03.0241 0x23f8 mpio - ok
16:56:03.0258 0x23f8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:56:03.0285 0x23f8 mpsdrv - ok
16:56:03.0369 0x23f8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:56:03.0424 0x23f8 MpsSvc - ok
16:56:03.0470 0x23f8 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:56:03.0504 0x23f8 MRxDAV - ok
16:56:03.0536 0x23f8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:56:03.0563 0x23f8 mrxsmb - ok
16:56:03.0590 0x23f8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:56:03.0612 0x23f8 mrxsmb10 - ok
16:56:03.0650 0x23f8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:56:03.0682 0x23f8 mrxsmb20 - ok
16:56:03.0716 0x23f8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:56:03.0726 0x23f8 msahci - ok
16:56:03.0753 0x23f8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:56:03.0766 0x23f8 msdsm - ok
16:56:03.0787 0x23f8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:56:03.0822 0x23f8 MSDTC - ok
16:56:03.0847 0x23f8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:56:03.0880 0x23f8 Msfs - ok
16:56:03.0894 0x23f8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:56:03.0920 0x23f8 mshidkmdf - ok
16:56:03.0928 0x23f8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:56:03.0935 0x23f8 msisadrv - ok
16:56:03.0964 0x23f8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:56:04.0002 0x23f8 MSiSCSI - ok
16:56:04.0005 0x23f8 msiserver - ok
16:56:04.0020 0x23f8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:56:04.0045 0x23f8 MSKSSRV - ok
16:56:04.0056 0x23f8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:56:04.0094 0x23f8 MSPCLOCK - ok
16:56:04.0116 0x23f8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:56:04.0155 0x23f8 MSPQM - ok
16:56:04.0199 0x23f8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:56:04.0216 0x23f8 MsRPC - ok
16:56:04.0231 0x23f8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:56:04.0240 0x23f8 mssmbios - ok
16:56:04.0261 0x23f8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:56:04.0287 0x23f8 MSTEE - ok
16:56:04.0294 0x23f8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:56:04.0304 0x23f8 MTConfig - ok
16:56:04.0312 0x23f8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:56:04.0321 0x23f8 Mup - ok
16:56:04.0364 0x23f8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:56:04.0402 0x23f8 napagent - ok
16:56:04.0423 0x23f8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:56:04.0460 0x23f8 NativeWifiP - ok
16:56:04.0513 0x23f8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
16:56:04.0557 0x23f8 NDIS - ok
16:56:04.0561 0x23f8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:56:04.0589 0x23f8 NdisCap - ok
16:56:04.0592 0x23f8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:56:04.0618 0x23f8 NdisTapi - ok
16:56:04.0652 0x23f8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:56:04.0679 0x23f8 Ndisuio - ok
16:56:04.0712 0x23f8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:56:04.0741 0x23f8 NdisWan - ok
16:56:04.0775 0x23f8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:56:04.0838 0x23f8 NDProxy - ok
16:56:04.0935 0x23f8 [ 7D2633295EB6FF2B938185874884059D, B3A4E52ABCB2E2720D8ADB0B68C222D4AB98E838D40B6A731D15EB1D6C9DEA15 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
16:56:04.0982 0x23f8 Nero BackItUp Scheduler 4.0 - ok
16:56:04.0997 0x23f8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:56:05.0025 0x23f8 NetBIOS - ok
16:56:05.0058 0x23f8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:56:05.0090 0x23f8 NetBT - ok
16:56:05.0094 0x23f8 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe
16:56:05.0103 0x23f8 Netlogon - ok
16:56:05.0136 0x23f8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:56:05.0182 0x23f8 Netman - ok
16:56:05.0223 0x23f8 [ 9A7D3A1AA5C830744FF6C44BB55A347A, 42D3281893DB4C0DDA6A7BDA92D3CCE23968D0E3CF880777B8DBBFD955629B08 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:56:05.0235 0x23f8 NetMsmqActivator - ok
16:56:05.0241 0x23f8 [ 9A7D3A1AA5C830744FF6C44BB55A347A, 42D3281893DB4C0DDA6A7BDA92D3CCE23968D0E3CF880777B8DBBFD955629B08 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:56:05.0252 0x23f8 NetPipeActivator - ok
16:56:05.0264 0x23f8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:56:05.0302 0x23f8 netprofm - ok
16:56:05.0312 0x23f8 [ 9A7D3A1AA5C830744FF6C44BB55A347A, 42D3281893DB4C0DDA6A7BDA92D3CCE23968D0E3CF880777B8DBBFD955629B08 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:56:05.0323 0x23f8 NetTcpActivator - ok
16:56:05.0328 0x23f8 [ 9A7D3A1AA5C830744FF6C44BB55A347A, 42D3281893DB4C0DDA6A7BDA92D3CCE23968D0E3CF880777B8DBBFD955629B08 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:56:05.0339 0x23f8 NetTcpPortSharing - ok
16:56:05.0344 0x23f8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:56:05.0353 0x23f8 nfrd960 - ok
16:56:05.0395 0x23f8 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:56:05.0434 0x23f8 NlaSvc - ok
16:56:05.0555 0x23f8 [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
16:56:05.0615 0x23f8 NOBU - ok
16:56:05.0638 0x23f8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:56:05.0664 0x23f8 Npfs - ok
16:56:05.0667 0x23f8 npggsvc - ok
16:56:05.0713 0x23f8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
16:56:05.0776 0x23f8 nsi - ok
16:56:05.0782 0x23f8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:56:05.0814 0x23f8 nsiproxy - ok
16:56:05.0897 0x23f8 [ A2F74975097F52A00745F9637451FDD8, C681DDBD3382C477C2A030E828B5CFB529CB57C7847BD9AFF25E2A5E58B2DAF3 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:56:05.0967 0x23f8 Ntfs - ok
16:56:05.0979 0x23f8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:56:06.0006 0x23f8 Null - ok
16:56:06.0033 0x23f8 [ 805F0C2B9C07E4C0F74D0EF70E9E827A, 32D3DA095788F7F7BA52AC56C8C0DD6D9D388ED3ECEAFEF23EDB8F5812FF953E ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
16:56:06.0046 0x23f8 NVHDA - ok
16:56:06.0378 0x23f8 [ EE6B7B6A54BCAFF516E30B1C15467495, 85D5E22593549C7980AA3523F0C9C4391E0D147B29F07500A8DA68F49D80A84F ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:56:06.0730 0x23f8 nvlddmkm - ok
16:56:06.0865 0x23f8 [ F758A5752CA282925CE3324FDBBADBED, E9DE21AE4509BC401FE7BD717E1585BDEAF2E016A4DC8BB829DD43F54101923F ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
16:56:06.0909 0x23f8 NvNetworkService - ok
16:56:06.0932 0x23f8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:56:06.0944 0x23f8 nvraid - ok
16:56:06.0985 0x23f8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:56:06.0997 0x23f8 nvstor - ok
16:56:07.0038 0x23f8 [ 0772513BF441995A61A6C6F87BE12174, 308203FACAAFC87AA18765F0F358ADF5F99D0CAA9ADE51C14C43416FAB68FA18 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:56:07.0046 0x23f8 NvStreamKms - ok
16:56:07.0073 0x23f8 NvStreamSvc - ok
16:56:07.0123 0x23f8 [ 25626309AD2F81D47C829CCB5E46E478, D23F9F72C064B5D2A7979674703585345A78F7BE88887794FC9CA2971818B3DC ] NVSvc C:\Windows\system32\nvvsvc.exe
16:56:07.0147 0x23f8 NVSvc - ok
16:56:07.0185 0x23f8 [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
16:56:07.0200 0x23f8 nvvad_WaveExtensible - ok
16:56:07.0223 0x23f8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:56:07.0241 0x23f8 nv_agp - ok
16:56:07.0267 0x23f8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:56:07.0286 0x23f8 ohci1394 - ok
16:56:07.0417 0x23f8 [ D06C2368C93396C6B983CE60523BA99F, ABC90E2DC2DE577AFA37BF34630502AA209C9556DFCC1757844D95D9370FFA8C ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
16:56:07.0510 0x23f8 Origin Client Service - ok
16:56:07.0546 0x23f8 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:56:07.0556 0x23f8 ose - ok
16:56:07.0723 0x23f8 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:56:07.0897 0x23f8 osppsvc - ok
16:56:07.0945 0x23f8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:56:08.0012 0x23f8 p2pimsvc - ok
16:56:08.0054 0x23f8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
16:56:08.0083 0x23f8 p2psvc - ok
16:56:08.0098 0x23f8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:56:08.0109 0x23f8 Parport - ok
16:56:08.0150 0x23f8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:56:08.0166 0x23f8 partmgr - ok
16:56:08.0188 0x23f8 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
16:56:08.0229 0x23f8 PcaSvc - ok
16:56:08.0256 0x23f8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
16:56:08.0275 0x23f8 pci - ok
16:56:08.0293 0x23f8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:56:08.0305 0x23f8 pciide - ok
16:56:08.0323 0x23f8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:56:08.0336 0x23f8 pcmcia - ok
16:56:08.0345 0x23f8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:56:08.0355 0x23f8 pcw - ok
16:56:08.0377 0x23f8 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:56:08.0439 0x23f8 PEAUTH - ok
16:56:08.0515 0x23f8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:56:08.0549 0x23f8 PerfHost - ok
16:56:08.0649 0x23f8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
16:56:08.0733 0x23f8 pla - ok
16:56:08.0792 0x23f8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:56:08.0824 0x23f8 PlugPlay - ok
16:56:08.0834 0x23f8 PnkBstrA - ok
16:56:08.0868 0x23f8 PnkBstrB - ok
16:56:08.0884 0x23f8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:56:08.0917 0x23f8 PNRPAutoReg - ok
16:56:08.0932 0x23f8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:56:08.0956 0x23f8 PNRPsvc - ok
16:56:08.0983 0x23f8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:56:09.0030 0x23f8 PolicyAgent - ok
16:56:09.0067 0x23f8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:56:09.0111 0x23f8 Power - ok
16:56:09.0151 0x23f8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:56:09.0189 0x23f8 PptpMiniport - ok
16:56:09.0194 0x23f8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:56:09.0210 0x23f8 Processor - ok
16:56:09.0247 0x23f8 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
16:56:09.0271 0x23f8 ProfSvc - ok
16:56:09.0287 0x23f8 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
16:56:09.0297 0x23f8 ProtectedStorage - ok
16:56:09.0331 0x23f8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:56:09.0368 0x23f8 Psched - ok
16:56:09.0392 0x23f8 [ FBF4DB6D53585437E41A113300002A2B, A0145CE87A95DA3775B28A00E741660C26ADE34BBCC7FC502ED809931482C8F2 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
16:56:09.0400 0x23f8 PxHlpa64 - ok
16:56:09.0436 0x23f8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:56:09.0480 0x23f8 ql2300 - ok
16:56:09.0494 0x23f8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:56:09.0505 0x23f8 ql40xx - ok
16:56:09.0637 0x23f8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:56:09.0670 0x23f8 QWAVE - ok
16:56:09.0692 0x23f8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:56:09.0706 0x23f8 QWAVEdrv - ok
16:56:09.0721 0x23f8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:56:09.0748 0x23f8 RasAcd - ok
16:56:09.0772 0x23f8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:56:09.0799 0x23f8 RasAgileVpn - ok
16:56:09.0812 0x23f8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:56:09.0841 0x23f8 RasAuto - ok
16:56:09.0879 0x23f8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:56:09.0938 0x23f8 Rasl2tp - ok
16:56:09.0977 0x23f8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:56:10.0036 0x23f8 RasMan - ok
16:56:10.0055 0x23f8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:56:10.0083 0x23f8 RasPppoe - ok
16:56:10.0099 0x23f8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:56:10.0127 0x23f8 RasSstp - ok
16:56:10.0169 0x23f8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:56:10.0220 0x23f8 rdbss - ok
16:56:10.0225 0x23f8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:56:10.0236 0x23f8 rdpbus - ok
16:56:10.0257 0x23f8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:56:10.0282 0x23f8 RDPCDD - ok
16:56:10.0288 0x23f8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:56:10.0323 0x23f8 RDPENCDD - ok
16:56:10.0347 0x23f8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:56:10.0372 0x23f8 RDPREFMP - ok
16:56:10.0400 0x23f8 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:56:10.0438 0x23f8 RDPWD - ok
16:56:10.0481 0x23f8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:56:10.0494 0x23f8 rdyboost - ok
16:56:10.0545 0x23f8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:56:10.0604 0x23f8 RemoteAccess - ok
