|
Plagegeister aller Art und deren Bekämpfung: redirect Virus Windows 7Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
31.08.2015, 14:18 | #1 |
| redirect Virus Windows 7 hi, bei mir öffnet sich immer wieder eine neu Seite von redirect. Parallel dazu öffnet sich die Seite Seitensprungarea. habe bereits das erste mal FRST drüber laufen lassen. Hier die Logfiles Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-08-2015 durchgeführt von Filep (Administrator) auf FILEP-PC (31-08-2015 14:10:33) Gestartet von C:\Users\Filep\Downloads Geladene Profile: Filep (Verfügbare Profile: Filep & Gast) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 9 (Standard-Browser: IE) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Logitech, Inc.) C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe (Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\nis.exe (PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Symantec Corporation) C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\NF.exe (Symantec Corporation) C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\NF.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\nis.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe (Microsoft Corporation) C:\Program Files\Microsoft LifeChat\LifeChat.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe (Apple Inc.) F:\Programme\Program Files (x86)\iTunesHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Logitech Inc.) C:\Program Files\Logitech\SetPoint\LBTWiz.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Spotify Ltd) C:\Users\Filep\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd) C:\Users\Filep\AppData\Roaming\Spotify\Spotify.exe (Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Akamai Technologies, Inc.) C:\Users\Filep\AppData\Local\Akamai\netsession_win.exe (GoPro) C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe (PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Spotify Ltd) C:\Users\Filep\AppData\Roaming\Spotify\SpotifyCrashService.exe (Akamai Technologies, Inc.) C:\Users\Filep\AppData\Local\Akamai\netsession_win.exe () C:\Program Files (x86)\Word Explorer\Launch.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Dropbox, Inc.) C:\Users\Filep\AppData\Roaming\Dropbox\bin\Dropbox.exe (Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Spotify Ltd) C:\Users\Filep\AppData\Roaming\Spotify\Spotify.exe (BitLeader) C:\Program Files (x86)\lg_fwupdate\fwupdate.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (Bandoo Media, inc) C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe () C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (MovieDea) C:\Program Files (x86)\MovieDea\MovieDea.exe (Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL2\KHALMNPR.exe (Spotify Ltd) C:\Users\Filep\AppData\Roaming\Spotify\Spotify.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\nacl64.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\conathst.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\nacl64.exe (Microsoft Corporation) C:\Windows\System32\prevhost.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmprph.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\Windows\splwow64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Symantec Corporation) C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\coNatHstNF.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [LifeChat] => C:\Program Files\Microsoft LifeChat\LifeChat.exe [371712 2009-09-24] (Microsoft Corporation) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [104008 2010-11-16] (Logitech Inc.) HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.) HKLM\...\Run: [iTunesHelper] => F:\Programme\Program Files (x86)\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.) HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation) HKLM\...\Run: [Bluetooth Connection Assistant] => LBTWIZ.EXE -silent HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [UCam_Menu] => "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\1.0" HKLM-x32\...\Run: [TotalMediaTVMonitor] => "C:\Program Files (x86)\ArcSoft\TotalMedia TV 1.0\TotalMediaTVMonitor.exe" HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [103896 2011-10-25] (PC Tools) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation) HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-07-23] (Bitleader) HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2009-10-19] () HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard) HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2472048 2010-08-11] (VIA) HKLM-x32\...\Run: [DATAMNGR] => C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe [1546640 2011-06-01] (Bandoo Media, inc) HKLM-x32\...\Run: [CLMLServer] => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.) HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.) HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3217672 2015-07-02] (GoPro) HKLM-x32\...\Run: [MovieDea] => C:\Program Files (x86)\MovieDea\MovieDea.exe [3184640 2015-06-03] (MovieDea) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\$Recycle.Bin\S-1-5-18\$6c5270fbd1f095797ae707850c85a183\n.ACHTUNG! ====> ZeroAccess? HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0 HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [GoogleChromeAutoLaunch_D9414D4DFAD2C873EED3A19B298D3FAC] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-18] (Google Inc.) HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Steam] => "C:\Program Files (x86)\Steam\steam.exe" -silent HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Spotify Web Helper] => C:\Users\Filep\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-24] (Spotify Ltd) HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Spotify] => C:\Users\Filep\AppData\Roaming\Spotify\Spotify.exe [7389752 2015-08-24] (Spotify Ltd) HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-07-24] (Sony) HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Skype] => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-04-22] (Hewlett-Packard Company) HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.) HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-11-21] (Apple Inc.) HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [com.apple.dav.bookmarks.daemon] => C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.) HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.) HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Filep\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.) HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Dropbox Update] => C:\Users\Filep\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.) HKU\S-1-5-18\...\Run: [Norton Download Manager{NIS211018-SHPD-FSD40014}] => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe /m HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) Startup: C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-06-25] ShortcutTarget: Dropbox.lnk -> C:\Users\Filep\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk [2015-06-25] ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG) Startup: C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-06-25] ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) ProxyEnable: [.DEFAULT] => Proxy ist aktiviert. ProxyServer: [.DEFAULT] => http=127.0.0.1:49827;https=127.0.0.1:49827 Winsock: Catalog5 01 mswsock.dll Keine Datei ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll" Winsock: Catalog5 05 mswsock.dll Keine Datei ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\mswsock.dll" Winsock: Catalog5-x64 01 mswsock.dll Keine Datei ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll" Winsock: Catalog5-x64 05 mswsock.dll Keine Datei ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\mswsock.dll" Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1 Tcpip\..\Interfaces\{C2EBE2D5-7A37-4D2E-883C-3C7C966033DA}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{DAB167F1-50C2-4BC8-A4BD-8510C13A125F}: [DhcpNameServer] 192.168.2.1 192.168.2.1 Internet Explorer: ================== HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1403267426&from=slbnew&uid=C300-CTFDDAC128MAG_00000000105103012EA7&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1403267426&from=slbnew&uid=C300-CTFDDAC128MAG_00000000105103012EA7&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403267426&from=slbnew&uid=C300-CTFDDAC128MAG_00000000105103012EA7&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403267426&from=slbnew&uid=C300-CTFDDAC128MAG_00000000105103012EA7&q={searchTerms} HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.7.0.11 HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.7.0.11 HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.7.0.11 HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb72CvkIkeB4xTHE_NSNl4Bdfv_cPMZsFHLQoT8k6dCF2aXg-RItrRmpukGGzcd9oCMZ0TCMJf-8ZHOow0LM-fa_rBNcDH7q4uozLVzBSHe5Y7FaltbIssw4jvpCo56TAlz5nmABleI0pCRF0oWCT1srnx5cZ8AlA,,&q={searchTerms} HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb72CvkIkeB4xTHE_NSNl4Bdfv_cPMZsFHLQoT8k6dCF2aXg-RItrRmpukGGzcd9oCMZ0TCMJf-8ZHOow0LM-fa_rBNcDH7q4uozLVzBSHe5Y7FaltbIssw4jvpCo56TAlz5nmABleI0pCRF0oWCT1srnx5cZ8AlA,,&q={searchTerms} HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\Software\Microsoft\Internet Explorer\Main,Start Page Restore = hxxp://www.google.de/ HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.7.0.11 URLSearchHook: HKLM-x32 - (Kein Name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - Keine Datei SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb72CvkIkeB4xTHE_NSNl4Bdfv_cPMZsFHLQoT8k6dCF2aXg-RItrRmpukGGzcd9oCMZ0TCMJf-8ZHOow0LM-fa_rBNcDH7q4uozLVzBSHe5Y7FaltbIssw4jvpCo56TAlz5nmABleI0pCREBBb6WUQI4c2pBNDMA,,&q={searchTerms} SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb72CvkIkeB4xTHE_NSNl4Bdfv_cPMZsFHLQoT8k6dCF2aXg-RItrRmpukGGzcd9oCMZ0TCMJf-8ZHOow0LM-fa_rBNcDH7q4uozLVzBSHe5Y7FaltbIssw4jvpCo56TAlz5nmABleI0pCREBBb6WUQI4c2pBNDMA,,&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope 006ee092-9658-4fd6-bd8e-a21a348e59f5 URL = SearchScopes: HKU\S-1-5-21-1820486185-2003612580-2916385394-1000 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb72CvkIkeB4xTHE_NSNl4Bdfv_cPMZsFHLQoT8k6dCF2aXg-RItrRmpukGGzcd9oCMZ0TCMJf-8ZHOow0LM-fa_rBNcDH7q4uozLVzBSHe5Y7FaltbIssw4jvpCo56TAlz5nmABleI0pCRF0oWCT1srnx5cZ8AlA,,&q={searchTerms} SearchScopes: HKU\S-1-5-21-1820486185-2003612580-2916385394-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb72CvkIkeB4xTHE_NSNl4Bdfv_cPMZsFHLQoT8k6dCF2aXg-RItrRmpukGGzcd9oCMZ0TCMJf-8ZHOow0LM-fa_rBNcDH7q4uozLVzBSHe5Y7FaltbIssw4jvpCo56TAlz5nmABleI0pCRF0oWCT1srnx5cZ8AlA,,&q={searchTerms} BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation) BHO: UrlHelper Class -> {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} -> C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\IEBHO.dll [2011-06-01] (Bandoo Media, inc) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO: Norton Family BHO -> {B8E07826-0971-4f16-B133-047B88034E89} -> C:\Program Files (x86)\Norton Family\Engine64\3.4.0.43\coIEPlg.dll [2015-08-12] (Symantec Corporation) BHO: Toolbar 3.0 der Telekom Browserhilfsobjekt -> {C9603180-FA5C-4DB0-A013-ADC60309AF82} -> C:\Program Files\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-07-13] (DVDVideoSoft Ltd.) BHO-x32: Kein Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> Keine Datei BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.) BHO-x32: IEPlugin.BHO -> {2159cb25-ef9a-54c1-b43c-e30d1a4a8278} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation) BHO-x32: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll Keine Datei BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation) BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL Keine Datei BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll Keine Datei BHO-x32: Searchqu Toolbar -> {99079a25-328f-4bd4-be04-00955acaa0a7} -> C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll [2015-07-22] () BHO-x32: UrlHelper Class -> {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} -> C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll [2011-06-01] (Bandoo Media, inc) BHO-x32: DealPly -> {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} -> C:\Program Files (x86)\DealPly\DealPlyIE.dll Keine Datei BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO-x32: Norton Family BHO -> {B8E07826-0971-4f16-B133-047B88034E89} -> C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\coIEPlg.dll [2015-08-12] (Symantec Corporation) BHO-x32: Toolbar 3.0 der Telekom Browserhilfsobjekt -> {C9603180-FA5C-4DB0-A013-ADC60309AF82} -> C:\Program Files (x86)\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei BHO-x32: Kein Name -> {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} -> Keine Datei BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll Keine Datei BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-07-13] (DVDVideoSoft Ltd.) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.) Toolbar: HKLM - Toolbar 3.0 der Telekom - {2015C8D4-8534-48DB-B5FB-5C76291F080C} - C:\Program Files\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei Toolbar: HKLM - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - Keine Datei Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation) Toolbar: HKLM-x32 - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll [2015-07-22] () Toolbar: HKLM-x32 - Toolbar 3.0 der Telekom - {2015C8D4-8534-48DB-B5FB-5C76291F080C} - C:\Program Files (x86)\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation) Toolbar: HKLM-x32 - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - Keine Datei Toolbar: HKU\S-1-5-21-1820486185-2003612580-2916385394-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-1820486185-2003612580-2916385394-1000 -> Kein Name - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - Keine Datei Toolbar: HKU\S-1-5-21-1820486185-2003612580-2916385394-1000 -> Toolbar 3.0 der Telekom - {2015C8D4-8534-48DB-B5FB-5C76291F080C} - C:\Program Files\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {82E5DF24-51E8-47CD-864A-F4BD5005AA73} hxxps://www.icloud.com/system/iCloud.cab DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://javadl-esd.sun.com/update/1.4.2/jinstall-1_4_2-windows-i586.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1403267426&from=slbnew&uid=C300-CTFDDAC128MAG_00000000105103012EA7 FireFox: ======== FF ProfilePath: C:\Users\Filep\AppData\Roaming\Mozilla\Firefox\Profiles\xv6aaryn.default FF Homepage: about:home FF NetworkProxy: "ftp", "proxyus.stealthy.co" FF NetworkProxy: "ftp_port", 3128 FF NetworkProxy: "http", "proxyus.stealthy.co" FF NetworkProxy: "http_port", 3128 FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co" FF NetworkProxy: "share_proxy_settings", true FF NetworkProxy: "socks", "proxyus.stealthy.co" FF NetworkProxy: "socks_port", 3128 FF NetworkProxy: "ssl", "proxyus.stealthy.co" FF NetworkProxy: "ssl_port", 3128 FF NetworkProxy: "type", 0 FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll [2012-08-08] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Keine Datei] FF Plugin-x32: @innoplus.de/ino3DViewer -> C:\Program Files (x86)\innoplus\3D-Viewer-innoPlus\npIno3DViewer.dll [Keine Datei] FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [Keine Datei] FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [Keine Datei] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-01-13] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-01-13] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: Adobe Reader -> F:\Programme\Program Files (x86)\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1820486185-2003612580-2916385394-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Filep\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll Keine Datei FF Plugin HKU\S-1-5-21-1820486185-2003612580-2916385394-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2013-08-22] (Sony Network Entertainment International LLC) FF SearchPlugin: C:\Users\Filep\AppData\Roaming\Mozilla\Firefox\Profiles\xv6aaryn.default\searchplugins\safesearch.xml [2015-02-22] FF Extension: Stealthy - C:\Users\Filep\AppData\Roaming\Mozilla\Firefox\Profiles\xv6aaryn.default\Extensions\stealthyextension@gmail.com.xpi [2015-02-21] FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Filep\AppData\Roaming\Mozilla\Firefox\Profiles\xv6aaryn.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-07-28] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-03-04] FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFPlgn FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFPlgn [2015-08-31] FF HKLM-x32\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_3.4.0.43\coFFFw FF Extension: Norton Family - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_3.4.0.43\coFFFw [2015-08-31] FF HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: Kein Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn [nicht gefunden] StartMenuInternet: FIREFOX.EXE - F:\Programme\Program Files (x86)\firefox.exe Chrome: ======= CHR Profile: C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (ProxFlow) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-02-21] CHR Extension: (Norton Security Toolbar) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-07-12] CHR Extension: (Stealthy) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2015-06-13] CHR Extension: (eBay for Chrome) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2015-06-13] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-30] CHR Extension: (Audio EQ) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfafdlnjaliaghpjdajmlcnnblkgcefh [2015-06-13] CHR Extension: (Norton™ Family) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\napjheenlliimoedooldaalpjfidlidp [2015-08-24] CHR Extension: (Chrome Web Store Payments) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-20] CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-26] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [napjheenlliimoedooldaalpjfidlidp] - C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\Extensions\Chrome.crx [2015-08-29] CHR HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx <nicht gefunden> CHR HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files (x86)\Amazon\ABB\AmazonChrome-bds-amzn.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-26] CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [napjheenlliimoedooldaalpjfidlidp] - C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\Extensions\Chrome.crx [2015-08-29] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.) R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert] S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [129440 2011-01-13] (Futuremark Corporation) R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert] R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-04-22] (Hewlett-Packard Company) [Datei ist nicht signiert] R2 mitsijm2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [952608 2013-01-25] (Autodesk, Inc.) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert] R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [Datei ist nicht signiert] R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe [282016 2015-07-16] (Symantec Corporation) R2 NSM; C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\NF.exe [364416 2015-08-21] (Symantec Corporation) R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2011-10-25] (PC Tools) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert] S2 TampMon; C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\TampMon.exe [314680 2015-08-21] (Symantec Corporation) S2 CLKMSVC10_9EC60124; "C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe" /svc [X] S2 SkypeUpdate; "C:\Program Files (x86)\Skype\Updater\Updater.exe" [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] () S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin) R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150821.001\BHDrvx64.sys [1650936 2015-07-23] (Symantec Corporation) R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1605020.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation) R1 ccSet_NSM; C:\Windows\system32\drivers\NSMx64\0304000.02B\ccSetx64.sys [165080 2015-06-04] (Symantec Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-28] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-28] (Symantec Corporation) S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH) S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2007-08-09] (Huawei Tech. Co., Ltd.) R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150828.001\IDSvia64.sys [767224 2015-08-29] (Symantec Corporation) S3 mod7700; C:\Windows\System32\DRIVERS\mod7700.sys [691712 2008-04-14] (DiBcom SA) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] () R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150830.020\ENG64.SYS [138488 2015-05-20] (Symantec Corporation) R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150830.020\EX64.SYS [2146040 2015-05-20] (Symantec Corporation) S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-08-02] (Apple Inc.) [Datei ist nicht signiert] S3 NvStUSB; C:\Windows\System32\DRIVERS\nvstusb.sys [63592 2010-06-07] () S3 PVUSB; C:\Windows\System32\DRIVERS\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD.) R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1605020.00F\SRTSP64.SYS [926448 2015-07-11] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1605020.