16:56:10.0618 0x23f8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:56:10.0657 0x23f8 RemoteRegistry - ok
16:56:10.0673 0x23f8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:56:10.0712 0x23f8 RpcEptMapper - ok
16:56:10.0731 0x23f8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:56:10.0759 0x23f8 RpcLocator - ok
16:56:10.0808 0x23f8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
16:56:10.0860 0x23f8 RpcSs - ok
16:56:10.0879 0x23f8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:56:10.0907 0x23f8 rspndr - ok
16:56:10.0931 0x23f8 [ B88880586ACD3EDEFCD0F9C2A6C1EE27, 901EEA6C7CC4AA19C3D79E52D4892F9965B61D51DBE0855ACCB64BB6B2260353 ] RTL2832UBDA C:\Windows\system32\drivers\RTL2832UBDA.sys
16:56:10.0943 0x23f8 RTL2832UBDA - ok
16:56:10.0952 0x23f8 [ 4C04300EE6A5E780FD4E2F0806AECA0E, 85C01DDABEC393D85DD5F243EDF4792036209BCC01CE23296F0305AD1D2CFA71 ] RTL2832UUSB C:\Windows\system32\Drivers\RTL2832UUSB.sys
16:56:10.0960 0x23f8 RTL2832UUSB - ok
16:56:10.0971 0x23f8 [ C24DF587D59345FCA718FE550EB036D7, 50B3D26C0F633B90B399C2E466108CE0B6A592CBE969CEE4A44E5F4EC9F07258 ] RTL2832U_IRHID C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys
16:56:10.0979 0x23f8 RTL2832U_IRHID - ok
16:56:10.0988 0x23f8 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\Windows\system32\lsass.exe
16:56:10.0997 0x23f8 SamSs - ok
16:56:11.0036 0x23f8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:56:11.0046 0x23f8 sbp2port - ok
16:56:11.0060 0x23f8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:56:11.0108 0x23f8 SCardSvr - ok
16:56:11.0139 0x23f8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:56:11.0186 0x23f8 scfilter - ok
16:56:11.0241 0x23f8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
16:56:11.0338 0x23f8 Schedule - ok
16:56:11.0366 0x23f8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:56:11.0394 0x23f8 SCPolicySvc - ok
16:56:11.0431 0x23f8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:56:11.0462 0x23f8 SDRSVC - ok
16:56:11.0481 0x23f8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:56:11.0526 0x23f8 secdrv - ok
16:56:11.0559 0x23f8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
16:56:11.0615 0x23f8 seclogon - ok
16:56:11.0634 0x23f8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
16:56:11.0662 0x23f8 SENS - ok
16:56:11.0676 0x23f8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:56:11.0698 0x23f8 SensrSvc - ok
16:56:11.0716 0x23f8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:56:11.0726 0x23f8 Serenum - ok
16:56:11.0731 0x23f8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:56:11.0742 0x23f8 Serial - ok
16:56:11.0780 0x23f8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:56:11.0798 0x23f8 sermouse - ok
16:56:11.0848 0x23f8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:56:11.0889 0x23f8 SessionEnv - ok
16:56:11.0923 0x23f8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:56:11.0959 0x23f8 sffdisk - ok
16:56:11.0977 0x23f8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:56:11.0991 0x23f8 sffp_mmc - ok
16:56:11.0997 0x23f8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:56:12.0013 0x23f8 sffp_sd - ok
16:56:12.0030 0x23f8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:56:12.0041 0x23f8 sfloppy - ok
16:56:12.0101 0x23f8 [ C6CC9297BD53E5229653303E556AA539, 921E21EDED244FEE15B56564B97C97785F45AB862C1012BFA0B96B121DC90076 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
16:56:12.0134 0x23f8 Sftfs - ok
16:56:12.0207 0x23f8 [ 13693B6354DD6E72DC5131DA7D764B90, 447EFDA7CFB1F62EA316219D996406C8DC374097DB903F362D6E945227D8BB2D ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:56:12.0230 0x23f8 sftlist - ok
16:56:12.0244 0x23f8 [ 390AA7BC52CEE43F6790CDEA1E776703, 0D008289E4B14EF56D5233B7C8C789A36503FBAA8896660776557D6F08808FA7 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:56:12.0257 0x23f8 Sftplay - ok
16:56:12.0265 0x23f8 [ 617E29A0B0A2807466560D4C4E338D3E, 5E95D38DB9A6776EB4A15A952FA7949831D6F660EED8C3E79BD09D102BAC5D67 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:56:12.0272 0x23f8 Sftredir - ok
16:56:12.0279 0x23f8 [ 8F571F016FA1976F445147E9E6C8AE9B, 527AB960F2E08F598D1B953BDA4EA749831DD3C765DA278044B8AB22365F02B5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
16:56:12.0286 0x23f8 Sftvol - ok
16:56:12.0307 0x23f8 [ C3CDDD18F43D44AB713CF8C4916F7696, 38093295825AFDD08D7E32CC4EF2A6C447F6D6E3C6F7EA5554C25E7C3F16FC92 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:56:12.0317 0x23f8 sftvsa - ok
16:56:12.0360 0x23f8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:56:12.0395 0x23f8 SharedAccess - ok
16:56:12.0439 0x23f8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:56:12.0487 0x23f8 ShellHWDetection - ok
16:56:12.0493 0x23f8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:56:12.0501 0x23f8 SiSRaid2 - ok
16:56:12.0507 0x23f8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:56:12.0516 0x23f8 SiSRaid4 - ok
16:56:12.0598 0x23f8 [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:56:12.0620 0x23f8 SkypeUpdate - ok
16:56:12.0626 0x23f8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:56:12.0654 0x23f8 Smb - ok
16:56:12.0671 0x23f8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:56:12.0682 0x23f8 SNMPTRAP - ok
16:56:12.0756 0x23f8 [ 3A4F2C0BB87A0895ABEBA341AA1E341B, 4DADEEF3C5D181502D6F4A00FBBF3B001FA626E49569FB330D7AE2955CC7DE08 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
16:56:12.0770 0x23f8 Sony PC Companion - ok
16:56:12.0817 0x23f8 [ 3BB48F7E33C2B76184DDF233000C09CD, D1AAE5B0425047CA0C2D376D3E59324D35A90DF9074CD442DFD0ED6E434D3C84 ] Sony SCSI Helper Service C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
16:56:12.0826 0x23f8 Sony SCSI Helper Service - detected UnsignedFile.Multi.Generic ( 1 )
16:56:15.0381 0x23f8 Detect skipped due to KSN trusted
16:56:15.0381 0x23f8 Sony SCSI Helper Service - ok
16:56:15.0396 0x23f8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:56:15.0410 0x23f8 spldr - ok
16:56:15.0472 0x23f8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
16:56:15.0535 0x23f8 Spooler - ok
16:56:15.0678 0x23f8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:56:15.0897 0x23f8 sppsvc - ok
16:56:15.0917 0x23f8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:56:15.0958 0x23f8 sppuinotify - ok
16:56:16.0002 0x23f8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:56:16.0053 0x23f8 srv - ok
16:56:16.0075 0x23f8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:56:16.0096 0x23f8 srv2 - ok
16:56:16.0136 0x23f8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:56:16.0166 0x23f8 srvnet - ok
16:56:16.0193 0x23f8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:56:16.0247 0x23f8 SSDPSRV - ok
16:56:16.0273 0x23f8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:56:16.0308 0x23f8 SstpSvc - ok
16:56:16.0345 0x23f8 [ AAF6F247F1DC370C593B4430974EAD9C, 232D0D62EC83A5537ADB28B5DC01074BA812FE6C70C54F70CD7A5EF1BC19D3E1 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
16:56:16.0357 0x23f8 ssudmdm - ok
16:56:16.0417 0x23f8 [ F8373AB19D5573DBC7533F428577CEAB, D7B4AD9E1019FB72B68095C9580FF690FB31D5E32341DABA44941C5C8C59F8DE ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:56:16.0441 0x23f8 Steam Client Service - ok
16:56:16.0525 0x23f8 [ 2222073BE0232E70A397B8302293AA9D, C4C5D7D11F88CBB674667371F4A2AF17C530E2E2C855BC5C417EF623C1CF8F65 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:56:16.0548 0x23f8 Stereo Service - ok
16:56:16.0553 0x23f8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:56:16.0561 0x23f8 stexstor - ok
16:56:16.0618 0x23f8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:56:16.0658 0x23f8 stisvc - ok
16:56:16.0741 0x23f8 [ 3FB1D84D673B4A9AF3856C8843C7A464, CC04C518005BF72C6A13E6A42FCC1FCCC56EF593DCEB88C387F2FF95C4D9323B ] StumbleUponUpdater C:\Users\Tim\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe
16:56:16.0748 0x23f8 StumbleUponUpdater - detected UnsignedFile.Multi.Generic ( 1 )
16:56:19.0319 0x23f8 Detect skipped due to KSN trusted
16:56:19.0319 0x23f8 StumbleUponUpdater - ok
16:56:19.0342 0x23f8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
16:56:19.0356 0x23f8 swenum - ok
16:56:19.0395 0x23f8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:56:19.0480 0x23f8 swprv - ok
16:56:19.0579 0x23f8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
16:56:19.0672 0x23f8 SysMain - ok
16:56:19.0707 0x23f8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:56:19.0724 0x23f8 TabletInputService - ok
16:56:19.0768 0x23f8 [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
16:56:19.0779 0x23f8 tap0901 - ok
16:56:19.0813 0x23f8 [ BCF5E78E87D258088346E399E406E501, FD75AC5A7085E08AB00A2D0CE01970873598E381B6542DC5EBAC240D727AF6D7 ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
16:56:19.0828 0x23f8 taphss6 - ok
16:56:19.0873 0x23f8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:56:19.0940 0x23f8 TapiSrv - ok
16:56:19.0963 0x23f8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
16:56:20.0000 0x23f8 TBS - ok
16:56:20.0074 0x23f8 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC, 12B84828F4E3B8AA3CD178AF47CF1F172A35B74C0C9F5F72EEA06451816B6E27 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:56:20.0145 0x23f8 Tcpip - ok
16:56:20.0192 0x23f8 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC, 12B84828F4E3B8AA3CD178AF47CF1F172A35B74C0C9F5F72EEA06451816B6E27 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:56:20.0237 0x23f8 TCPIP6 - ok
16:56:20.0261 0x23f8 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:56:20.0301 0x23f8 tcpipreg - ok
16:56:20.0326 0x23f8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:56:20.0367 0x23f8 TDPIPE - ok
16:56:20.0401 0x23f8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:56:20.0435 0x23f8 TDTCP - ok
16:56:20.0474 0x23f8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:56:20.0502 0x23f8 tdx - ok
16:56:20.0711 0x23f8 [ 6EC042A004268B3EA2FB96D939303095, 0E889FB317AF484DA4A8529C5569350C69F4587C2B455C0F559E8061ECC2247B ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
16:56:20.0823 0x23f8 TeamViewer - ok
16:56:20.0845 0x23f8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
16:56:20.0854 0x23f8 TermDD - ok
16:56:20.0914 0x23f8 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
16:56:20.0978 0x23f8 TermService - ok
16:56:20.0984 0x23f8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:56:20.0998 0x23f8 Themes - ok
16:56:21.0026 0x23f8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:56:21.0054 0x23f8 THREADORDER - ok
16:56:21.0081 0x23f8 [ 48951FBFFFCAE52FADFCDFB76ED19749, A0D4B3944DCB8583864A5DC61C0FF7F437409FC4F3437DD3A83E62D9F22BDB25 ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys
16:56:21.0091 0x23f8 tmtdi - ok
16:56:21.0107 0x23f8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:56:21.0150 0x23f8 TrkWks - ok
16:56:21.0193 0x23f8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:56:21.0223 0x23f8 TrustedInstaller - ok
16:56:21.0246 0x23f8 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:56:21.0281 0x23f8 tssecsrv - ok
16:56:21.0301 0x23f8 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:56:21.0318 0x23f8 TsUsbFlt - ok
16:56:21.0346 0x23f8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:56:21.0392 0x23f8 tunnel - ok
16:56:21.0409 0x23f8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:56:21.0418 0x23f8 uagp35 - ok
16:56:21.0456 0x23f8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:56:21.0490 0x23f8 udfs - ok
16:56:21.0551 0x23f8 [ 88A68DA9B38708A511CEAFEAB0383849, 27F1FD389E9C5FE202D888F89137FA30146CAF9439F0D101F9D7F1D3BA106F56 ] UHSfiltv C:\Windows\system32\drivers\UHSfiltv.sys
16:56:21.0573 0x23f8 UHSfiltv - ok
16:56:21.0586 0x23f8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:56:21.0598 0x23f8 UI0Detect - ok
16:56:21.0611 0x23f8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:56:21.0620 0x23f8 uliagpkx - ok
16:56:21.0656 0x23f8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
16:56:21.0687 0x23f8 umbus - ok
16:56:21.0706 0x23f8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:56:21.0734 0x23f8 UmPass - ok
16:56:21.0852 0x23f8 [ FDF92EC84FECEE834FB10A2A0A19BCDA, F81FCA3BEC10C84335DBAD9D2CDAB98C62252A864F23BDD482F97F86D5FA0B15 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:56:21.0910 0x23f8 UNS - ok
16:56:21.0942 0x23f8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:56:21.0977 0x23f8 upnphost - ok
16:56:22.0009 0x23f8 [ AF1B9474D67897D0C2CFF58E0ACEACCC, 5ED9836EC7BEEB6706C327EF199E9B674863ED8C83890DDE5E5A6554C2DA5288 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:56:22.0014 0x23f8 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
16:56:24.0638 0x23f8 Detect skipped due to KSN trusted
16:56:24.0638 0x23f8 USBAAPL64 - ok
16:56:24.0672 0x23f8 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A, DE1CDDEEF2285CC8387E88ACB13C000576DC8819DF6DC648C988068B5C83BB15 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:56:24.0696 0x23f8 usbaudio - ok
16:56:24.0707 0x23f8 [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:56:24.0728 0x23f8 usbccgp - ok
16:56:24.0764 0x23f8 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:56:24.0788 0x23f8 usbcir - ok
16:56:24.0796 0x23f8 [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:56:24.0821 0x23f8 usbehci - ok
16:56:24.0872 0x23f8 [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:56:24.0920 0x23f8 usbhub - ok
16:56:24.0992 0x23f8 [ F9B3054339A71F16430F6585EBC8BE96, F3EA2CE52504CEC03DBD274C40F2A01BFD52960D52454B4CB0614BC203FD0DB7 ] USBMULCD C:\Windows\system32\drivers\CM10664.sys
16:56:25.0103 0x23f8 USBMULCD - ok
16:56:25.0112 0x23f8 [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:56:25.0122 0x23f8 usbohci - ok
16:56:25.0137 0x23f8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:56:25.0159 0x23f8 usbprint - ok
16:56:25.0193 0x23f8 [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:56:25.0214 0x23f8 usbscan - ok
16:56:25.0236 0x23f8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:56:25.0282 0x23f8 USBSTOR - ok
16:56:25.0298 0x23f8 [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:56:25.0333 0x23f8 usbuhci - ok
16:56:25.0340 0x23f8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:56:25.0380 0x23f8 UxSms - ok
16:56:25.0410 0x23f8 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\Windows\system32\lsass.exe
16:56:25.0419 0x23f8 VaultSvc - ok
16:56:25.0488 0x23f8 [ D6C1F7B354C49A248BD897D4B7BA3C37, 90C9E8BED1AEB314636A7BC86E26E484EADE53C744D2E8A7A316459709760A5E ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
16:56:25.0545 0x23f8 VBoxDrv - ok
16:56:25.0569 0x23f8 [ 95717FCA60876284568B5CD476A59C41, 9A360985F072448A89890ACC5DD2155DDA0FD1EC2FFAC4697F0CFE60548CC980 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
16:56:25.0580 0x23f8 VBoxNetAdp - ok
16:56:25.0617 0x23f8 [ 15C038D331E2497DF81926A379D87FEC, C56208F4F6D1FD2E6CB6ECB6B258ABE71B22CC07136258C623FE42676E6F26AF ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
16:56:25.0628 0x23f8 VBoxNetFlt - ok
16:56:25.0667 0x23f8 [ 93B031F740A2E1BB8B6C713DD09A897F, 22AF911DD4C1C1E256F0CA086CF32F222E1040056C859A2E97AA1D39A0A4B0AB ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
16:56:25.0685 0x23f8 VBoxUSBMon - ok
16:56:25.0740 0x23f8 [ FD911873C0BB6945FA38C16E9A2B58F9, EF8C833321449A6E8B671890F2EBC82ABC276B890D274AADDB626D763EE98964 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
16:56:25.0766 0x23f8 VClone - ok
16:56:25.0787 0x23f8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:56:25.0802 0x23f8 vdrvroot - ok
16:56:25.0859 0x23f8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:56:25.0921 0x23f8 vds - ok
16:56:25.0926 0x23f8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:56:25.0937 0x23f8 vga - ok
16:56:25.0952 0x23f8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:56:25.0978 0x23f8 VgaSave - ok
16:56:26.0001 0x23f8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:56:26.0014 0x23f8 vhdmp - ok
16:56:26.0048 0x23f8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:56:26.0060 0x23f8 viaide - ok
16:56:26.0080 0x23f8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:56:26.0092 0x23f8 volmgr - ok
16:56:26.0147 0x23f8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:56:26.0173 0x23f8 volmgrx - ok
16:56:26.0190 0x23f8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:56:26.0204 0x23f8 volsnap - ok
16:56:26.0212 0x23f8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:56:26.0223 0x23f8 vsmraid - ok
16:56:26.0304 0x23f8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:56:26.0380 0x23f8 VSS - ok
16:56:26.0490 0x23f8 [ 56E1E4442E4613FB2039A6B7421F4E58, AAE02F6DDB6DF03FEB28BFF484C80D5F11159C59CC3AAAAE76F0882E0DB33F40 ] vToolbarUpdater11.0.2 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
16:56:26.0519 0x23f8 vToolbarUpdater11.0.2 - ok
16:56:26.0525 0x23f8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
16:56:26.0554 0x23f8 vwifibus - ok
16:56:26.0581 0x23f8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:56:26.0617 0x23f8 W32Time - ok
16:56:26.0625 0x23f8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:56:26.0634 0x23f8 WacomPen - ok
16:56:26.0645 0x23f8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:56:26.0672 0x23f8 WANARP - ok
16:56:26.0678 0x23f8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:56:26.0704 0x23f8 Wanarpv6 - ok
16:56:26.0773 0x23f8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:56:26.0850 0x23f8 wbengine - ok
16:56:26.0884 0x23f8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:56:26.0902 0x23f8 WbioSrvc - ok
16:56:26.0947 0x23f8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:56:26.0987 0x23f8 wcncsvc - ok
16:56:26.0993 0x23f8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:56:27.0015 0x23f8 WcsPlugInService - ok
16:56:27.0019 0x23f8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:56:27.0028 0x23f8 Wd - ok
16:56:27.0061 0x23f8 [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:56:27.0085 0x23f8 Wdf01000 - ok
16:56:27.0094 0x23f8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:56:27.0177 0x23f8 WdiServiceHost - ok
16:56:27.0183 0x23f8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:56:27.0198 0x23f8 WdiSystemHost - ok
16:56:27.0233 0x23f8 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
16:56:27.0268 0x23f8 WebClient - ok
16:56:27.0288 0x23f8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:56:27.0334 0x23f8 Wecsvc - ok
16:56:27.0349 0x23f8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:56:27.0378 0x23f8 wercplsupport - ok
16:56:27.0395 0x23f8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:56:27.0422 0x23f8 WerSvc - ok
16:56:27.0435 0x23f8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:56:27.0460 0x23f8 WfpLwf - ok
16:56:27.0465 0x23f8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:56:27.0473 0x23f8 WIMMount - ok
16:56:27.0506 0x23f8 WinDefend - ok
16:56:27.0516 0x23f8 WinHttpAutoProxySvc - ok
16:56:27.0553 0x23f8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:56:27.0597 0x23f8 Winmgmt - ok
16:56:27.0691 0x23f8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
16:56:27.0788 0x23f8 WinRM - ok
16:56:27.0824 0x23f8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:56:27.0852 0x23f8 WinUsb - ok
16:56:27.0915 0x23f8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:56:27.0978 0x23f8 Wlansvc - ok
16:56:28.0145 0x23f8 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:56:28.0196 0x23f8 wlidsvc - ok
16:56:28.0252 0x23f8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:56:28.0270 0x23f8 WmiAcpi - ok
16:56:28.0298 0x23f8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:56:28.0332 0x23f8 wmiApSrv - ok
16:56:28.0339 0x23f8 WMPNetworkSvc - ok
16:56:28.0346 0x23f8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:56:28.0380 0x23f8 WPCSvc - ok
16:56:28.0420 0x23f8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:56:28.0460 0x23f8 WPDBusEnum - ok
16:56:28.0484 0x23f8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:56:28.0534 0x23f8 ws2ifsl - ok
16:56:28.0580 0x23f8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
16:56:28.0626 0x23f8 wscsvc - ok
16:56:28.0633 0x23f8 WSearch - ok
16:56:28.0785 0x23f8 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
16:56:28.0880 0x23f8 wuauserv - ok
16:56:28.0894 0x23f8 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:56:28.0922 0x23f8 WudfPf - ok
16:56:28.0953 0x23f8 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:56:28.0999 0x23f8 WUDFRd - ok
16:56:29.0038 0x23f8 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:56:29.0067 0x23f8 wudfsvc - ok
16:56:29.0092 0x23f8 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
16:56:29.0127 0x23f8 WwanSvc - ok
16:56:29.0186 0x23f8 X6va008 - ok
16:56:29.0193 0x23f8 X6va009 - ok
16:56:29.0202 0x23f8 X6va011 - ok
16:56:29.0226 0x23f8 [ 754C8BF43F0DD4B54865F174A62761E9, 921597FE5154939314DACA57361C5A03A622B9AA61D51A45A09995A6D1A923A7 ] XENfiltv C:\Windows\system32\drivers\XENfiltv.sys
16:56:29.0268 0x23f8 XENfiltv - ok
16:56:29.0273 0x23f8 xhunter1 - ok
16:56:29.0305 0x23f8 ================ Scan global ===============================
16:56:29.0335 0x23f8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:56:29.0380 0x23f8 [ EB6A48CC998E1090E44E8E7F1009A640, 94001F8AEB2A398E7C267C90183ABED2AFA6FC4C219027C861C6C1329093464A ] C:\Windows\system32\winsrv.dll
16:56:29.0391 0x23f8 [ EB6A48CC998E1090E44E8E7F1009A640, 94001F8AEB2A398E7C267C90183ABED2AFA6FC4C219027C861C6C1329093464A ] C:\Windows\system32\winsrv.dll
16:56:29.0412 0x23f8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:56:29.0443 0x23f8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:56:29.0451 0x23f8 [ Global ] - ok
16:56:29.0452 0x23f8 ================ Scan MBR ==================================
16:56:29.0466 0x23f8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:56:29.0764 0x23f8 \Device\Harddisk0\DR0 - ok
16:56:29.0764 0x23f8 ================ Scan VBR ==================================
16:56:29.0767 0x23f8 [ A51B69A3E3DA1B9F3CBD030923517FC2 ] \Device\Harddisk0\DR0\Partition1
16:56:29.0783 0x23f8 \Device\Harddisk0\DR0\Partition1 - ok
16:56:29.0786 0x23f8 [ 903DF34BC8748347BFCE951890145AA4 ] \Device\Harddisk0\DR0\Partition2
16:56:29.0799 0x23f8 \Device\Harddisk0\DR0\Partition2 - ok
16:56:29.0802 0x23f8 [ EC837C8B68ABE6352782525071566DCF ] \Device\Harddisk0\DR0\Partition3
16:56:29.0803 0x23f8 \Device\Harddisk0\DR0\Partition3 - ok
16:56:29.0805 0x23f8 ================ Scan generic autorun ======================
16:56:30.0148 0x23f8 [ DB3E4EB4BDA2822249D38367DE5905CC, C6B5DD8FC5D0AA96CB38FD960C7C12A4C10BA6D2EB5A1CA8D5FBB2F03F62CAFF ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
16:56:30.0377 0x23f8 RtHDVCpl - ok
16:56:30.0401 0x23f8 [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\syswow64\RunDll32.exe
16:56:30.0427 0x23f8 Cm106Sound - ok
16:56:30.0446 0x23f8 Nvtmru - ok
16:56:30.0711 0x23f8 [ 2AA3480A3980B77338057E55CF8F5469, 508A75BBBDBD4714CC31F74607B79D48B0CF12C2CA36AFDD184B1CEDB0D842F5 ] C:\Program Files\Logitech Gaming Software\LCore.exe
16:56:30.0876 0x23f8 Launch LCore - ok
16:56:30.0890 0x23f8 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
16:56:30.0902 0x23f8 ShadowPlay - ok
16:56:31.0019 0x23f8 [ 638644168D9B5B5093AD84C9C162B550, BDBAB13BA6D369B7F87F721518F7EBD4B14D85B80BCC1E37FA929BB77200401B ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
16:56:31.0077 0x23f8 NvBackend - ok
16:56:31.0117 0x23f8 [ C0B97E53A0E39A48EEA2DCD500EEA07A, 111FBD91850E52E61E6A4D8065BF56C9C6B89C55BA6312F726125F1CE4B09EE1 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
16:56:31.0129 0x23f8 IAStorIcon - ok
16:56:31.0193 0x23f8 [ D3E69D500466C17498AAF7F83D12FFF0, F5723FC28396489EADDDCAD67A0E46B56D859590823E3CFA7254BA6709DC5AE6 ] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
16:56:31.0235 0x23f8 Norton Online Backup - ok
16:56:31.0286 0x23f8 [ 33E5A8FC8EB0EE42478F8538D0215D8F, 206ACA11B99234A1D31C5DD8506D207B591883AAA5CFBBADAC66A13A3F523881 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
16:56:31.0299 0x23f8 Adobe Reader Speed Launcher - ok
16:56:31.0364 0x23f8 [ 0540C38069CD5212B241E62AC1990201, DAAD37478187B62D27FCF2D2A979C76C8B465FF4F56215BE259D18EF3CBC9E73 ] C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
16:56:31.0392 0x23f8 Hotkey Utility - ok
16:56:31.0443 0x23f8 [ 46DA8E7484AC7A52CE1D6E428398724B, 540BBAB567E98D0A6810919CA7B2DB95CE3146BB4DFCF9E501228ADEE85F80B9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
16:56:31.0450 0x23f8 APSDaemon - ok
16:56:31.0550 0x23f8 [ A8A9E1FB6D32E96A2CE360381A2EB610, 6972803194E3E6FC362FE3C39E4B086860AF2803A50863D7553078B1265E0AA1 ] C:\Program Files (x86)\Ask.com\Updater\Updater.exe