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation) R0 SymEFASI; C:\Windows\System32\drivers\NISx64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-08-29] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NISx64\1605020.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1605020.00F\SYMNETS.SYS [576248 2015-07-11] (Symantec Corporation) S3 SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}; C:\Windows\System32\Drivers\NSMx64\0304000.02B\SymRdrS.SYS [243416 2015-08-19] (Symantec Corporation) R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation) S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X] S3 EraserUtilDrv11310; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11310.sys [X] S3 EraserUtilDrv11313; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11313.sys [X] U2 SharedAccess; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-31 14:10 - 2015-08-31 14:10 - 00048004 _____ C:\Users\Filep\Downloads\FRST.txt 2015-08-31 14:10 - 2015-08-31 14:10 - 00000000 ____D C:\FRST 2015-08-31 14:09 - 2015-08-31 14:09 - 02188288 _____ (Farbar) C:\Users\Filep\Downloads\FRST64.exe 2015-08-31 14:09 - 2015-08-31 14:09 - 00000085 _____ C:\Windows\wininit.ini 2015-08-31 14:04 - 2015-08-31 14:04 - 00000791 _____ C:\Users\Filep\Desktop\[TV]Samsung LED46 - Verknüpfung.lnk 2015-08-31 13:59 - 2015-08-31 13:58 - 00000797 _____ C:\Windows\system32\Drivers\etc\hosts.20150831-135934.backup 2015-08-31 13:41 - 2015-08-31 14:09 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2015-08-31 13:41 - 2015-08-31 13:41 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2015-08-31 13:31 - 2015-08-31 13:31 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Filep\Downloads\spybot-2.4.exe 2015-08-31 13:18 - 2015-08-31 13:18 - 00000000 ____D C:\Users\Filep\AppData\Local\Microsoft Help 2015-08-22 18:50 - 2015-08-31 13:05 - 00000000 ____D C:\Windows\System32\Tasks\Norton Family 2015-08-22 18:49 - 2015-08-31 13:00 - 00000000 ____D C:\Windows\system32\Drivers\NSMx64 2015-08-22 18:49 - 2015-08-22 18:53 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton 2015-08-22 18:49 - 2015-08-22 18:49 - 01038368 _____ (Symantec Corporation) C:\Users\Filep\Downloads\NF_Installer.exe 2015-08-22 18:49 - 2015-08-22 18:49 - 00001227 _____ C:\Users\Filep\Desktop\Norton Installation Files.lnk 2015-08-22 18:49 - 2015-08-22 18:49 - 00000000 ____D C:\Program Files (x86)\Norton Family 2015-08-22 17:33 - 2015-08-22 17:33 - 00000000 ____D C:\games 2015-08-22 17:31 - 2015-08-31 13:13 - 00000000 ____D C:\Program Files (x86)\MovieDea 2015-08-22 17:31 - 2015-08-22 17:32 - 00000000 ____D C:\Users\Filep\AppData\Roaming\PDFConvert 2015-08-22 17:31 - 2015-08-22 17:32 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Convertor 2015-08-22 17:31 - 2015-08-22 17:31 - 00536412 _____ C:\Users\Filep\Downloads\Icy Tower.zip 2015-08-22 17:31 - 2015-08-22 17:31 - 00003768 _____ C:\Windows\System32\Tasks\Convertor 2015-08-22 17:31 - 2015-08-22 17:31 - 00003292 _____ C:\Windows\System32\Tasks\Winsta Update 2015-08-22 17:31 - 2015-08-22 17:31 - 00003236 _____ C:\Windows\System32\Tasks\WinKit 2015-08-22 17:31 - 2015-08-22 17:31 - 00002726 _____ C:\claraInstaller.txt 2015-08-22 17:31 - 2015-08-22 17:31 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Winsta 2015-08-22 17:31 - 2015-08-22 17:31 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MovieDea 2015-08-18 22:05 - 2015-08-16 12:15 - 1529124864 _____ C:\Users\Filep\Desktop\Heiratsantrag.MTS 2015-08-18 22:00 - 2015-08-18 22:03 - 105186437 _____ C:\Users\Filep\Desktop\Heiratsantrag gekürzt neu.mp4 2015-08-18 21:55 - 2015-08-18 21:58 - 48992010 _____ C:\Users\Filep\Desktop\Heiratsantrag gekürzt.mp4 2015-08-18 21:54 - 2015-08-18 21:54 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Digiarty 2015-08-18 21:53 - 2015-08-18 21:53 - 36396504 _____ (Digiarty Software, Inc. ) C:\Users\Filep\Downloads\winx-hd-converter-deluxe.exe 2015-08-18 19:51 - 2015-08-18 19:51 - 00000000 ____D C:\Users\Filep\AppData\Local\Movavi 2015-08-18 19:45 - 2015-08-31 13:26 - 00000000 ____D C:\Program Files (x86)\Movavi Video Converter 15 2015-08-18 19:40 - 2015-08-18 19:40 - 39158440 _____ (Movavi) C:\Users\Filep\Downloads\MovaviVideoConverterSetupC.exe 2015-08-16 21:51 - 2015-08-16 21:51 - 00001646 _____ C:\Users\Public\Desktop\Aiseesoft AVCHD Video Converter.lnk 2015-08-16 21:51 - 2015-08-16 21:51 - 00000000 ____D C:\Users\Filep\Documents\Aiseesoft Studio 2015-08-16 21:51 - 2015-08-16 21:51 - 00000000 ____D C:\Users\Filep\AppData\Local\Aiseesoft Studio 2015-08-16 21:51 - 2015-08-16 21:51 - 00000000 ____D C:\Program Files (x86)\Aiseesoft Studio 2015-08-16 21:50 - 2015-08-16 21:50 - 24566856 _____ (Aiseesoft Studio ) C:\Users\Filep\Downloads\avchd-video-60converter.exe 2015-08-14 17:10 - 2015-08-14 17:10 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-08-12 16:53 - 2015-08-12 16:53 - 00000000 ____D C:\Users\Filep\AppData\Local\CEF 2015-08-11 16:59 - 2015-08-11 16:59 - 00160154 _____ C:\Users\Filep\Downloads\Ihr Besuch in Tripsdrill.zip ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-31 14:09 - 2009-07-14 06:45 - 00015360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-08-31 14:09 - 2009-07-14 06:45 - 00015360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-08-31 13:54 - 2015-06-26 15:44 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1820486185-2003612580-2916385394-1000UA.job 2015-08-31 13:20 - 2011-03-06 01:37 - 00000344 _____ C:\Windows\lgfwup.ini 2015-08-31 13:20 - 2011-02-27 18:20 - 00000000 ____D C:\Program Files (x86)\lg_fwupdate 2015-08-31 13:18 - 2011-03-16 01:36 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-31 13:16 - 2013-12-29 16:18 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-08-31 13:04 - 2009-07-14 19:58 - 00702980 _____ C:\Windows\system32\perfh007.dat 2015-08-31 13:04 - 2009-07-14 19:58 - 00150620 _____ C:\Windows\system32\perfc007.dat 2015-08-31 13:04 - 2009-07-14 07:13 - 01629334 _____ C:\Windows\system32\PerfStringBackup.INI 2015-08-31 13:02 - 2011-02-26 23:37 - 01282059 _____ C:\Windows\WindowsUpdate.log 2015-08-31 13:01 - 2015-04-20 20:50 - 00000000 ___RD C:\Users\Filep\iCloudDrive 2015-08-31 13:01 - 2015-02-21 10:19 - 00000000 ___RD C:\Users\Filep\Dropbox 2015-08-31 13:01 - 2015-02-17 20:37 - 00000000 ____D C:\Users\Filep\AppData\Local\Spotify 2015-08-31 13:01 - 2014-10-24 15:34 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Dropbox 2015-08-31 13:01 - 2013-12-31 18:27 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Spotify 2015-08-31 13:01 - 2011-03-16 01:36 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-08-31 13:00 - 2011-03-06 08:36 - 00405844 _____ C:\Windows\PFRO.log 2015-08-31 13:00 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-31 13:00 - 2009-07-14 06:51 - 00152607 _____ C:\Windows\setupact.log 2015-08-29 20:13 - 2011-03-16 01:36 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-08-29 20:13 - 2011-03-16 01:36 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-08-29 19:00 - 2011-12-10 15:00 - 00000286 _____ C:\Windows\Tasks\RMSchedule.job 2015-08-29 15:54 - 2015-06-26 15:44 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1820486185-2003612580-2916385394-1000Core.job 2015-08-29 14:57 - 2014-08-10 14:23 - 00111344 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 2015-08-29 14:57 - 2014-08-10 14:23 - 00008214 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT 2015-08-24 20:07 - 2011-12-10 20:00 - 00000418 _____ C:\Windows\SysWOW64\AppLog.log 2015-08-22 20:28 - 2011-12-10 15:00 - 00000000 ____D C:\Program Files (x86)\PC Tools Registry Mechanic 2015-08-22 18:49 - 2015-07-11 18:41 - 00000000 ____D C:\Users\Public\Downloads\Norton 2015-08-22 18:49 - 2013-11-09 19:10 - 03020800 ___SH C:\Users\Filep\Desktop\Thumbs.db 2015-08-21 16:34 - 2015-07-10 15:21 - 00002002 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk 2015-08-21 16:34 - 2013-11-23 19:50 - 00376272 _____ C:\Windows\DPINST.LOG 2015-08-21 16:34 - 2011-02-26 23:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-08-19 20:08 - 2011-03-06 07:24 - 00000000 ____D C:\Program Files (x86)\avmwlanstick 2015-08-18 19:51 - 2011-02-26 23:37 - 00000000 ____D C:\Users\Filep 2015-08-12 16:54 - 2014-04-06 19:13 - 00000000 ____D C:\Users\Filep\AppData\Local\Akamai ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-03-14 20:18 - 2015-03-14 20:19 - 4286798 _____ () C:\Users\Filep\AppData\Local\5C5FDFC1_stp.CIS 2015-03-14 20:18 - 2015-03-14 20:19 - 0000326 _____ () C:\Users\Filep\AppData\Local\5C5FDFC1_stp.CIS.part 2015-03-14 20:18 - 2015-03-14 20:18 - 0385602 _____ () C:\Users\Filep\AppData\Local\5D515C96_stp.CIS 2015-03-14 20:18 - 2015-04-26 17:46 - 0000220 _____ () C:\Users\Filep\AppData\Local\5D515C96_stp.CIS.part 2015-03-14 20:18 - 2015-03-14 20:18 - 0193463 _____ () C:\Users\Filep\AppData\Local\62C2AAC5_stp.CIS 2015-03-14 20:18 - 2015-03-14 20:18 - 0000250 _____ () C:\Users\Filep\AppData\Local\62C2AAC5_stp.CIS.part 2013-05-04 12:08 - 2013-05-04 12:08 - 0000000 _____ () C:\ProgramData\as98213.txt 2012-07-21 10:34 - 2015-06-25 13:03 - 0015768 _____ () C:\ProgramData\hpzinstall.log 2015-08-18 19:45 - 2015-08-18 19:45 - 0000016 _____ () C:\ProgramData\mntemp 2013-05-04 12:08 - 2013-05-04 12:08 - 95023320 ____T () C:\ProgramData\otrheq.pad ZeroAccess: C:\$Recycle.Bin\S-1-5-21-1820486185-2003612580-2916385394-1000\$6c5270fbd1f095797ae707850c85a183 ZeroAccess: C:\$Recycle.Bin\S-1-5-18\$6c5270fbd1f095797ae707850c85a183 Einige Dateien in TEMP: ==================== C:\Users\Filep\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7zlp1z.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. LastRegBack: 2015-08-22 11:32 ==================== Ende von FRST.txt ============================ Danke im Voraus Gruß Alex |
31.08.2015, 14:21 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | redirect Virus Windows 7 Hi,
__________________du hast nen ZeroAccess im System... Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ |
31.08.2015, 19:45 | #3 |
| redirect Virus Windows 7 Danke für die schnelle Antwort.