16:56:31.0587 0x23f8 ApnUpdater - ok
16:56:31.0686 0x23f8 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
16:56:31.0732 0x23f8 Adobe ARM - ok
16:56:31.0802 0x23f8 [ 2A21FE60A9BC5247BD8C57409A2B97F8, 6C9851684FB90AB6038A326F4B362C1948DF2173063CA198DCEAEA6BFAC636E0 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
16:56:31.0818 0x23f8 VirtualCloneDrive - ok
16:56:31.0818 0x23f8 ROC_ROC_JULY_P1 - ok
16:56:31.0820 0x23f8 ROC_ROC_NT - ok
16:56:31.0877 0x23f8 [ 8DDA2B606279753601F9415DA503CA63, 2C9AD8218E150B6D50817991377ED3230A1672EFBD7AE29D0CD9E55E2418C800 ] C:\Program Files (x86)\QuickTime\QTTask.exe
16:56:31.0920 0x23f8 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
16:56:34.0475 0x23f8 Detect skipped due to KSN trusted
16:56:34.0475 0x23f8 QuickTime Task - ok
16:56:34.0525 0x23f8 [ 8E2A7F1F62467A7DCB8AB2C0642F47CA, 5A0C356E9AA19DEB3C1C62A3DC62A2BC612C2257A4BF32B9BD276FBEDB58983D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
16:56:34.0540 0x23f8 iTunesHelper - ok
16:56:34.0631 0x23f8 [ 81DC51C19473EDEF9D636C83D2455F29, 17E186C1D575FB3860331029EB14CE5A7019DE0FFA9823B100888F5C56C57874 ] C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
16:56:34.0655 0x23f8 Reader Application Helper - ok
16:56:34.0706 0x23f8 [ 0B7876608B87AA316A47C40A1E920B7F, 7559ACC88178F48917B416FD1EB930B2CF3522374D66A34A03602111BDA321F0 ] C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE
16:56:34.0732 0x23f8 RoccatKone+ - detected UnsignedFile.Multi.Generic ( 1 )
16:56:37.0347 0x23f8 RoccatKone+ ( UnsignedFile.Multi.Generic ) - warning
16:56:39.0825 0x23f8 [ 5100ADC704F2D6CE3DF8C0D5105D6C84, BD46EE57F881EDAB63A0540186D9471F4C70F3E4D72F1C52D72DD9BADF9E7334 ] C:\Program Files (x86)\PDF24\pdf24.exe
16:56:39.0843 0x23f8 PDFPrint - ok
16:56:39.0910 0x23f8 [ EDAD4A8A1D46AFCF9E76B996D55116EB, 937549E6FBF5D7282E56866C705539646F2CB6839FD74BF7AA8FB2BA5CCEE940 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
16:56:39.0929 0x23f8 SunJavaUpdateSched - ok
16:56:40.0050 0x23f8 [ 40BE6A84C767D503B8258248142F0366, D6499CF94C55552BCAE38A67D567C4DCDF426D195141401719219B305BA1A5B1 ] C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe
16:56:40.0138 0x23f8 Sound Blaster Tactic3D Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
16:56:42.0685 0x23f8 Detect skipped due to KSN trusted
16:56:42.0686 0x23f8 Sound Blaster Tactic3D Control Panel - ok
16:56:42.0814 0x23f8 [ 66177D4C99FD8B578C7C56DE445E4D5D, 003D0254D7C693A72DE84CB76858F8D67D9FD62206F1B56DF7F5D0FA834C3BA7 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
16:56:42.0836 0x23f8 avgnt - ok
16:56:42.0984 0x23f8 [ F4A755E3A99F4F2324FC2138D30F01B4, EFA955082404977B13754E0DA9CAFF304CA9B87C8B0F2C7166A55ECDF1482DB4 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
16:56:43.0066 0x23f8 LogMeIn Hamachi Ui - ok
16:56:43.0102 0x23f8 [ CB08561AB36857CCF74BF11475C9AEB2, 5F15F6868A719A0A84D3E0FE2BC4E76975C50FA99D642279DDA972269ADFDB8B ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
16:56:43.0111 0x23f8 Avira Systray - ok
16:56:43.0128 0x23f8 InstallShieldSetup - ok
16:56:43.0215 0x23f8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:56:43.0301 0x23f8 Sidebar - ok
16:56:43.0329 0x23f8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:56:43.0355 0x23f8 mctadmin - ok
16:56:43.0392 0x23f8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:56:43.0427 0x23f8 Sidebar - ok
16:56:43.0432 0x23f8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:56:43.0445 0x23f8 mctadmin - ok
16:56:43.0586 0x23f8 [ 2EE619B0C58EE691A45F579DDAD9E730, 58036F6394D733CB08FFA06958B55E63F376C1630C6590B33BA139768B43FE48 ] D:\Steam\steam.exe
16:56:43.0646 0x23f8 Steam - ok
16:56:43.0864 0x23f8 [ D6E2ED7F1F7BE7CCB8676491BF950B57, CBF07EE746F2C27ACC532E83ADC43FBE954DC3C598C4333F13B1A7615AEA9AD5 ] C:\Users\Tim\AppData\Local\Akamai\netsession_win.exe
16:56:43.0961 0x23f8 Akamai NetSession Interface - ok
16:56:43.0995 0x23f8 [ 173D93AB55B6602C115E1E0BCDA3BDBC, 938C02C2C682B542788F0D94ABAB2FA7D80D00E1B8A55E19BEE49AF31AB10D9F ] C:\Windows\Speech\Common\sapisvr.exe
16:56:44.0024 0x23f8 Speech Recognition - ok
16:56:44.0131 0x23f8 [ 4CBEC09072BB77C972D62FFC85C1F487, E6178441FFC0BC55D933A5523141F629EFE00B9E79608FE46E0A38B212F39132 ] C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe
16:56:44.0181 0x23f8 Software Suite SE - ok
16:56:44.0221 0x23f8 [ 4170EF4E0FB4408F1BDBCBDB75656FD8, A3D600DA2CAB7F1C9121E7FEDAF89D30F6E6FBA237B361C1C67B37EEB85773B0 ] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
16:56:44.0235 0x23f8 Sony PC Companion - ok
16:56:44.0361 0x23f8 [ 4458989C34FA84B5A75DD3ABCFBE786A, D37CBB988E98929D65C4D22B030ABEBD2CE2FFE091B63424D0F55C16958DAEF1 ] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
16:56:44.0467 0x23f8 Pando Media Booster - ok
16:56:44.0518 0x23f8 Skype - ok
16:56:44.0520 0x23f8 Waiting for KSN requests completion. In queue: 17
16:56:45.0521 0x23f8 Waiting for KSN requests completion. In queue: 17
16:56:46.0521 0x23f8 Waiting for KSN requests completion. In queue: 17
16:56:47.0521 0x23f8 Waiting for KSN requests completion. In queue: 15
16:56:48.0521 0x23f8 Waiting for KSN requests completion. In queue: 15
16:56:49.0521 0x23f8 Waiting for KSN requests completion. In queue: 15
16:56:50.0521 0x23f8 Waiting for KSN requests completion. In queue: 15
16:56:51.0521 0x23f8 Waiting for KSN requests completion. In queue: 15
16:56:52.0521 0x23f8 Waiting for KSN requests completion. In queue: 15
16:56:53.0521 0x23f8 Waiting for KSN requests completion. In queue: 15
16:56:54.0521 0x23f8 Waiting for KSN requests completion. In queue: 15
16:56:55.0521 0x23f8 Waiting for KSN requests completion. In queue: 15
16:56:56.0575 0x23f8 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.10.414 ), 0x41000 ( enabled : updated )
16:56:56.0626 0x23f8 Win FW state via NFP2: enabled
16:56:58.0993 0x23f8 ============================================================
16:56:58.0993 0x23f8 Scan finished
16:56:58.0993 0x23f8 ============================================================
16:56:59.0002 0x0c04 Detected object count: 1
16:56:59.0002 0x0c04 Actual detected object count: 1
16:57:16.0261 0x0c04 RoccatKone+ ( UnsignedFile.Multi.Generic ) - skipped by user
16:57:16.0261 0x0c04 RoccatKone+ ( UnsignedFile.Multi.Generic ) - User select action: Skip
So nachdem der Fehler kam habe ich nochmal bei Microsoft gesucht und das Programm Tweaking Windows Repair hat diese Fehler Meldung behoben und die Windows Firewall funktioniert wieder. Wenn sie noch wissen über irgend welche Viren,Malware etc bei mir schreiben sie es in diesem Thread. Und ich wäre über jeden Tipp dankbar. Sollte es nichts mehr geben danke ich ihnen für ihre Hilfe.  |
|
08.05.2015, 16:29
| #8 |
| /// the machine /// TB-Ausbilder | Firewall lässt sich nicht mehr starten Fehlercode 0x8007042c Da ist noch Arbeit. Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.05.2015, 12:35
| #9 |
| | Firewall lässt sich nicht mehr starten Fehlercode 0x8007042cCode:
ATTFilter ComboFix 15-05-09.01 - Tim 11.05.2015 11:58:41.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.6126.3654 [GMT 2:00]
ausgeführt von:: c:\users\Tim\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\program files (x86)\Searchqu Toolbar\Datamngr
c:\users\Tim\AppData\Local\assembly\tmp
c:\users\Tim\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences
c:\users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\{9349AFA6-8C71-488F-898C-06D37041EF81}.xps
c:\users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\{D5B5A74F-F301-4A03-8FD1-7494FA36CBAE}.xps
c:\users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\{DEFF4457-4D83-4F75-B90C-FA02A89E97D4}.xps
c:\users\Tim\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Tim\AppData\Roaming\Microsoft\Windows\Templates\VideoSpin_2_0_Setup.exe
c:\users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\extensions\p.6hh@uyacthgta.co.uk
c:\users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\extensions\p.6hh@uyacthgta.co.uk\bootstrap.js
c:\users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\extensions\p.6hh@uyacthgta.co.uk\chrome.manifest
c:\users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\extensions\p.6hh@uyacthgta.co.uk\install.rdf
c:\users\Tim\AppData\Roaming\result.db
c:\users\Tim\AppData\Roaming\technic-launcher.jar
c:\windows\ico.ico
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ACEDRV11
-------\Service_acedrv11
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-04-11 bis 2015-05-11 ))))))))))))))))))))))))))))))
.
.
2015-05-07 16:05 . 2015-05-07 16:05 -------- d-----w- c:\windows\SysWow64\wbem\Performance
2015-05-07 15:04 . 2015-05-07 15:04 -------- d-----w- C:\RegBackup
2015-05-07 15:03 . 2015-05-07 15:03 -------- d-----w- c:\program files (x86)\Tweaking.com
2015-05-07 14:00 . 2015-05-07 14:51 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-05-07 13:36 . 2015-05-07 13:36 -------- d-----w- c:\program files (x86)\VS Revo Group
2015-05-06 13:09 . 2015-05-06 13:11 -------- d-----w- C:\FRST
2015-05-06 12:06 . 2015-05-06 12:06 -------- d-----w- c:\users\Tim\AppData\Roaming\ParadoxInteractive
2015-05-02 13:29 . 2015-05-02 13:29 -------- d-----w- c:\users\Tim\AppData\Local\GamersFirst LIVE!
2015-05-02 13:04 . 2011-06-10 22:15 829264 ----a-w- c:\windows\system32\msvcr100.dll
2015-05-02 13:04 . 2011-06-10 22:15 608080 ----a-w- c:\windows\system32\msvcp100.dll
2015-05-02 13:04 . 2010-03-18 12:27 827744 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2015-05-02 13:04 . 2011-06-10 22:15 5601616 ----a-w- c:\windows\system32\mfc100u.dll
2015-05-02 13:04 . 2011-06-10 22:15 5574984 ----a-w- c:\windows\system32\mfc100.dll
2015-05-02 02:45 . 2015-05-02 02:52 -------- d-----w- c:\users\Tim\AppData\Local\Origin
2015-05-02 02:40 . 2015-05-02 02:45 -------- d-----w- c:\program files (x86)\Origin
2015-04-24 20:43 . 2015-04-24 20:43 -------- d-----w- c:\users\Tim\AppData\Local\NVIDIA Corporation
2015-04-24 20:43 . 2015-03-28 03:44 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-04-24 20:43 . 2015-03-28 03:43 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-04-20 20:48 . 2015-04-20 20:48 0 ----a-w- c:\windows\SysWow64\sho4E5B.tmp
2015-04-17 17:16 . 2015-04-17 17:27 -------- d-----w- c:\users\Tim\Cisco Packet Tracer 6.2sv
2015-04-17 17:15 . 2015-04-17 17:15 -------- d-----w- c:\program files (x86)\Cisco Packet Tracer 6.2sv
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-07 14:00 . 2014-11-01 13:12 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-07 13:59 . 2014-11-01 13:12 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-05-05 11:52 . 2015-01-16 13:05 152744 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-05-05 11:52 . 2015-01-16 13:05 132120 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-04-15 11:40 . 2012-10-26 19:05 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-15 11:40 . 2011-08-26 14:20 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-30 13:25 . 2012-07-01 18:26 33856 ---ha-w- c:\windows\system32\hamachi.sys
2015-03-28 03:44 . 2013-10-28 16:00 1316000 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-03-28 03:43 . 2013-10-28 16:00 1570672 ----a-w- c:\windows\system32\nvspcap64.dll
2015-03-12 00:05 . 2015-03-12 00:05 0 ----a-w- c:\windows\SysWow64\shoFF20.tmp
2015-03-08 05:38 . 2015-03-08 05:38 0 ----a-w- c:\windows\SysWow64\shoA8E0.tmp
2015-03-04 12:33 . 2015-01-16 13:05 44088 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2015-02-23 00:44 . 2015-02-23 00:44 0 ----a-w- c:\windows\SysWow64\shoEC98.tmp
2015-02-19 23:46 . 2015-02-19 23:46 0 ----a-w- c:\windows\SysWow64\shoAD94.tmp
2015-02-12 20:30 . 2012-03-29 13:33 893552 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2015-02-12 20:30 . 2012-03-29 13:33 42168 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2015-02-12 20:30 . 2012-03-29 13:33 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2015-02-11 20:30 . 2012-05-25 20:33 893552 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2015-02-11 20:30 . 2012-05-25 20:33 42168 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{DB616CFF-D989-48A8-9C85-E2A8D56AB2CA}]
2011-11-22 08:59 269824 ----a-w- c:\users\Tim\AppData\LocalLow\StumbleUpon\IE\StumbleUpon.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}"= "c:\program files (x86)\ChatZum Toolbar\tbunsiB6E5.tmp\tbcore3.dll" [2012-11-15 2665984]
.
[HKEY_CLASSES_ROOT\clsid\{37d48d9c-3f7e-412f-b5bf-611be7ccfca1}]
[HKEY_CLASSES_ROOT\TBSB09850.TBSB09850.3]
[HKEY_CLASSES_ROOT\TBSB09850.TBSB09850]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-12-02 15:56 233128 ----a-w- c:\users\Tim\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-12-02 15:56 233128 ----a-w- c:\users\Tim\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-12-02 15:56 233128 ----a-w- c:\users\Tim\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="d:\steam\steam.exe" [2015-05-07 2888384]
"Akamai NetSession Interface"="c:\users\Tim\AppData\Local\Akamai\netsession_win.exe" [2014-10-29 4673432]
"Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2009-07-14 44544]
"Software Suite SE"="c:\program files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe" [2009-09-29 2275360]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2015-04-10 455392]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2012-10-28 3093624]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-04-17 31280256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-14 283160]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Hotkey Utility"="c:\program files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe" [2010-08-04 611872]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-04-09 1557160]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-03 1021128]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"Reader Application Helper"="c:\program files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe" [2013-03-18 899400]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2013-12-12 186408]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]
"Sound Blaster Tactic3D Control Panel"="c:\program files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe" [2014-07-03 2091008]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-05-05 728312]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-03-30 3978600]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2015-03-16 129272]
.
c:\users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
GamersFirst LIVE!.lnk - c:\users\Tim\AppData\Local\GamersFirst\LIVE!\Live.exe /silent [2013-6-25 2878504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;c:\windows\system32\DRIVERS\lgandnetndis64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetndis64.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RTL2832U_IRHID;HID Infrared Remote Receiver;c:\windows\system32\DRIVERS\RTL2832U_IRHID.sys;c:\windows\SYSNATIVE\DRIVERS\RTL2832U_IRHID.sys [x]
R3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys;c:\windows\SYSNATIVE\drivers\RTL2832UBDA.sys [x]
R3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys;c:\windows\SYSNATIVE\Drivers\RTL2832UUSB.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM10664.sys;c:\windows\SYSNATIVE\drivers\CM10664.sys [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R3 XENfiltv;XENfiltv;c:\windows\system32\drivers\XENfiltv.sys;c:\windows\SYSNATIVE\drivers\XENfiltv.sys [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 StumbleUponUpdater;StumbleUpon Updater;c:\users\Tim\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe;c:\users\Tim\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGPBTDD;LGPBTDD.sys Display Driver;c:\windows\system32\Drivers\LGPBTDD.sys;c:\windows\SYSNATIVE\Drivers\LGPBTDD.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 UHSfiltv;UHSfiltv;c:\windows\system32\drivers\UHSfiltv.sys;c:\windows\SYSNATIVE\drivers\UHSfiltv.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - NVSTREAMKMS
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-29 18:40 988488 ----a-w- c:\program files (x86)\Google\Chrome\Application\42.0.2311.135\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-05-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-26 11:40]
.
2015-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-26 17:22]
.
2015-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-26 17:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-12-02 15:56 260776 ----a-w- c:\users\Tim\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-12-02 15:56 260776 ----a-w- c:\users\Tim\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-12-02 15:56 260776 ----a-w- c:\users\Tim\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-10-05 11474024]
"Cm106Sound"="c:\windows\Syswow64\cm106.dll" [2011-03-31 8151040]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-08-01 8290584]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-03-28 1570672]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-03-28 2673296]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = www.google.com
mDefault_Search_URL = about:blank
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = about:blank
uInternet Settings,ProxyOverride = <local>
mSearchAssistant =
IE: An OneNote s&enden - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: {{c0e8ae32-0758-4c8d-ab71-23b361fe8964} - c:\users\Tim\AppData\Local\Temp\ie_script.htm
IE: {{A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} -
Trusted Zone: aeriagames.com
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-ROC_ROC_JULY_P1 - c:\program files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe
Wow6432Node-HKLM-Run-ROC_ROC_NT - c:\program files (x86)\AVG Secure Search\ROC_ROC_NT.exe
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
WebBrowser-{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1} - (no file)
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-ESN Sonar-0.70.4 - c:\program files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-SLABCOMM&10C4&EA60 - c:\program files (x86)\Silabs\MCU\CP210x\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
AddRemove-Steam App 203850 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 218 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 42680 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 49520 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 620 - c:\program files (x86)\Steam\steam.exe
AddRemove-{5C13C5F3-6E30-449F-8872-DF8AC35AE285}_is1 - c:\users\Tim\Desktop\Server\CraftBukkit\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va009]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:fd,c3,2c,55,40,26,cd,01
.
[HKEY_USERS\S-1-5-21-4287805056-2247546581-1725692130-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3FC2BD7C-0126-0A91-2FA0-4BC0C0E33C8E}*]
@Allowed: (Read) (RestrictedCode)
"haagjakcmljopilm"=hex:6a,61,68,65,61,6e,66,6b,69,66,6a,6a,6b,6d,6a,64,6b,69,
70,62,00,00
"iakcpopmhicpggocfj"=hex:63,61,64,65,69,6b,00,01
"iagfpcalmbepjipmak"=hex:6a,61,68,65,61,6e,66,6b,69,66,6a,6a,6b,6d,6a,64,6b,69,
70,62,00,00
"dbgfofcnfbjhknongkgnadgjokhcagflagolhehi"=hex:68,61,70,68,64,68,6b,68,6f,6a,
6b,6a,62,6d,6c,63,00,00
"jbgfofcnfbjhknongkgnheomchbmhpafjehdpccdpnbdmbmnicmb"=hex:68,61,70,68,64,68,
6b,68,6f,6a,6b,6a,62,6d,6c,63,00,00
"dbgfofcnfbjhknongkgnbedifkjjflpdcnlhocnc"=hex:62,61,61,65,00,00
.
[HKEY_USERS\S-1-5-21-4287805056-2247546581-1725692130-1001\Software\SecuROM\License information*]
"datasecu"=hex:7d,0c,ba,1a,9e,aa,68,00,91,36,9b,9f,72,c6,3d,f3,17,c9,cd,ad,29,
66,92,5e,94,1d,ed,45,05,41,7d,19,cd,f1,cf,6a,23,05,cb,f9,f8,48,61,c5,29,1a,\
"rkeysecu"=hex:da,2e,d9,d0,36,96,72,dd,ce,d1,f3,00,af,8b,ed,da
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-05-11 13:14:18 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-05-11 11:14
.
Vor Suchlauf: 27 Verzeichnis(se), 59.241.058.304 Bytes frei
Nach Suchlauf: 34 Verzeichnis(se), 64.090.230.784 Bytes frei
.
- - End Of File - - BC36EF271DDE71A4DE77EBBA76822204
|
|
12.05.2015, 06:36
| #10 |
| /// the machine /// TB-Ausbilder | Firewall lässt sich nicht mehr starten Fehlercode 0x8007042c Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.05.2015, 01:55
| #11 |
| | Firewall lässt sich nicht mehr starten Fehlercode 0x8007042cCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 26.05.2015 Suchlauf-Zeit: 02:08:59 Logdatei: mbam.txt Administrator: Ja Version: 2.01.6.1022 Malware Datenbank: v2015.05.25.06 Rootkit Datenbank: v2015.05.24.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Tim Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 489951 Verstrichene Zeit: 29 Min, 59 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 12 PUP.Optional.Goobzo, HKLM\SOFTWARE\CLASSES\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}, In Quarantäne, [eceeadea7119e254b0b26afb40c6c63a], PUP.Optional.SearchResults.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}, In Quarantäne, [4e8c1483137775c1c7a4d00e877cbb45], PUP.Optional.SearchResults.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}, In Quarantäne, [7268880faae01d190e5dae303ac9e917], PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ENGEBLOJHFEINGNJNFPICEOFLJNJPLDP, In Quarantäne, [d208a8ef5436c76f05e01dc1748fd030], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8217F88B-1E55-40E8-BA62-47713D36EB56}, In Quarantäne, [efebb5e2a8e2c37322996313ef1654ac], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8D3F8D24-BA70-479E-863D-C41FBFF93799}, In Quarantäne, [17c310872b5f67cfc9f43d39768f24dc], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7177BB1-9984-4004-98F3-2C9ABAB52865}, In Quarantäne, [9347583f90fa20167b41c3b31bea51af], PUP.Optional.SearchResults.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}, In Quarantäne, [79611186f2982c0ab3b8c21c18ebbb45], PUP.Optional.SearchResults.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}, In Quarantäne, [eaf01a7d543677bf5e0d4c92b54e11ef], PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}, In Quarantäne, [defcbed9a2e890a6f6a13fa2649f9070], PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ENGEBLOJHFEINGNJNFPICEOFLJNJPLDP, In Quarantäne, [4694d7c0bbcf3afc6185865842c1de22], PUP.Optional.Spigot.A, HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{3A2BEB13-1BB8-40FD-A364-AAFE9BFBB29A}, In Quarantäne, [24b6eaadf8924ceaf98629b763a042be], Registrierungswerte: 16 PUP.Optional.SearchResults.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}|URL, hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=1454238500274019&q={searchTerms}, In Quarantäne, [4e8c1483137775c1c7a4d00e877cbb45] PUP.Optional.SearchQu.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}|SuggestionsURL_JSON, hxxp://www.searchqu.com/suggest.php?src=ieb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=1454238500274019&qu={searchTerms}&ft=json, In Quarantäne, [607ac0d77e0cba7cd92094de5ca9f50b] PUP.Optional.SearchResults.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}|URL, hxxp://dts.search-results.com/sr?src=ieb&appid=109&systemid=431&sr=0&q={searchTerms}, In Quarantäne, [7268880faae01d190e5dae303ac9e917] PUP.Optional.SearchQu.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}|SuggestionsURL_JSON, hxxp://www.searchqu.com/suggest.php?src=ieb&appid=109&systemid=431&qu={searchTerms}&ft=json, In Quarantäne, [73670f88c8c2fe38d722432f778e36ca] PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\engeblojhfeingnjnfpiceofljnjpldp|path, C:\Users\Tim\AppData\Local\CRE\engeblojhfeingnjnfpiceofljnjpldp.crx, In Quarantäne, [d208a8ef5436c76f05e01dc1748fd030] PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8217f88b-1e55-40e8-ba62-47713d36eb56}|AppName, Object Browser-bg.exe, In Quarantäne, [efebb5e2a8e2c37322996313ef1654ac] PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8d3f8d24-ba70-479e-863d-c41fbff93799}|AppName, Object Browser-codedownloader.exe, In Quarantäne, [17c310872b5f67cfc9f43d39768f24dc] PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{c7177bb1-9984-4004-98f3-2c9abab52865}|AppName, Object Browser-buttonutil.exe, In Quarantäne, [9347583f90fa20167b41c3b31bea51af] PUP.Optional.SearchResults.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}|URL, hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=1454238500274019&q={searchTerms}, In Quarantäne, [79611186f2982c0ab3b8c21c18ebbb45] PUP.Optional.SearchQu.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}|SuggestionsURL_JSON, hxxp://www.searchqu.com/suggest.php?src=ieb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=1454238500274019&qu={searchTerms}&ft=json, In Quarantäne, [99413760dbaf0630b742a1d1d530bf41] PUP.Optional.SearchResults.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}|URL, hxxp://dts.search-results.com/sr?src=ieb&appid=109&systemid=431&sr=0&q={searchTerms}, In Quarantäne, [eaf01a7d543677bf5e0d4c92b54e11ef] PUP.Optional.SearchQu.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}|SuggestionsURL_JSON, hxxp://www.searchqu.com/suggest.php?src=ieb&appid=109&systemid=431&qu={searchTerms}&ft=json, In Quarantäne, [7d5d395e246647ef38c1abc75ea70ff1] PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}|URL, hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050, In Quarantäne, [defcbed9a2e890a6f6a13fa2649f9070] PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\engeblojhfeingnjnfpiceofljnjpldp|path, C:\Users\Tim\AppData\Local\CRE\engeblojhfeingnjnfpiceofljnjpldp.crx, In Quarantäne, [4694d7c0bbcf3afc6185865842c1de22] PUP.Optional.WebsSearches.A, HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1407806947&from=wld&uid=WDCXWD10EARS-22Y5B1_WD-WCAV5M94984749847&q={searchTerms}, In Quarantäne, [6e6c356281091d195610617cfd0627d9] PUP.Optional.Spigot.A, HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{3A2BEB13-1BB8-40FD-A364-AAFE9BFBB29A}|URL, hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=512435&p={searchTerms}, In Quarantäne, [24b6eaadf8924ceaf98629b763a042be] Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 118 PUP.Optional.OpenCandy, C:\Users\Tim\AppData\Roaming\OpenCandy, In Quarantäne, [3aa084131c6ef93db654406b21e24eb2], PUP.Optional.OpenCandy, C:\Users\Tim\AppData\Roaming\OpenCandy\OpenCandy_FA07968F9B1F420D8932B03D802F0F65, In Quarantäne, [3aa084131c6ef93db654406b21e24eb2], PUP.Optional.Searchqu, C:\Program Files (x86)\Searchqu Toolbar, In Quarantäne, [86540097e2a8c57128eda60571929b65], PUP.Optional.RegCleanerPro.A, C:\Users\Mutter\AppData\Roaming\Systweak\RegClean Pro, In Quarantäne, [c5154e49494195a186f05853cc37e61a], PUP.Optional.RegCleanerPro.A, C:\Users\Mutter\AppData\Roaming\Systweak\RegClean Pro\Version 6.1, In Quarantäne, [c5154e49494195a186f05853cc37e61a], PUP.Optional.Visualbee, C:\Users\Tim\AppData\Local\VisualBeeExe, In Quarantäne, [03d792059eec64d2c0b3f1bb2ed57b85], PUP.Optional.Visualbee, C:\Users\Tim\AppData\Local\VisualBeeExe\Dic-Eng, In Quarantäne, [03d792059eec64d2c0b3f1bb2ed57b85], PUP.Optional.Visualbee, C:\Users\Tim\AppData\Local\VisualBeeExe\GuideFiles, In Quarantäne, [03d792059eec64d2c0b3f1bb2ed57b85], PUP.Optional.Visualbee, C:\Users\Tim\AppData\Local\VisualBeeClient, In Quarantäne, [33a75f386327b482294b5953ad56de22], PUP.Optional.Visualbee, C:\Users\Tim\AppData\Local\VisualBeeClient\Domain, In Quarantäne, [33a75f386327b482294b5953ad56de22], PUP.Optional.Visualbee, C:\Users\Tim\AppData\Local\VisualBeeClient\LocalDB, In Quarantäne, [33a75f386327b482294b5953ad56de22], PUP.Optional.Visualbee, C:\Users\Tim\AppData\Local\VisualBeeClient\Log, In Quarantäne, [33a75f386327b482294b5953ad56de22], PUP.Optional.Visualbee, C:\Users\Tim\AppData\Local\VisualBeeClient\SwUpdate, In Quarantäne, [33a75f386327b482294b5953ad56de22], PUP.Optional.Visualbee, C:\Users\Tim\AppData\Local\VisualBeeClient\Temp, In Quarantäne, [33a75f386327b482294b5953ad56de22], PUP.Optional.CrossRider.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan, In Quarantäne, [6674f4a3c7c33105e004812bf70c29d7], PUP.Optional.CrossRider.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.132_0, In Quarantäne, [6674f4a3c7c33105e004812bf70c29d7], PUP.Optional.CrossRider.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.132_0\extensionData, In Quarantäne, [6674f4a3c7c33105e004812bf70c29d7], PUP.Optional.CrossRider.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.132_0\extensionData\plugins, In Quarantäne, [6674f4a3c7c33105e004812bf70c29d7], PUP.Optional.CrossRider.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.132_0\extensionData\userCode, In Quarantäne, [6674f4a3c7c33105e004812bf70c29d7], PUP.Optional.CrossRider.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.132_0\icons, In Quarantäne, [6674f4a3c7c33105e004812bf70c29d7], PUP.Optional.CrossRider.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.132_0\icons\actions, In Quarantäne, [6674f4a3c7c33105e004812bf70c29d7], PUP.Optional.CrossRider.