__________________Es gab keine Probleme mit Norton und keine Fehlermeldung beim Neustart. Code:
ATTFilter ComboFix 15-08-31.01 - Filep 31.08.2015 20:34:47.2.8 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.16382.12441 [GMT 2:00] ausgeführt von:: c:\users\Filep\Downloads\ComboFix.exe AV: Norton Internet Security *Disabled/Updated* {53C7D717-52E2-B95E-FA61-6F32ECC805DB} FW: Norton Internet Security *Disabled* {6BFC5632-188D-B806-D13E-C607121B42A0} SP: Norton Internet Security *Disabled/Updated* {E8A636F3-74D8-B6D0-C0D1-5440974F4F66} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\drivers\null.sys fehlte Kopie von - c:\windows\winsxs\amd64_microsoft-windows-null_31bf3856ad364e35_6.1.7600.16385_none_055adf2434ae116e\null.sys wurde wiederhergestellt . c:\windows\system32\drivers\afd.sys fehlte Kopie von - c:\windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21887_none_364f3a028e605345\afd.sys wurde wiederhergestellt . c:\windows\system32\drivers\ndis.sys fehlte Kopie von - c:\windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys wurde wiederhergestellt . c:\windows\system32\drivers\ndisuio.sys fehlte Kopie von - c:\windows\winsxs\amd64_microsoft-windows-ndisuio_31bf3856ad364e35_6.1.7601.17514_none_ca170d32fd7da822\ndisuio.sys wurde wiederhergestellt . c:\windows\system32\drivers\netbios.sys fehlte Kopie von - c:\windows\winsxs\amd64_microsoft-windows-netbios_31bf3856ad364e35_6.1.7600.16385_none_b5d6a9d184d05567\netbios.sys wurde wiederhergestellt . c:\windows\system32\drivers\usbehci.sys fehlte Kopie von - c:\windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7600.20934_none_1a7606b53634947e\usbehci.sys wurde wiederhergestellt . c:\windows\system32\drivers\intelppm.sys fehlte Kopie von - c:\windows\winsxs\amd64_cpu.inf_31bf3856ad364e35_6.1.7600.16385_none_b93f4c460912265a\intelppm.sys wurde wiederhergestellt . c:\windows\system32\drivers\tcpip.sys fehlte Kopie von - c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys wurde wiederhergestellt . c:\windows\system32\drivers\netbt.sys fehlte Kopie von - c:\windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_be8acdd10de3b1a6\netbt.sys wurde wiederhergestellt . c:\windows\system32\drivers\asyncmac.sys fehlte Kopie von - c:\windows\winsxs\amd64_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.1.7600.16385_none_804cc08a4e8a4516\asyncmac.sys wurde wiederhergestellt . c:\windows\system32\drivers\cdrom.sys fehlte Kopie von - c:\windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys wurde wiederhergestellt . c:\windows\system32\drivers\Serial.sys fehlte Kopie von - c:\windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys wurde wiederhergestellt . c:\windows\system32\drivers\ndproxy.sys fehlte Kopie von - c:\windows\winsxs\amd64_microsoft-windows-rasbase_31bf3856ad364e35_6.1.7601.17514_none_6c066d50910ecf5a\ndproxy.sys wurde wiederhergestellt . c:\windows\system32\drivers\ws2ifsl.sys fehlte Kopie von - c:\windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys wurde wiederhergestellt . c:\windows\system32\drivers\i8042prt.sys fehlte Kopie von - c:\windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7600.16385_none_f3435f7ff2a9f325\i8042prt.sys wurde wiederhergestellt . c:\windows\system32\drivers\tdx.sys fehlte Kopie von - c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys wurde wiederhergestellt . . ((((((((((((((((((((((( Dateien erstellt von 2015-07-28 bis 2015-08-31 )))))))))))))))))))))))))))))) . . 2015-08-31 18:38 . 2015-08-31 18:38 -------- d-----w- c:\users\Gast\AppData\Local\temp 2015-08-31 18:38 . 2010-11-20 09:21 119296 ----a-w- c:\windows\SysWow64\drivers\tdx.sys 2015-08-31 18:38 . 2009-07-13 23:19 105472 ----a-w- c:\windows\SysWow64\drivers\i8042prt.sys 2015-08-31 18:38 . 2009-07-14 00:10 21504 ----a-w- c:\windows\SysWow64\drivers\ws2ifsl.sys 2015-08-31 18:38 . 2010-11-20 10:52 57856 ----a-w- c:\windows\SysWow64\drivers\ndproxy.sys 2015-08-31 18:38 . 2009-07-14 00:00 94208 ----a-w- c:\windows\SysWow64\drivers\Serial.sys 2015-08-31 18:38 . 2010-11-20 09:19 147456 ----a-w- c:\windows\SysWow64\drivers\cdrom.sys 2015-08-31 18:38 . 2009-07-14 00:10 23040 ----a-w- c:\windows\SysWow64\drivers\asyncmac.sys 2015-08-31 18:38 . 2010-11-20 09:23 261632 ----a-w- c:\windows\SysWow64\drivers\netbt.sys 2015-08-31 18:38 . 2012-10-03 17:56 1914248 ----a-w- c:\windows\SysWow64\drivers\tcpip.sys 2015-08-31 18:38 . 2009-07-13 23:19 62464 ----a-w- c:\windows\SysWow64\drivers\intelppm.sys 2015-08-31 18:37 . 2011-03-29 03:32 52224 ----a-w- c:\windows\SysWow64\drivers\usbehci.sys 2015-08-31 18:37 . 2009-07-14 00:09 44544 ----a-w- c:\windows\SysWow64\drivers\netbios.sys 2015-08-31 18:37 . 2010-11-20 10:50 56832 ----a-w- c:\windows\SysWow64\drivers\ndisuio.sys 2015-08-31 18:37 . 2012-08-22 18:12 950128 ----a-w- c:\windows\SysWow64\drivers\ndis.sys 2015-08-31 18:37 . 2011-12-28 04:01 498176 ----a-w- c:\windows\SysWow64\drivers\afd.sys 2015-08-31 18:37 . 2009-07-13 23:19 6144 ----a-w- c:\windows\SysWow64\drivers\null.sys 2015-08-31 12:41 . 2015-08-31 12:42 -------- d-----w- C:\AdwCleaner 2015-08-31 12:32 . 2015-08-31 12:32 -------- d-----w- c:\users\Filep\AppData\Local\VirtualStore 2015-08-31 12:14 . 2015-08-31 12:14 -------- d-----w- c:\programdata\Malwarebytes 2015-08-31 12:10 . 2015-08-31 12:11 -------- d-----w- C:\FRST 2015-08-31 12:01 . 2015-08-31 12:01 -------- d-----w- c:\users\Filep\AppData\Local\ElevatedDiagnostics 2015-08-31 11:41 . 2015-08-31 12:09 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2015-08-31 11:41 . 2015-08-31 12:29 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2 2015-08-31 11:18 . 2015-08-31 11:18 -------- d-----w- c:\users\Filep\AppData\Local\Microsoft Help 2015-08-22 16:49 . 2015-08-31 11:00 -------- d-----w- c:\windows\system32\drivers\NSMx64 2015-08-22 16:49 . 2015-08-22 16:49 -------- d-----w- c:\program files (x86)\Norton Family 2015-08-22 15:33 . 2015-08-22 15:33 -------- d-----w- C:\games 2015-08-18 19:54 . 2015-08-18 19:54 -------- d-----w- c:\users\Filep\AppData\Roaming\Digiarty 2015-08-18 17:51 . 2015-08-18 17:51 -------- d-----w- c:\users\Filep\.fontconfig 2015-08-18 17:51 . 2015-08-18 17:51 -------- d-----w- c:\users\Filep\AppData\Local\Movavi 2015-08-18 17:45 . 2015-08-18 17:45 -------- d-----w- c:\programdata\Movavi 2015-08-18 17:45 . 2015-08-18 17:45 -------- d-----w- c:\programdata\Movavi Video Converter 15 2015-08-16 19:51 . 2015-08-16 19:51 -------- d-----w- c:\users\Filep\AppData\Local\Aiseesoft Studio 2015-08-16 19:51 . 2015-08-16 19:51 -------- d-----w- c:\programdata\Aiseesoft Studio 2015-08-16 19:51 . 2015-08-16 19:51 -------- d-----w- c:\program files (x86)\Aiseesoft Studio 2015-08-12 14:53 . 2015-08-12 14:53 -------- d-----w- c:\users\Filep\AppData\Local\CEF . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2015-08-29 12:57 . 2014-08-10 12:23 111344 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS 2015-07-11 01:06 . 2015-07-26 15:07 576248 ----a-w- c:\windows\system32\drivers\NISx64\1605020.00F\symnets.sys 2015-07-11 01:06 . 2015-07-26 15:07 24192 ----a-w- c:\windows\system32\drivers\NISx64\1605020.00F\symelam.sys 2015-07-11 01:06 . 2015-07-26 15:07 297720 ----a-w- c:\windows\system32\drivers\NISx64\1605020.00F\ironx64.sys 2015-07-11 01:06 . 2015-07-26 15:07 1620720 ----a-w- c:\windows\system32\drivers\NISx64\1605020.00F\symefasi64.sys 2015-07-11 01:06 . 2015-07-26 15:07 926448 ----a-w- c:\windows\system32\drivers\NISx64\1605020.00F\srtsp64.sys 2015-07-11 01:06 . 2015-07-26 15:07 50936 ----a-w- c:\windows\system32\drivers\NISx64\1605020.00F\srtspx64.sys 2015-07-11 01:06 . 2015-07-26 15:07 173808 ----a-w- c:\windows\system32\drivers\NISx64\1605020.00F\ccsetx64.sys . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="c:\users\Filep\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-08-31 2018360] "Spotify"="c:\users\Filep\AppData\Roaming\Spotify\Spotify.exe" [2015-08-31 7535672] "Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2015-07-24 457088] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-04-22 2363392] "iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2014-11-21 43816] "iCloudDrive"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" [2014-11-21 43816] "Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224] "ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2014-11-21 43816] "Akamai NetSession Interface"="c:\users\Filep\AppData\Local\Akamai\netsession_win.exe" [2015-07-23 4691384] "Dropbox Update"="c:\users\Filep\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2015-06-26 134512] "GoogleChromeAutoLaunch_D9414D4DFAD2C873EED3A19B298D3FAC"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2015-08-18 813896] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] "SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2011-10-25 103896] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888] "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288] "LGODDFU"="c:\program files (x86)\lg_fwupdate\lgfw.exe" [2012-07-23 27760] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2009-10-19 36864] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-08-11 2472048] "AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-03-20 60712] "AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2012-02-23 59240] "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528] "GoPro Studio Importer"="c:\program files (x86)\GoPro\Tools\Importer\GoPro Importer.exe" [2015-07-02 3217672] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224] . c:\users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Filep\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-5 39179912] Netzmanager.lnk - c:\program files\Netzmanager\netzmanager.exe /Autostart [2014-1-24 14140416] OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2011-9-2 227712] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ GoPro Importer.lnk - c:\program files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [2015-7-2 3217672] HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336] Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2011-3-14 1207312] NewShortcut5.lnk - c:\program files (x86)\Word Explorer\Launch.exe [2008-10-30 57344] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TampMon] @="Service" . R2 CLKMSVC10_9EC60124;CyberLink Product - 2011/03/06 00:35;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x] R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x] R3 EraserUtilDrv11310;EraserUtilDrv11310;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11310.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11310.sys [x] R3 EraserUtilDrv11313;EraserUtilDrv11313;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11313.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11313.sys [x] R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x] R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [x] R3 fwlanusbn;FRITZ!WLAN N;c:\windows\system32\DRIVERS\fwlanusbn.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusbn.sys [x] R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x] R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x] R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x] R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x] R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x] R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys;c:\windows\SYSNATIVE\DRIVERS\lvpopf64.sys [x] R3 LVUVC64;QuickCam for Notebooks Pro(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x] R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\DRIVERS\nvstusb.sys;c:\windows\SYSNATIVE\DRIVERS\nvstusb.sys [x] R3 PVUSB;CESG502 64bit USB Driver;c:\windows\system32\DRIVERS\CESG64.sys;c:\windows\SYSNATIVE\DRIVERS\CESG64.sys [x] R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x] R3 SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A};Symantec Redirector - Norton Family;c:\windows\System32\Drivers\NSMx64\0304000.02B\SymRdrS.SYS;c:\windows\SYSNATIVE\Drivers\NSMx64\0304000.02B\SymRdrS.SYS [x] R3 TelekomNM6;Telekom Netzmanager Packet Filter Driver;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys;c:\windows\SYSNATIVE\DRIVERS\mv91xx.sys [x] S0 SymEFASI;Symantec Extended File Attributes (SI);c:\windows\system32\drivers\NISx64\1605020.00F\SYMEFASI64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1605020.00F\SYMEFASI64.SYS [x] S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150821.001\BHDrvx64.sys;c:\program files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150821.001\BHDrvx64.sys [x] S1 ccSet_NIS;NIS Settings Manager;c:\windows\system32\drivers\NISx64\1605020.00F\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1605020.00F\ccSetx64.sys [x] S1 ccSet_NSM;Norton Family Settings Manager;c:\windows\system32\drivers\NSMx64\0304000.02B\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NSMx64\0304000.02B\ccSetx64.sys [x] S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150828.001\IDSvia64.sys;c:\program files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150828.001\IDSvia64.sys [x] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1605020.00F\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1605020.00F\Ironx64.SYS [x] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1605020.00F\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1605020.00F\SYMNETS.SYS [x] S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x] S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [x] S2 mitsijm2014;Autodesk Simulation Moldflow MITSI 2014 Job-Manager;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [x] S2 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe ;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [x] S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe;c:\program files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe [x] S2 NSM;Norton Family;c:\program files (x86)\Norton Family\Engine\3.4.0.43\NF.exe;c:\program files (x86)\Norton Family\Engine\3.4.0.43\NF.exe [x] S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 TampMon;Norton Family Tamper Monitoring;c:\program files (x86)\Norton Family\Engine\3.4.0.43\TampMon.exe;c:\program files (x86)\Norton Family\Engine\3.4.0.43\TampMon.exe [x] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x] S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x] S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x] S3 RTL8167;Realtek 8167 NT-Treiber;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2010-04-22 12:09 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2015-08-21 15:13 993608 ----a-w- c:\program files (x86)\Google\Chrome\Application\44.0.2403.157\Installer\chrmstp.exe . Inhalt des "geplante Tasks" Ordners . 2015-08-31 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-07 14:18] . 2015-08-31 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1820486185-2003612580-2916385394-1000Core.job - c:\users\Filep\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-26 13:44] . 2015-08-31 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1820486185-2003612580-2916385394-1000UA.job - c:\users\Filep\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-26 13:44] . 2015-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-07-29 15:08] . 2015-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-07-29 15:08] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] "SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2011-10-25 103896] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888] "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288] "LGODDFU"="c:\program files (x86)\lg_fwupdate\lgfw.exe" [2012-07-23 27760] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2009-10-19 36864] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-08-11 2472048] "AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-03-20 60712] "AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2012-02-23 59240] "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528] "GoPro Studio Importer"="c:\program files (x86)\GoPro\Tools\Importer\GoPro Importer.exe" [2015-07-02 3217672] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs NETSVCS BENÖTIGT REPARATUR - Derzeitig vorhandene Einträge: AeLookupSvc CertPropSvc SCPolicySvc lanmanserver gpsvc AudioSrv FastUserSwitchingCompatibility Ias Irmon Nla Ntmssvc NWCWorkstation Nwsapagent Rasauto Rasman Remoteaccess SENS Sharedaccess SRService Tapisrv Wmi WmdmPmSp TermService wuauserv BITS ShellHWDetection LogonHours PCAudit helpsvc uploadmgr iphlpsvc msiscsi schedule SessionEnv winmgmt AppMgmt . Rebuilding ... You need to reboot your machine for this to take effect. . AppInfo browser EapHost hkmsvc IKEEXT MMCSS ProfSvc seclogon Themes wercplsupport BDESVC . ------- Zusätzlicher Suchlauf ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.7.0.11 mStart Page = about:blank mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = <local> uSearchAssistant = hxxp://www.google.com IE: An OneNote s&enden - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105 IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000 IE: Word Explorer starten - c:\program files (x86)\Word Explorer\cnie5.htm IE: {{26231800-6CE9-43d8-9357-5B4DC8CF4561} - c:\program files (x86)\Word Explorer\cnie5.htm TCP: DhcpNameServer = 192.168.2.1 192.168.2.1 FF - ProfilePath - c:\users\Filep\AppData\Roaming\Mozilla\Firefox\Profiles\xv6aaryn.default\ FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: network.proxy.ftp - proxyus.stealthy.co FF - prefs.js: network.proxy.ftp_port - 3128 FF - prefs.js: network.proxy.http - proxyus.stealthy.co FF - prefs.js: network.proxy.http_port - 3128 FF - prefs.js: network.proxy.socks - proxyus.stealthy.co FF - prefs.js: network.proxy.socks_port - 3128 FF - prefs.js: network.proxy.ssl - proxyus.stealthy.co FF - prefs.js: network.proxy.ssl_port - 3128 FF - prefs.js: network.proxy.type - 0 . - - - - Entfernte verwaiste Registrierungseinträge - - - - . Toolbar-10 - (no file) Wow6432Node-HKCU-Run-Steam - c:\program files (x86)\Steam\steam.exe Wow6432Node-HKCU-Run-Skype - c:\program files (x86)\Skype\Phone\Skype.exe Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe Wow6432Node-HKCU-Run-com.apple.dav.bookmarks.daemon - c:\program files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe Wow6432Node-HKLM-Run-UCam_Menu - c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe Wow6432Node-HKLM-Run-TotalMediaTVMonitor - c:\program files (x86)\ArcSoft\TotalMedia TV 1.0\TotalMediaTVMonitor.exe Wow6432Node-HKLM-Run-CLMLServer - c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe Wow6432Node-HKU-Default-Run-Norton Download Manager{NIS211018-SHPD-FSD40014} - c:\program files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Biet-O-Matic.lnk - e:\dateien von system (c)\Biet-O-Matic\Biet-O-Matic.exe Toolbar-10 - (no file) HKLM-Run-UCam_Menu - c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe HKLM-Run-TotalMediaTVMonitor - c:\program files (x86)\ArcSoft\TotalMedia TV 1.0\TotalMediaTVMonitor.exe HKLM-Run-CLMLServer - c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe AddRemove-AMX Mod X Installer - c:\program files (x86)\AMX Mod X\uninst.exe AddRemove-AVMWLANCLI - c:\program files (x86)\avmwlanstick\instwcli.exe AddRemove-Biet-O-Matic v2.14.12 - c:\progra~2\Biet-O-Matic\UNWISE.EXE AddRemove-CrystalDiskInfo_is1 - c:\program files (x86)\CrystalDiskInfo\unins000.exe AddRemove-Free M4a to MP3 Converter_is1 - c:\program files (x86)\Free M4a to MP3 Converter\unins000.exe AddRemove-GoPro Studio - c:\program files (x86)\GoPro\GoPro Studio\uninst.exe AddRemove-HD Tune Pro_is1 - c:\program files (x86)\HD Tune Pro\unins000.exe AddRemove-HD Tune_is1 - c:\program files (x86)\HD Tune\unins000.exe AddRemove-HLSW_is1 - c:\program files (x86)\HLSW\unins000.exe AddRemove-IncrediMail_MediaBar_2 Toolbar - c:\program files (x86)\IncrediMail_MediaBar_2\uninstall.exe AddRemove-Lernstudio Italienisch_is1 - c:\program files (x86)\Lernstudio Italienisch\unins000.exe AddRemove-MagniDriver - c:\program files (x86)\Marvell\mv91xx\uninst-91xx.exe AddRemove-MP3-Sprachführer Italienisch_is1 - c:\program files (x86)\MP3-Sprachführer Italienisch\unins000.exe AddRemove-Steam - c:\program files (x86)\Steam\uninstall.exe AddRemove-Steam App 10 - c:\program files (x86)\Steam\steam.exe AddRemove-TeamSpeak 3 Client - c:\program files (x86)\TeamSpeak 3 Client\uninstall.exe AddRemove-Toolbar3_is1 - c:\program files (x86)\Deutsche Telekom\Toolbar3\unins000.exe AddRemove-Update Engine - c:\program files (x86)\Sony Mobile\Update Engine\uninst.exe AddRemove-VLC media player - c:\program files (x86)\VideoLAN\VLC\uninstall.exe AddRemove-Web & TV Stick - c:\program files (x86)\Web & TV Stick\uninst.exe AddRemove-{7E265513-8CDA-4631-B696-F40D983F3B07}_is1 - c:\program files\CDBurnerXP\unins001.exe AddRemove-{B0A4869D-5776-4D16-A88E-CD9B677747AC}_is1 - c:\program files (x86)\DJI Product\Lightbridge Assistant\unins000.exe AddRemove-{EDCE7221-F31F-407A-B348-30D011ED3126}_is1 - c:\program files (x86)\DJI Product\Phantom 2 Vision Assistant_3.8\unins000.exe AddRemove-{EDFDE5EE-84C7-4936-804C-6563943E5754}_is1 - c:\program files (x86)\DJI Product\DJI driver2.02\unins000.exe AddRemove-UnityWebPlayer - c:\users\Filep\AppData\Local\Unity\WebPlayer\Uninstall.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS] "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\22.5.2.15\diMaster.dll\" /prefetch:1" -- . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\NSM] "ImagePath"="\"c:\program files (x86)\Norton Family\Engine\3.4.0.43\NF.exe\" /s \"NSM\" /m \"c:\program files (x86)\Norton Family\Engine\3.4.0.43\diMaster.dll\" /prefetch:1" "ImagePath"="\SystemRoot\System32\Drivers\NISx64\1605020.00F\SYMNETS.SYS" "TrustedImagePaths"="c:\program files (x86)\Norton Internet Security\Engine\22.5.2.15;c:\program files (x86)\Norton Internet Security\Engine64\22.5.2.15" . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B8E07826-0971-4f16-B133-047B88034E89}] @Denied: (A) (Administrators) @="Norton Family BHO" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B8E07826-0971-4f16-B133-047B88034E89}\Implemented Categories\{59FB2056-D625-48D0-A944-1A85B5AB2640}] @="" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B8E07826-0971-4f16-B133-047B88034E89}\InprocServer32] @="c:\\Program Files (x86)\\Norton Family\\Engine\\3.4.0.43\\coIEPlg.dll" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Google\Chrome\Extensions\napjheenlliimoedooldaalpjfidlidp] @Denied: (A) (Administrators) "path"="c:\\Program Files (x86)\\Norton Family\\Engine\\3.4.0.43\\Extensions\\Chrome.crx" "update_url"="https://clients2.google.com/service/update2/crx" "version"="3.4.0.43" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{B8E07826-0971-4f16-B133-047B88034E89}] @Denied: (A) (Administrators) "Compatibility Flags"=dword:00000400 . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\SymRdr\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}] @Denied: (A) (Administrators) "Level"=dword:00000002 "Service"="SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Weitere laufende Prozesse ------------------------ . c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\avmwlanstick\WlanNetService.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe c:\program files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe . ************************************************************************** . Zeit der Fertigstellung: 2015-08-31 20:42:36 - PC wurde neu gestartet ComboFix-quarantined-files.txt 2015-08-31 18:42 . Vor Suchlauf: 11 Verzeichnis(se), 18.481.078.272 Bytes frei Nach Suchlauf: 17 Verzeichnis(se), 18.048.204.800 Bytes frei . - - End Of File - - 219DAD2ED4D80678C141441F488C942F A36C5E4F47E84449FF07ED3517B43A31 |
31.08.2015, 20:11 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | redirect Virus Windows 7 Uii da fehlten aber Systemdateien Systen neu gestartet? Wenn nicht bitte nachholen, dann weitermachen mit tdsskiller: Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
31.08.2015, 20:43 | #5 |
| redirect Virus Windows 7 System neustart wurde automatisch nach Beendigung ausgeführt? Habe nochmal einen Neustart gemacht und dann mit TDSSkiller begonnen. Hier das Ergebniss. Code:
ATTFilter 21:35:36.0154 0x10a0 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57 21:35:41.0716 0x10a0 ============================================================ 21:35:41.0716 0x10a0 Current date / time: 2015/08/31 21:35:41.0716 21:35:41.0716 0x10a0 SystemInfo: 21:35:41.0716 0x10a0 21:35:41.0716 0x10a0 OS Version: 6.1.7601 ServicePack: 1.0 21:35:41.0716 0x10a0 Product type: Workstation 21:35:41.0716 0x10a0 ComputerName: FILEP-PC 21:35:41.0716 0x10a0 UserName: Filep 21:35:41.0716 0x10a0 Windows directory: C:\Windows 21:35:41.0716 0x10a0 System windows directory: C:\Windows 21:35:41.0716 0x10a0 Running under WOW64 21:35:41.0716 0x10a0 Processor architecture: Intel x64 21:35:41.0717 0x10a0 Number of processors: 8 21:35:41.0717 0x10a0 Page size: 0x1000 21:35:41.0717 0x10a0 Boot type: Normal boot 21:35:41.0717 0x10a0 ============================================================ 21:35:43.0125 0x10a0 KLMD registered as C:\Windows\system32\drivers\30353827.sys 21:35:46.0342 0x10a0 System UUID: {69068F7C-F83C-2440-FE86-B379D74BC40C} 21:35:53.0913 0x10a0 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048 21:35:53.0913 0x10a0 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 21:35:53.0917 0x10a0 Drive \Device\Harddisk2\DR2 - Size: 0x3BA300000 ( 14.91 Gb ), SectorSize: 0x200, Cylinders: 0x79A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 21:35:53.0921 0x10a0 ============================================================ 21:35:53.0921 0x10a0 \Device\Harddisk1\DR1: 21:35:53.0921 0x10a0 MBR partitions: 21:35:53.0921 0x10a0 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800 21:35:53.0922 0x10a0 \Device\Harddisk0\DR0: 21:35:53.0922 0x10a0 MBR partitions: 21:35:53.0922 0x10a0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 21:35:53.0922 0x10a0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000 21:35:53.0922 0x10a0 \Device\Harddisk2\DR2: 21:35:53.0923 0x10a0 MBR partitions: 21:35:53.0923 0x10a0 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x1DD17E0 21:35:53.0923 0x10a0 ============================================================ 21:35:53.0924 0x10a0 C: <-> \Device\Harddisk0\DR0\Partition2 21:35:53.0936 0x10a0 F: <-> \Device\Harddisk1\DR1\Partition1 21:35:53.0937 0x10a0 ============================================================ 21:35:53.0937 0x10a0 Initialize success 21:35:53.0937 0x10a0 ============================================================ 21:36:37.0124 0x06dc ============================================================ 21:36:37.0124 0x06dc Scan started 21:36:37.0124 0x06dc Mode: Manual; SigCheck; TDLFS; 21:36:37.0124 0x06dc ============================================================ 21:36:37.0124 0x06dc KSN ping started 21:36:39.0505 0x06dc KSN ping finished: true 21:36:39.0660 0x06dc ================ Scan system memory ======================== 21:36:39.0660 0x06dc System memory - ok 21:36:39.0660 0x06dc ================ Scan services ============================= 21:36:39.0699 0x06dc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 21:36:39.0745 0x06dc 1394ohci - ok 21:36:39.0757 0x06dc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 21:36:39.0773 0x06dc ACPI - ok 21:36:39.0776 0x06dc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 21:36:39.0798 0x06dc AcpiPmi - ok 21:36:39.0806 0x06dc [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 21:36:39.0815 0x06dc AdobeARMservice - ok 21:36:39.0846 0x06dc [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 21:36:39.0862 0x06dc AdobeFlashPlayerUpdateSvc - ok 21:36:39.0876 0x06dc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 21:36:39.0897 0x06dc adp94xx - ok 21:36:39.0907 0x06dc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 21:36:39.0923 0x06dc adpahci - ok 21:36:39.0929 0x06dc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 21:36:39.0941 0x06dc adpu320 - ok 21:36:39.0947 0x06dc [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 21:36:40.0006 0x06dc AeLookupSvc - ok 21:36:40.0020 0x06dc [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\Windows\system32\drivers\afd.sys 21:36:40.0044 0x06dc AFD - ok 21:36:40.0048 0x06dc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 21:36:40.0058 0x06dc agp440 - ok 21:36:40.0062 0x06dc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 21:36:40.0077 0x06dc ALG - ok 21:36:40.0080 0x06dc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 21:36:40.0089 0x06dc aliide - ok 21:36:40.0092 0x06dc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 21:36:40.0101 0x06dc amdide - ok 21:36:40.0104 0x06dc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 21:36:40.0118 0x06dc AmdK8 - ok 21:36:40.0122 0x06dc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 21:36:40.0134 0x06dc AmdPPM - ok 21:36:40.0138 0x06dc [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 21:36:40.0150 0x06dc amdsata - ok 21:36:40.0156 0x06dc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 21:36:40.0169 0x06dc amdsbs - ok 21:36:40.0173 0x06dc [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 21:36:40.0181 0x06dc amdxata - ok 21:36:40.0185 0x06dc [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys 21:36:40.0248 0x06dc AppID - ok 21:36:40.0252 0x06dc [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll 21:36:40.0280 0x06dc AppIDSvc - ok 21:36:40.0284 0x06dc [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo C:\Windows\System32\appinfo.dll 21:36:40.0307 0x06dc Appinfo - ok 21:36:40.0313 0x06dc [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 21:36:40.0321 0x06dc Apple Mobile Device Service - ok 21:36:40.0328 0x06dc [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll 21:36:40.0342 0x06dc AppMgmt - ok 21:36:40.0347 0x06dc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys 21:36:40.0360 0x06dc arc - ok 21:36:40.0364 0x06dc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 21:36:40.0376 0x06dc arcsas - ok 21:36:40.0379 0x06dc [ F6BDA026E4157DC4E321CA391E9D9BC6, D38774B8F812816DA43A0C52EEC566BBC44F57A6614BC84F1417C4227286B594 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys 21:36:40.0389 0x06dc AsIO - ok 21:36:40.0402 0x06dc [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 21:36:40.0415 0x06dc aspnet_state - ok 21:36:40.0418 0x06dc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 21:36:40.0443 0x06dc AsyncMac - ok 21:36:40.0446 0x06dc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 21:36:40.0455 0x06dc atapi - ok 21:36:40.0471 0x06dc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 21:36:40.0509 0x06dc AudioEndpointBuilder - ok 21:36:40.0525 0x06dc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll 21:36:40.0561 0x06dc AudioSrv - ok 21:36:40.0572 0x06dc [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe 21:36:40.0585 0x06dc AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 ) 21:36:42.0954 0x06dc Detect skipped due to KSN trusted 21:36:42.0954 0x06dc AVM WLAN Connection Service - ok 21:36:42.0960 0x06dc [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys 21:36:42.0979 0x06dc avmeject - ok 21:36:42.0989 0x06dc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 21:36:43.0020 0x06dc AxInstSV - ok 21:36:43.0032 0x06dc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 21:36:43.0055 0x06dc b06bdrv - ok 21:36:43.0064 0x06dc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 21:36:43.0081 0x06dc b57nd60a - ok 21:36:43.0087 0x06dc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 21:36:43.0099 0x06dc BDESVC - ok 21:36:43.0102 0x06dc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 21:36:43.0126 0x06dc Beep - ok 21:36:43.0143 0x06dc [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 21:36:43.0181 0x06dc BFE - ok 21:36:43.0219 0x06dc [ 3E2882C7D02E34D5528BDDECD8CEF930, 39AEB34BD5BFD0BE6C8D0E37D5D5912B76B87A442C2AD91AC3E5F709D73C809C ] BHDrvx64 C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150821.001\BHDrvx64.sys 21:36:43.0255 0x06dc BHDrvx64 - ok 21:36:43.0277 0x06dc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll 21:36:43.0318 0x06dc BITS - ok 21:36:43.0322 0x06dc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 21:36:43.0332 0x06dc blbdrive - ok 21:36:43.0344 0x06dc [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 21:36:43.0359 0x06dc Bonjour Service - ok 21:36:43.0364 0x06dc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 21:36:43.0376 0x06dc bowser - ok 21:36:43.0379 0x06dc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 21:36:43.0399 0x06dc BrFiltLo - ok 21:36:43.0402 0x06dc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 21:36:43.0413 0x06dc BrFiltUp - ok 21:36:43.0417 0x06dc [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 21:36:43.0443 0x06dc BridgeMP - ok 21:36:43.0449 0x06dc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 21:36:43.0461 0x06dc Browser - ok 21:36:43.0470 0x06dc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 21:36:43.0488 0x06dc Brserid - ok 21:36:43.0492 0x06dc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 21:36:43.0504 0x06dc BrSerWdm - ok 21:36:43.0507 0x06dc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 21:36:43.0519 0x06dc BrUsbMdm - ok 21:36:43.0522 0x06dc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 21:36:43.0532 0x06dc BrUsbSer - ok 21:36:43.0535 0x06dc [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys 21:36:43.0548 0x06dc BthEnum - ok 21:36:43.0552 0x06dc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 21:36:43.0564 0x06dc BTHMODEM - ok 21:36:43.0569 0x06dc [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 21:36:43.0583 0x06dc