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.132_0\js, In Quarantäne, [6674f4a3c7c33105e004812bf70c29d7], PUP.Optional.CrossRider.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.132_0\js\api, In Quarantäne, [6674f4a3c7c33105e004812bf70c29d7], PUP.Optional.CrossRider.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.132_0\js\lib, In Quarantäne, [6674f4a3c7c33105e004812bf70c29d7], PUP.Optional.CrossRider.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.132_0\js\lib\popupResource, In Quarantäne, [6674f4a3c7c33105e004812bf70c29d7], PUP.Optional.CrossRider.A, C:\Users\Tim\AppData\Local\Updater3491, In Quarantäne, [59818413b5d5340292fd9e0fdc277c84], PUP.Optional.SweetIM.A, C:\Users\Tim\AppData\LocalLow\SweetIM, In Quarantäne, [d1095d3a84066fc7d082129c956ed22e], PUP.Optional.SweetIM.A, C:\Users\Tim\AppData\LocalLow\SweetIM\Toolbars, In Quarantäne, [d1095d3a84066fc7d082129c956ed22e], PUP.Optional.SweetIM.A, C:\Users\Tim\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer, In Quarantäne, [d1095d3a84066fc7d082129c956ed22e], PUP.Optional.SweetIM.A, C:\Users\Tim\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache, In Quarantäne, [d1095d3a84066fc7d082129c956ed22e], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\bookmarks, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\bookmarks\css, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\bookmarks\img, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification\css, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification\img, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification\img\skin, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\css, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img\skin, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\dialog, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\dialog\img, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\dialog\img\skin, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\extensions, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\extensions\css, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\extensions\img, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\gameCenter, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\gameCenter\css, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\gameCenter\img, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\guide, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\guide\css, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\lastVisited, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\lastVisited\css, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\lastVisited\img, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\notice, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\notice\css, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\played, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\played\css, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\played\img, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\search, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\search\css, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\search\img, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\setup, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\setup\css, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\setup\img, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\setup\img\skin, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\shortcuts, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\shortcuts\img, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\css, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\img, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\img\skin, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather\css, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather\img, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather\img\skin, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\css, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\js, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\de, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\en, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\es, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\es_419, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\fr, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\it, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\ja, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\pl, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\pt_BR, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\pt_PT, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\ru, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\tr, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\vi, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\zh_CN, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\zh_TW, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.QuickStart.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_metadata, In Quarantäne, [24b68017c2c80b2b7210e3cd29da9868], PUP.Optional.Datamngr.A, C:\Users\Tim\AppData\LocalLow\DataMngr, In Quarantäne, [e4f62a6de0aad95d22750da3ed16c838], PUP.Optional.WebsSearches.A, C:\Users\Tim\AppData\Roaming\webssearches, In Quarantäne, [ddfd5d3aaae069cde3ed9b157390f30d], PUP.Optional.WebsSearches.A, C:\Users\Tim\AppData\Roaming\webssearches\images, In Quarantäne, [ddfd5d3aaae069cde3ed9b157390f30d], PUP.Optional.WebsSearches.A, C:\Users\Tim\AppData\Roaming\webssearches\images\code, In Quarantäne, [ddfd5d3aaae069cde3ed9b157390f30d], PUP.Optional.FaceMoods.A, C:\Users\Tim\AppData\LocalLow\facemoods.com, In Quarantäne, [9b3fbcdb9feb69cdc18c3180a261eb15], PUP.Optional.FaceMoods.A, C:\Users\Tim\AppData\LocalLow\facemoods.com\facemoods, In Quarantäne, [9b3fbcdb9feb69cdc18c3180a261eb15], PUP.Optional.SpecialSavings.A, C:\Program Files (x86)\SpecialSavings, In Quarantäne, [e2f882156b1ff73fd1aee8c931d25aa6], PUP.Optional.CrossRider.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_kfgaibfbmkjgmimhbbaikfnpkkjkpoan_0, In Quarantäne, [43976f2816740a2cbfe9ad053dc66d93], PUP.Optional.CrossRider.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kfgaibfbmkjgmimhbbaikfnpkkjkpoan, In Quarantäne, [5b7fe1b6830724122884fbb748bb50b0], PUP.Optional.SearchQu.A, C:\Users\Tim\AppData\LocalLow\searchquband, In Quarantäne, [f5e5c7d07317cf6776f4a11819ea9769], PUP.Optional.VisualBee, C:\ProgramData\VisualBee, In Quarantäne, [da00890e7b0f2412a1e20db550b3f808], PUP.Optional.SmartBar.A, C:\Users\Tim\AppData\LocalLow\Smartbar, In Quarantäne, [bf1b3b5c711958dee842ac22ef1423dd], PUP.Optional.SweetPacks.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\SweetPacksToolbarData, In Quarantäne, [7e5c6730e7a37abc8f64f8da44bfd030], PUP.Optional.SweetPacks.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\SweetPacksToolbarData\logs, In Quarantäne, [7e5c6730e7a37abc8f64f8da44bfd030], PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM, In Quarantäne, [a139b2e503870135a04306cd56ad50b0], PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Messenger, In Quarantäne, [a139b2e503870135a04306cd56ad50b0], PUP.Optional.Delta.A, C:\Users\Tim\AppData\LocalLow\Delta\delta, In Quarantäne, [38a2cbcc2862bf771df75f7daf54be42], Dateien: 3 PUP.Optional.Goobzo, C:\Program Files\Common Files\System\SysMenu.dll, In Quarantäne, [8555d8bffb8f0f275d05d59035d1669a], PUP.Optional.Goobzo, C:\Program Files\Common Files\System\SysMenu64.dll, Löschen bei Neustart, [eceeadea7119e254b0b26afb40c6c63a], PUP.Optional.WebsSearches.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Gut: (), Schlecht: ( "homepage": "hxxp://istart.webssearches.com/?type=hp&ts=1407806947&from=wld&uid=WDCXWD10EARS-22Y5B1_WD-WCAV5M94984749847",), Ersetzt,[904a4b4c01893bfbcabd96d5cb3b31cf] Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) Code:
ATTFilter # AdwCleaner v4.205 - Bericht erstellt 26/05/2015 um 02:58:24
# Aktualisiert 21/05/2015 von Xplode
# Datenbank : 2015-05-25.3 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Tim - TIM-PC
# Gestarted von : C:\Users\Tim\Downloads\AdwCleaner_4.205.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : StumbleUponUpdater
[#] Dienst Gelöscht : vToolbarUpdater11.0.2
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\SoftSafe
Ordner Gelöscht : C:\ProgramData\StarApp
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Program Files (x86)\Ask.com
Ordner Gelöscht : C:\Program Files (x86)\ChatZum Toolbar
Ordner Gelöscht : C:\Program Files (x86)\Search Results Toolbar
Ordner Gelöscht : C:\Program Files (x86)\Uncompressor
Ordner Gelöscht : C:\Program Files (x86)\vGrabber-software
Ordner Gelöscht : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gelöscht : C:\Windows\Installer\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Ordner Gelöscht : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Ordner Gelöscht : C:\Program Files\Web Assistant
Ordner Gelöscht : C:\Users\Mutter\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Mutter\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Tim\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Tim\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Tim\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Tim\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Tim\AppData\LocalLow\Goobzo
Ordner Gelöscht : C:\Users\Tim\AppData\LocalLow\StumbleUpon
Ordner Gelöscht : C:\Users\Tim\AppData\LocalLow\Toolbar4
Ordner Gelöscht : C:\Users\Tim\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Tim\AppData\Roaming\eType
Ordner Gelöscht : C:\Users\Tim\AppData\Roaming\goforfiles
Ordner Gelöscht : C:\Users\Tim\AppData\Roaming\NCdownloader
Ordner Gelöscht : C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Ordner Gelöscht : C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpecialSavings
Ordner Gelöscht : C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uncompressor
Ordner Gelöscht : C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
Ordner Gelöscht : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\Extensions\{ADFA33FD-16F5-4355-8504-DF4D664CFE83}
Datei Gelöscht : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}.xpi
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\invalidprefs.js
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Datei Gelöscht : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\searchplugins\ChatZum.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml
Datei Gelöscht : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\searchplugins\SearchTheWeb.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\webssearches.xml
Datei Gelöscht : C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage
Datei Gelöscht : C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage-journal
Datei Gelöscht : C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
Datei Gelöscht : C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
***** [ Geplante Tasks ] *****
Task Gelöscht : DealPlyUpdate
Task Gelöscht : GoforFilesUpdate
Task Gelöscht : SMupdate1
Task Gelöscht : VisualBeeRecovery
Task Gelöscht : YTDownloaderUpd
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support\Contact.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Packard Bell - Security & Support\Contact.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
Verknüpfung Desinfiziert : C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Tim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Tim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pgifblbjgdjhcelbanblbhkhmbnnmhfg
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\StumbleUpon.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\I
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\StumbleUpon.QTimeCpio
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\StumbleUpon.QTimeCpio.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\YTDownloader.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\SysMenuExt
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ASO3_JUMP_LIST
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Ionic.Zlib.ZlibCodec
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Ionic.Zlib.ZlibException
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Ionic.Zip.BadCrcException
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Ionic.Zip.BadPasswordException
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Ionic.Zip.BadReadException
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Ionic.Zip.BadStateException
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Ionic.Zip.SfxGenerationException
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipEntry
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipException
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipFile
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SDP
Schlüssel Gelöscht : HKCU\Software\5e2dedbe534e547
Schlüssel Gelöscht : HKLM\SOFTWARE\5e2dedbe534e547
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{50F7F0BE-31BA-4145-BD8B-6B0DECFED804}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A69A551A-1AAE-4B67-8C2E-52F8B8A19504}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CE4DB5A3-58E6-41F1-8761-47238DF4F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DB616CFF-D989-48A8-9C85-E2A8D56AB2CA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00004}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00005}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00006}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00007}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00008}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00009}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022342291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322282250}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066346691}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366286650}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DB616CFF-D989-48A8-9C85-E2A8D56AB2CA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB616CFF-D989-48A8-9C85-E2A8D56AB2CA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A69A551A-1AAE-4B67-8C2E-52F8B8A19504}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB616CFF-D989-48A8-9C85-E2A8D56AB2CA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A69A551A-1AAE-4B67-8C2E-52F8B8A19504}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{9FF9AE6F-4553-41A7-B645-B0E88850EABF}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CE4DB5A3-58E6-41F1-8761-47238DF4F468}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066346691}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366286650}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\ChatZum Toolbar
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DSNR Labs
Schlüssel Gelöscht : HKCU\Software\GOffers
Schlüssel Gelöscht : HKCU\Software\GoforFiles
Schlüssel Gelöscht : HKCU\Software\IGearSettings
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKCU\Software\StumbleUpon
Schlüssel Gelöscht : HKCU\Software\VIS
Schlüssel Gelöscht : HKCU\Software\visualbee
Schlüssel Gelöscht : HKCU\Software\YTDownloader
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\eType
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Object Browser
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\searchqutoolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SpecialSavings
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\StumbleUpon
Schlüssel Gelöscht : HKLM\SOFTWARE\APN
Schlüssel Gelöscht : HKLM\SOFTWARE\AskToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\ChatZum Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\GoforFiles
Schlüssel Gelöscht : HKLM\SOFTWARE\iLividSRTB
Schlüssel Gelöscht : HKLM\SOFTWARE\SP Global
Schlüssel Gelöscht : HKLM\SOFTWARE\SProtector
Schlüssel Gelöscht : HKLM\SOFTWARE\VIS
Schlüssel Gelöscht : HKLM\SOFTWARE\visualbee
Schlüssel Gelöscht : HKLM\SOFTWARE\Web Assistant
Schlüssel Gelöscht : HKU\.DEFAULT\Software\AVG Secure Search
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ChatZum Toolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Web Assistant
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\547B38670606DF14AA57B0BB83F3AE4D
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\iminent.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\linkuryjs.info
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\webssearches.com
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
***** [ Internetbrowser ] *****
-\\ Internet Explorer v9.0.8112.16450
-\\ Mozilla Firefox v6.0.2 (de)
[95e71w6e.default\prefs.js] - Zeile Gelöscht : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
[95e71w6e.default\prefs.js] - Zeile Gelöscht : user_pref("browser.newtab.url", "search.chatzum.com");
[95e71w6e.default\prefs.js] - Zeile Gelöscht : user_pref("browser.startup.homepage", "hxxp://search.chatzum.com");
[95e71w6e.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
[95e71w6e.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
[95e71w6e.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[95e71w6e.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.Visibility", false);
[95e71w6e.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_tabpage", "hxxp%3A//search.chatzum.com");
-\\ Google Chrome v43.0.2357.65
[C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : hxxp://istart.webssearches.com/?type=hp&ts=1407806947&from=wld&uid=WDCXWD10EARS-22Y5B1_WD-WCAV5M94984749847
*************************
AdwCleaner[R0].txt - [40165 Bytes] - [26/05/2015 02:55:14]
AdwCleaner[S0].txt - [38896 Bytes] - [26/05/2015 02:58:24]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [38956 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.0 (05.25.2015:1)
OS: Windows 7 Home Premium x64
Ran by Tim on 26.05.2015 at 3:07:56,41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-4287805056-2247546581-1725692130-1001\Software\Microsoft\Internet Explorer\Main\\Start Page
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
~~~ Files
Successfully deleted: [File] C:\Windows\syswow64\sho178D.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho188.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho22F6.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho22FD.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho28E5.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho2B34.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho2B6D.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho2B95.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho2CE6.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho3E17.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho41AC.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho4412.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho44C3.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho46D6.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho4817.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho4E5B.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho5261.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho530F.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho5F44.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho7788.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho82DD.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho82F3.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho888A.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho9128.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho983E.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho9AF6.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho9F7.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho9FC4.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA4BF.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA8E0.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoAA24.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoABC6.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoAD94.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoAF05.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoB04.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoB29E.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoB5E5.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoB7CA.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoBCCB.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoBD18.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoC99F.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoDB6F.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoDD1E.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoEB14.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoEC98.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoEF55.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoF064.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoF2A2.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoFA7.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoFCFF.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoFF20.tmp
Successfully deleted: [File] C:\Users\Tim\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorage
Successfully deleted: [File] C:\Users\Tim\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorage-journal
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{0074F242-5C2D-4C92-A132-19512772C450}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{056926A7-D5E2-4D56-A075-ABCFEE7936FB}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{0E9EA4C9-D77E-49B9-BEE1-8EADF0D539E8}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{0EAAB12A-982B-4553-B8CA-C9CABFB0ED5B}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{18983D5E-7A0E-4CDF-921F-E700783C1810}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{1ADB2191-F9A0-4FB9-8B90-1DBE5DD77313}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{217AAE63-82E0-4E7C-B8D2-4E0AF2295424}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{258808DC-B9B8-4DB7-A861-CC194A1AB84D}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{3D872105-D7D0-45DA-BCFF-E5CD24F53FBB}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{3DB361AE-AB18-4588-A3D4-F22333615840}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{422E7952-9106-4EF2-BD79-15453EFC7F19}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{4C9475BE-EDB6-4786-AEEF-077E68CBE6AE}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{4E3D7F16-D76A-40C9-93DA-0505DB46B344}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{5CEDD180-6017-4C0F-97B7-738AE19E743E}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{62ED0744-05B6-4AFC-ABB2-4DAA417B0096}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{80005D8D-82C1-4BA0-9899-A1F81CFB4D52}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{810636D8-9D91-4524-AEEA-415C8DA36E69}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{902EEEF6-0655-4E94-96CF-366A2110115A}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{95B84706-0E0E-4EA9-8763-34633329AA20}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{AFB1889C-D3BB-4461-B7CC-EBEE3773AB9E}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{B4A58CB5-B026-49BD-94B7-EA069C4C80DC}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{C1A5F6C6-A5D4-4F95-8F76-56D375DDC97A}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{D6F895C0-3283-4D18-B30C-4AFFB2C0F1B2}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{DED9E40B-BE73-4A09-B037-A2F8CE8FF106}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{E6986FB8-2BC2-42AE-BCB3-E99D37AC644F}
Successfully deleted: [Empty Folder] C:\Users\Tim\appdata\local\{F4D87CAE-9CF8-4156-ACF3-4BE1A72C6F47}
Successfully deleted: [Folder] C:\Users\Tim\appdata\local\crashrpt
Successfully deleted: [Folder] C:\Users\Tim\appdata\local\cre
Successfully deleted: [Folder] C:\Users\Tim\appdata\locallow\file2linktemplate
Successfully deleted: [Folder] C:\Windows\syswow64\ai_recyclebin
Successfully deleted: [Folder] C:\ProgramData\ccoNtiinuetosavey
~~~ FireFox
Successfully deleted: [File] C:\user.js
Successfully deleted the following from C:\Users\Tim\AppData\Roaming\mozilla\firefox\profiles\95e71w6e.default\prefs.js
user_pref(browser.search.defaultengine, Privitize VPN);
user_pref(id_chatzum.firstlaunch, 0);
user_pref(id_chatzum.guid, %7B69A5BFFD-4410-1EEE-563C-56546139D9C9%7D);
user_pref(id_chatzum.hiddenvisual, 0);
user_pref(id_chatzum.openSearchEngineName, Google);
user_pref(id_chatzum.searchengine, Google);
user_pref(id_chatzum.variables.SVar1, %13);
user_pref(id_chatzum.variables.SVar10, %13);
user_pref(id_chatzum.variables.SVar2, %13);
user_pref(id_chatzum.variables.SVar3, %13);
user_pref(id_chatzum.variables.SVar4, %13);
user_pref(id_chatzum.variables.SVar5, %13);
user_pref(id_chatzum.variables.SVar6, %13);
user_pref(id_chatzum.variables.SVar7, %13);
user_pref(id_chatzum.variables.SVar8, %13);
user_pref(id_chatzum.variables.SVar9, %13);
user_pref(id_chatzum.variables.Var1, 0);
user_pref(id_chatzum.variables.Var10, 0);
user_pref(id_chatzum.variables.Var2, 0);
user_pref(id_chatzum.variables.Var3, 0);
user_pref(id_chatzum.variables.Var4, 0);
user_pref(id_chatzum.variables.Var5, 0);
user_pref(id_chatzum.variables.Var6, 0);
user_pref(id_chatzum.variables.Var7, 0);
user_pref(id_chatzum.variables.Var8, 0);
user_pref(id_chatzum.variables.Var9, 0);
user_pref(id_chatzum_installed_version, 1.0.19);
user_pref(keyword.URL, hxxp://utils.chatzum.com/?url=);
~~~ Chrome
[C:\Users\Tim\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Tim\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
kfgaibfbmkjgmimhbbaikfnpkkjkpoan
pelmeidfhdlhlbjimpabfcbnnojbboma
[C:\Users\Tim\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Tim\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
kfgaibfbmkjgmimhbbaikfnpkkjkpoan,
pelmeidfhdlhlbjimpabfcbnnojbboma,
pgifblbjgdjhcelbanblbhkhmbnnmhfg
]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.05.2015 at 3:11:28,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Geändert von Sinon (26.05.2015 um 02:12 Uhr) |
|
26.05.2015, 02:16
| #12 |
| | Firewall lässt sich nicht mehr starten Fehlercode 0x8007042cCode:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-05-2015
Ran by Tim (administrator) on TIM-PC on 26-05-2015 03:13:33
Running from C:\Users\Tim\Downloads
Loaded Profiles: Tim (Available Profiles: Tim & Mutter)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11474024 2010-10-05] (Realtek Semiconductor)
HKLM\...\Run: [Cm106Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-14] (Intel Corporation)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe [611872 2010-08-04] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [Reader Application Helper] => C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2013-03-18] (Sony Corporation)
HKLM-x32\...\Run: [RoccatKone+] => C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [557056 2013-10-25] (ROCCAT GmbH)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [Sound Blaster Tactic3D Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe [2091008 2014-07-03] (Creative Technology Ltd)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\Run: [Steam] => D:\Steam\steam.exe [2891968 2015-05-21] (Valve Corporation)
HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Tim\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\Run: [Software Suite SE] => C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe [2275360 2009-09-29] (Acer Incorporated)
HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [455392 2015-04-10] (Sony)
HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-10-28] ()
HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
Startup: C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk [2012-10-16]
ShortcutTarget: GamersFirst LIVE!.lnk -> C:\Users\Tim\AppData\Local\GamersFirst\LIVE!\Live.exe (GamersFirst)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4287805056-2247546581-1725692130-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-10] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-07] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-07] (Oracle Corporation)
Toolbar: HKU\.DEFAULT -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\.DEFAULT -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-4287805056-2247546581-1725692130-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448 2011-08-26] (Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 C:\Windows\System32\mswsock.dll [326144 2011-08-26] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
FireFox:
========
FF ProfilePath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default
FF DefaultSearchEngine: Yahoo!
FF DefaultSearchUrl:
FF SelectedSearchEngine: Yahoo!
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-10-10] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-02-20] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll [2013-11-12] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-05-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [2013-06-29] (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-06-21] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-06-21] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-10-28] (Pando Networks)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc.)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2013-03-18] (Sony Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2012-06-29] (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll [2013-07-16] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4287805056-2247546581-1725692130-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tim\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-27] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4287805056-2247546581-1725692130-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-10-28] (Pando Networks)
FF SearchPlugin: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\searchplugins\Startpins.xml [2012-10-17]
FF Extension: Avira Browser Safety - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\Extensions\abs@avira.com [2015-01-16]
FF Extension: Amazon-Icon - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\Extensions\amazon-icon@giga.de [2014-08-12]
FF Extension: StumbleUpon - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\Extensions\toolbar@stumbleupon.com [2012-05-14]
FF Extension: QuickShare Widget - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\Extensions\{4ce84ad6-88cc-483b-871f-397ec28101aa} [2013-07-12]
FF Extension: Hotspot Shield Helper (Please allow this installation) - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2012-06-04]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2015-03-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF Extension: No Name - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}.xpi [not found]
FF Extension: No Name - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\95e71w6e.default\extensions\{ADFA33FD-16F5-4355-8504-DF4D664CFE83} [not found]
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-30]
CHR Extension: (Google Drive) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-30]
CHR Extension: (YouTube) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-30]
CHR Extension: (Adblock Plus) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-24]
CHR Extension: (Google Search) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-30]
CHR Extension: (Avira Browser Safety) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-01-16]
CHR Extension: (Bookmark Manager) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [ndkkhdppcfchlghnlhifennhcadbnfld] - C:\Users\Tim\AppData\Local\Temp\ccex.crx [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2012-11-05] (Creative Labs) []
S2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) []
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-11-01] (EasyAntiCheat Ltd)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
S2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4204272 2012-08-28] (INCA Internet Co., Ltd.) []
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-05-02] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2013-12-27] ()
S2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2013-12-27] ()
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-02-15] (Sony Corporation) []
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2012-07-04] (LG Electronics Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-04-18] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-04] (Avira Operations GmbH & Co. KG)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-04-18] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S4 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105744 2012-05-02] (Trend Micro Inc.)
R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2013-05-31] (Creative Technology Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-07-09] (Apple, Inc.) []
S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2011-03-31] (C-Media Electronics Inc)
S3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-26 03:13 - 2015-05-26 03:13 - 00000000 ____D () C:\Users\Tim\Downloads\FRST-OlderVersion
2015-05-26 03:11 - 2015-05-26 03:11 - 00010377 _____ () C:\Users\Tim\Desktop\JRT.txt
2015-05-26 03:07 - 2015-05-26 03:07 - 02946703 _____ (Thisisu) C:\Users\Tim\Desktop\JRT.exe
2015-05-26 02:54 - 2015-05-26 02:58 - 00000000 ____D () C:\AdwCleaner
2015-05-26 02:53 - 2015-05-26 02:53 - 00030227 _____ () C:\Users\Tim\Desktop\mbam.txt
2015-05-26 02:50 - 2015-05-26 02:51 - 02222592 _____ () C:\Users\Tim\Downloads\AdwCleaner_4.205.exe
2015-05-22 14:10 - 2015-05-22 14:10 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\com.playsaurus.heroclicker
2015-05-18 21:20 - 2015-05-18 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free M4a to MP3 Converter
2015-05-18 21:20 - 2015-05-18 21:20 - 00000000 ____D () C:\Program Files (x86)\Free M4a to MP3 Converter
2015-05-18 21:19 - 2015-05-18 21:19 - 11354176 _____ (ManiacTools.com ) C:\Users\Tim\Downloads\m4a-to-mp3-83converter.exe
2015-05-16 18:10 - 2015-05-16 18:10 - 06628862 _____ () C:\Users\Tim\Downloads\FTB_Launcher.exe
2015-05-14 02:38 - 2015-05-14 02:38 - 01089027 _____ (pendrivelinux.com) C:\Users\Tim\Downloads\Universal-USB-Installer-1.9.6.0.exe
2015-05-14 01:12 - 2015-05-14 01:30 - 1525235712 _____ () C:\Users\Tim\Downloads\debian-live-8.0.0-i386-gnome-desktop.iso
2015-05-13 18:49 - 2015-05-13 18:56 - 00000000 ____D () C:\Users\Tim\Desktop\usb stick
2015-05-12 19:27 - 2015-05-12 19:27 - 00000218 _____ () C:\Users\Tim\.recently-used.xbel
2015-05-11 13:40 - 2015-05-11 13:40 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-05-11 13:14 - 2015-05-11 13:14 - 00028583 _____ () C:\ComboFix.txt
2015-05-10 17:55 - 2015-05-10 17:55 - 00985458 _____ () C:\Users\Tim\Downloads\aim_crashz_dust_1on1.zip
2015-05-08 19:20 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-08 19:20 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-08 19:20 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-08 19:20 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-08 19:20 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-08 19:20 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-08 19:20 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-08 19:20 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-08 18:59 - 2015-05-13 19:10 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-08 18:24 - 2015-05-11 13:14 - 00000000 ____D () C:\Qoobox
2015-05-08 18:23 - 2015-05-11 13:12 - 00000000 ____D () C:\Windows\erdnt
2015-05-08 18:22 - 2015-05-11 11:51 - 05623215 ____R (Swearware) C:\Users\Tim\Desktop\ComboFix.exe
2015-05-07 21:09 - 2015-05-07 21:12 - 00000000 ____D () C:\Users\Tim\Desktop\Wichtig
2015-05-07 18:58 - 2015-05-07 18:58 - 00302011 _____ () C:\Users\Tim\Downloads\WindowsUpdateDiagnostic.diagcab
2015-05-07 17:04 - 2015-05-07 17:04 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-TIM-PC-Windows-7-Home-Premium-(64-bit).dat
2015-05-07 17:04 - 2015-05-07 17:04 - 00000000 ____D () C:\RegBackup
2015-05-07 17:03 - 2015-05-07 17:03 - 00003646 _____ () C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2015-05-07 17:03 - 2015-05-07 17:03 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-05-07 17:03 - 2015-05-07 17:03 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2015-05-07 17:01 - 2015-05-07 17:01 - 12849824 _____ () C:\Users\Tim\Downloads\tweaking.com_windows_repair_aio_setup.exe
2015-05-07 16:54 - 2015-05-07 16:53 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Tim\Desktop\tdsskiller.exe
2015-05-07 16:53 - 2015-05-07 16:53 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Tim\Downloads\tdsskiller.exe
2015-05-07 16:00 - 2015-05-26 02:46 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-07 15:59 - 2015-05-07 16:50 - 00000000 ____D () C:\Users\Tim\Desktop\mbar
2015-05-07 15:58 - 2015-05-07 15:58 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Tim\Desktop\mbar-1.09.1.1004.exe
2015-05-07 15:36 - 2015-05-07 15:36 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tim\Downloads\revosetup95.exe
2015-05-07 15:36 - 2015-05-07 15:36 - 00001240 _____ () C:\Users\Tim\Desktop\Revo Uninstaller.lnk
2015-05-07 15:36 - 2015-05-07 15:36 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-05-06 20:29 - 2015-05-06 20:29 - 00589320 _____ () C:\Windows\Minidump\050615-19718-01.dmp
2015-05-06 15:10 - 2015-05-06 15:11 - 00067845 _____ () C:\Users\Tim\Downloads\Addition.txt
2015-05-06 15:09 - 2015-05-26 03:13 - 02108928 _____ (Farbar) C:\Users\Tim\Downloads\FRST64.exe
2015-05-06 15:09 - 2015-05-26 03:13 - 00026363 _____ () C:\Users\Tim\Downloads\FRST.txt
2015-05-06 15:09 - 2015-05-26 03:13 - 00000000 ____D () C:\FRST
2015-05-06 14:48 - 2015-05-06 14:51 - 162818840 _____ (Microsoft Corporation) C:\Users\Tim\Downloads\msert.exe
2015-05-06 14:44 - 2015-05-06 14:44 - 01010176 _____ () C:\Users\Tim\Downloads\MicrosoftFixit50884.msi
2015-05-06 14:06 - 2015-05-06 14:06 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\ParadoxInteractive
2015-05-06 13:47 - 2015-05-06 13:53 - 00000000 ____D () C:\Users\Tim\Desktop\Privat Wichtig
2015-05-06 13:46 - 2015-05-06 13:46 - 00000000 ____D () C:\Users\Tim\Desktop\Zuhause wichtig
2015-05-02 16:05 - 2015-05-02 16:05 - 00453296 _____ () C:\Windows\Minidump\050215-16177-01.dmp
2015-05-02 15:29 - 2015-05-02 15:29 - 00000000 ____D () C:\Users\Tim\AppData\Local\GamersFirst LIVE!
2015-05-02 15:25 - 2015-05-02 15:25 - 00603160 _____ () C:\Windows\Minidump\050215-14118-01.dmp
2015-05-02 15:04 - 2015-05-02 15:04 - 00000000 ____D () C:\Users\Tim\Documents\Respawn
2015-05-02 15:04 - 2011-06-11 00:15 - 05601616 _____ (Microsoft Corporation) C:\Windows\system32\mfc100u.dll
2015-05-02 15:04 - 2011-06-11 00:15 - 05574984 _____ (Microsoft Corporation) C:\Windows\system32\mfc100.dll
2015-05-02 15:04 - 2011-06-11 00:15 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2015-05-02 15:04 - 2011-06-11 00:15 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll
2015-05-02 15:04 - 2010-03-18 14:27 - 00827744 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2015-05-02 10:26 - 2015-05-02 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall
2015-05-02 04:45 - 2015-05-02 04:52 - 00000000 ____D () C:\Users\Tim\AppData\Local\Origin
2015-05-02 04:40 - 2015-05-02 04:45 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-05-02 04:40 - 2015-05-02 04:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-26 03:08 - 2011-09-23 23:33 - 00000000 ____D () C:\Users\Tim\AppData\Local\PMB Files
2015-05-26 03:08 - 2011-08-26 16:19 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-26 03:08 - 2011-08-25 07:29 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Skype
2015-05-26 03:08 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-26 03:08 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-26 03:04 - 2012-06-22 17:31 - 00000000 ____D () C:\Users\Tim\AppData\Local\LogMeIn Hamachi
2015-05-26 03:03 - 2012-09-30 16:44 - 01142406 _____ () C:\Windows\WindowsUpdate.log
2015-05-26 03:01 - 2012-09-30 16:27 - 00195772 _____ () C:\Windows\setupact.log
2015-05-26 03:00 - 2013-08-16 22:02 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-26 03:00 - 2012-09-30 16:27 - 02289870 _____ () C:\Windows\PFRO.log
2015-05-26 03:00 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-26 02:58 - 2011-09-11 20:58 - 00001037 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-26 02:58 - 2011-09-01 10:21 - 00001144 _____ () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-26 02:58 - 2011-09-01 10:21 - 00000997 _____ () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-05-26 02:58 - 2011-08-26 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-26 02:58 - 2010-11-05 05:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support
2015-05-26 02:51 - 2014-11-01 15:12 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-26 02:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-05-26 02:40 - 2012-10-26 21:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-26 02:08 - 2014-11-01 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-05-26 02:08 - 2014-11-01 15:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-05-26 02:08 - 2013-12-06 19:32 - 00001078 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-26 02:08 - 2013-12-06 19:32 - 00001078 _____ () C:\ProgramData\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-26 02:03 - 2011-10-16 12:31 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\TS3Client
2015-05-24 21:52 - 2012-03-31 17:51 - 00000000 ____D () C:\Users\Tim\Desktop\bilder
2015-05-22 14:03 - 2011-10-22 17:42 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-05-19 16:50 - 2013-05-10 17:04 - 00000000 ____D () C:\Users\Tim\Documents\Outlook-Dateien
2015-05-18 21:28 - 2012-04-20 21:54 - 00000000 ____D () C:\Users\Tim\Desktop\Meine musik
2015-05-18 01:54 - 2011-08-26 16:19 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-18 01:54 - 2011-08-26 16:19 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-18 01:54 - 2011-08-26 16:19 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-16 19:06 - 2014-08-09 22:34 - 00000000 ____D () C:\Users\Tim\AppData\Local\ftblauncher
2015-05-16 18:11 - 2013-05-19 18:57 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\ftblauncher
2015-05-12 19:28 - 2014-08-27 17:47 - 00000000 ____D () C:\Users\Tim\.gconfd
2015-05-12 19:27 - 2014-08-27 18:41 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\gedit
2015-05-12 19:27 - 2014-08-27 17:47 - 00000000 ____D () C:\Users\Tim\.gconf
2015-05-12 19:27 - 2011-08-25 00:23 - 00000000 ____D () C:\Users\Tim
2015-05-11 13:14 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-05-11 13:08 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-10 00:33 - 2010-11-05 05:09 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-08 19:00 - 2011-08-25 07:31 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Adobe
2015-05-08 18:59 - 2011-09-28 16:09 - 00000000 ____D () C:\Users\Tim\AppData\Local\Adobe
2015-05-08 18:58 - 2010-11-05 05:09 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-07 21:06 - 2011-03-17 21:17 - 00697092 _____ () C:\Windows\system32\perfh007.dat
2015-05-07 21:06 - 2011-03-17 21:17 - 00150856 _____ () C:\Windows\system32\perfc007.dat
2015-05-07 21:06 - 2009-07-14 07:13 - 01653064 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-07 18:56 - 2012-09-30 17:38 - 00118664 _____ () C:\Users\Tim\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-07 18:52 - 2012-09-30 16:27 - 00430680 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-07 18:52 - 2010-11-05 05:04 - 00000000 ____D () C:\Program Files\Packard Bell
2015-05-07 15:54 - 2010-11-05 04:55 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-06 20:29 - 2015-04-05 06:12 - 434355716 _____ () C:\Windows\MEMORY.DMP
2015-05-06 20:29 - 2013-06-25 20:22 - 00000000 ____D () C:\Windows\Minidump
2015-05-06 15:36 - 2013-07-02 21:16 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\uTorrent
2015-05-06 14:06 - 2013-04-20 16:46 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-06 13:54 - 2012-09-04 17:58 - 00000000 ____D () C:\Users\Tim\Desktop\Spiele
2015-05-06 13:41 - 2014-01-20 20:40 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2015-05-05 20:56 - 2011-09-04 20:58 - 00000000 ____D () C:\Users\Tim\AppData\Local\CrashDumps
2015-05-05 14:03 - 2015-04-17 19:16 - 00000184 _____ () C:\Users\Tim\.packettracer
2015-05-05 13:55 - 2015-01-16 15:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-05 13:52 - 2015-01-16 15:05 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-05-05 13:52 - 2015-01-16 15:05 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-05-03 19:08 - 2013-03-11 16:31 - 00000000 ____D () C:\ProgramData\Origin
2015-05-02 16:10 - 2011-04-21 03:08 - 00000000 ____D () C:\ProgramData\Skype
2015-05-02 10:26 - 2011-10-09 11:48 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-02 09:44 - 2012-10-10 23:34 - 00382258 _____ () C:\Windows\DirectX.log
2015-05-02 04:45 - 2013-03-11 16:34 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Origin
2015-05-02 04:29 - 2012-10-10 21:19 - 00000000 ____D () C:\Program Files (x86)\Kalypso Media
2015-05-02 04:26 - 2012-06-03 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamersFirst
2015-05-02 04:25 - 2011-12-18 15:05 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\SoftGrid Client
2015-04-30 20:40 - 2012-10-26 21:00 - 00424288 _____ () C:\Windows\DPINST.LOG
2015-04-30 20:40 - 2012-09-06 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
==================== Files in the root of some directories =======
2012-11-17 17:51 - 2012-11-17 17:51 - 0579274 _____ () C:\Users\Tim\AppData\Roaming\technic-launcher.jar.bak
2013-02-25 21:00 - 2013-02-25 21:00 - 0000000 _____ () C:\Users\Tim\AppData\Roaming\technic-launcher.jar.temp
2012-05-19 14:05 - 2013-04-29 16:50 - 0000600 _____ () C:\Users\Tim\AppData\Roaming\winscp.rnd
2012-03-25 17:02 - 2012-03-25 17:02 - 0000091 _____ () C:\Users\Tim\AppData\Local\fusioncache.dat
2013-02-04 19:13 - 2013-02-04 19:13 - 0000036 _____ () C:\Users\Tim\AppData\Local\housecall.guid.cache
2012-06-03 15:00 - 2012-06-03 15:30 - 0000786 _____ () C:\Users\Tim\AppData\Local\PMB Files.聰an
2012-09-13 18:38 - 2014-07-07 18:09 - 0000600 _____ () C:\Users\Tim\AppData\Local\PUTTY.RND
2015-03-05 16:11 - 2015-03-19 18:07 - 0007599 _____ () C:\Users\Tim\AppData\Local\Resmon.ResmonCfg
2011-12-11 11:20 - 2011-12-11 11:20 - 0000000 _____ () C:\Users\Tim\AppData\Local\{424F20BB-2050-451E-A65D-912DCA8D43CF}
Some files in TEMP:
====================
C:\Users\Tim\AppData\Local\Temp\avgnt.exe
C:\Users\Tim\AppData\Local\Temp\Quarantine.exe
C:\Users\Tim\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-24 17:45
==================== End of log ============================
|
|
26.05.2015, 19:02
| #13 |
| /// the machine /// TB-Ausbilder | Firewall lässt sich nicht mehr starten Fehlercode 0x8007042cESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
dann auf 
und dann auf 
. 
WARNUNG an die MITLESER: 
Linear-Darstellung