BthPan - ok 21:36:43.0597 0x06dc [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys 21:36:43.0620 0x06dc BTHPORT - ok 21:36:43.0625 0x06dc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 21:36:43.0650 0x06dc bthserv - ok 21:36:43.0654 0x06dc [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys 21:36:43.0665 0x06dc BTHUSB - ok 21:36:43.0668 0x06dc catchme - ok 21:36:43.0676 0x06dc [ 5A1C7DBDDB001BC6F1D1720E655445E2, 07A766C804D0709936FF18A2F67C49D6499BEF9CEEB1EF69F654A35268A11027 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1605020.00F\ccSetx64.sys 21:36:43.0687 0x06dc ccSet_NIS - ok 21:36:43.0694 0x06dc [ 09A841B941CB375793AA174A60BEAAD5, BB961972EE4A8D5D9FA49FE211E5E114A36674992D56687670248229FCA797E8 ] ccSet_NSM C:\Windows\system32\drivers\NSMx64\0304000.02B\ccSetx64.sys 21:36:43.0703 0x06dc ccSet_NSM - ok 21:36:43.0707 0x06dc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 21:36:43.0732 0x06dc cdfs - ok 21:36:43.0738 0x06dc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 21:36:43.0751 0x06dc cdrom - ok 21:36:43.0755 0x06dc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 21:36:43.0780 0x06dc CertPropSvc - ok 21:36:43.0784 0x06dc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys 21:36:43.0796 0x06dc circlass - ok 21:36:43.0805 0x06dc [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys 21:36:43.0821 0x06dc CLFS - ok 21:36:43.0824 0x06dc CLKMSVC10_9EC60124 - ok 21:36:43.0830 0x06dc [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:36:43.0841 0x06dc clr_optimization_v2.0.50727_32 - ok 21:36:43.0847 0x06dc [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 21:36:43.0858 0x06dc clr_optimization_v2.0.50727_64 - ok 21:36:43.0868 0x06dc [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:36:43.0881 0x06dc clr_optimization_v4.0.30319_32 - ok 21:36:43.0885 0x06dc [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 21:36:43.0898 0x06dc clr_optimization_v4.0.30319_64 - ok 21:36:43.0902 0x06dc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 21:36:43.0912 0x06dc CmBatt - ok 21:36:43.0915 0x06dc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 21:36:43.0923 0x06dc cmdide - ok 21:36:43.0935 0x06dc [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG C:\Windows\system32\Drivers\cng.sys 21:36:43.0957 0x06dc CNG - ok 21:36:43.0960 0x06dc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 21:36:43.0969 0x06dc Compbatt - ok 21:36:43.0973 0x06dc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 21:36:43.0985 0x06dc CompositeBus - ok 21:36:43.0987 0x06dc COMSysApp - ok 21:36:43.0995 0x06dc cpuz135 - ok 21:36:43.0998 0x06dc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 21:36:44.0007 0x06dc crcdisk - ok 21:36:44.0014 0x06dc [ 9C01375BE382E834CC26D1B7EAF2C4FE, B1D1E36B91A3C3CD09428EE3403896F71390A2798323BB406B484D9DB064A219 ] CryptSvc C:\Windows\system32\cryptsvc.dll 21:36:44.0029 0x06dc CryptSvc - ok 21:36:44.0042 0x06dc [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys 21:36:44.0064 0x06dc CSC - ok 21:36:44.0080 0x06dc [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll 21:36:44.0106 0x06dc CscService - ok 21:36:44.0120 0x06dc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 21:36:44.0154 0x06dc DcomLaunch - ok 21:36:44.0163 0x06dc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 21:36:44.0193 0x06dc defragsvc - ok 21:36:44.0197 0x06dc [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 21:36:44.0222 0x06dc DfsC - ok 21:36:44.0231 0x06dc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 21:36:44.0249 0x06dc Dhcp - ok 21:36:44.0253 0x06dc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 21:36:44.0277 0x06dc discache - ok 21:36:44.0281 0x06dc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys 21:36:44.0290 0x06dc Disk - ok 21:36:44.0297 0x06dc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 21:36:44.0311 0x06dc Dnscache - ok 21:36:44.0318 0x06dc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 21:36:44.0347 0x06dc dot3svc - ok 21:36:44.0353 0x06dc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 21:36:44.0378 0x06dc DPS - ok 21:36:44.0381 0x06dc [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 21:36:44.0392 0x06dc drmkaud - ok 21:36:44.0414 0x06dc [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 21:36:44.0438 0x06dc DXGKrnl - ok 21:36:44.0444 0x06dc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 21:36:44.0470 0x06dc EapHost - ok 21:36:44.0536 0x06dc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 21:36:44.0622 0x06dc ebdrv - ok 21:36:44.0638 0x06dc [ 93EA893A8C2C561648A559E48C723412, 14F9AD8BCF423BC40F7B3D2D7BC0F795CD3C54800C854873BD170ADF2A735B64 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 21:36:44.0656 0x06dc eeCtrl - ok 21:36:44.0659 0x06dc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe 21:36:44.0670 0x06dc EFS - ok 21:36:44.0687 0x06dc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 21:36:44.0716 0x06dc ehRecvr - ok 21:36:44.0721 0x06dc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 21:36:44.0735 0x06dc ehSched - ok 21:36:44.0748 0x06dc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 21:36:44.0768 0x06dc elxstor - ok 21:36:44.0771 0x06dc EraserUtilDrv11310 - ok 21:36:44.0774 0x06dc EraserUtilDrv11313 - ok 21:36:44.0781 0x06dc [ 8400C9E33B68C556BF63AEF490EB145C, A840DF1A27C935DD427E53C5D2FFFE79E612D0B4074CE26AA992DA62D4925806 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 21:36:44.0792 0x06dc EraserUtilRebootDrv - ok 21:36:44.0795 0x06dc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 21:36:44.0806 0x06dc ErrDev - ok 21:36:44.0818 0x06dc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 21:36:44.0851 0x06dc EventSystem - ok 21:36:44.0858 0x06dc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 21:36:44.0886 0x06dc exfat - ok 21:36:44.0892 0x06dc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 21:36:44.0921 0x06dc fastfat - ok 21:36:44.0937 0x06dc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 21:36:44.0963 0x06dc Fax - ok 21:36:44.0967 0x06dc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys 21:36:44.0977 0x06dc fdc - ok 21:36:44.0980 0x06dc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 21:36:45.0004 0x06dc fdPHost - ok 21:36:45.0008 0x06dc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 21:36:45.0032 0x06dc FDResPub - ok 21:36:45.0035 0x06dc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 21:36:45.0045 0x06dc FileInfo - ok 21:36:45.0048 0x06dc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 21:36:45.0073 0x06dc Filetrace - ok 21:36:45.0104 0x06dc [ ECC329F6104EE208C24C4A8C1B4A9D14, E120DAAB58C4083577A8445230DBB841984818188BFD0609576BC704C836DF3F ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe 21:36:45.0143 0x06dc FlexNet Licensing Service 64 - ok 21:36:45.0148 0x06dc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 21:36:45.0159 0x06dc flpydisk - ok 21:36:45.0167 0x06dc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 21:36:45.0181 0x06dc FltMgr - ok 21:36:45.0206 0x06dc [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache C:\Windows\system32\FntCache.dll 21:36:45.0240 0x06dc FontCache - ok 21:36:45.0245 0x06dc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 21:36:45.0253 0x06dc FontCache3.0.0.0 - ok 21:36:45.0256 0x06dc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 21:36:45.0266 0x06dc FsDepends - ok 21:36:45.0269 0x06dc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 21:36:45.0277 0x06dc Fs_Rec - ok 21:36:45.0282 0x06dc [ E231333ACEE7C9713ACE10A7E0BE89D2, 74627FFC6ABE3844DC67F8922DE314682D1D47DFFE2D291AA7E1D0683F62694C ] Futuremark SystemInfo Service C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe 21:36:45.0292 0x06dc Futuremark SystemInfo Service - ok 21:36:45.0300 0x06dc [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 21:36:45.0314 0x06dc fvevol - ok 21:36:45.0331 0x06dc [ 15585492E45E2F30768B2D5B57929D99, C5E6A943C78AAFE10FD9C913324083DD4B3D2F1D998A38C8B69FDEAF22246527 ] fwlanusbn C:\Windows\system32\DRIVERS\fwlanusbn.sys 21:36:45.0357 0x06dc fwlanusbn - ok 21:36:45.0361 0x06dc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 21:36:45.0372 0x06dc gagp30kx - ok 21:36:45.0375 0x06dc [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 21:36:45.0382 0x06dc GEARAspiWDM - ok 21:36:45.0385 0x06dc [ 16C2A6BCDDA8952C2035DEC861492A19, 9023CD3A2C1009786A48EF7FBCC97ED1724C836279424A4D465CCE1AFA2DBDDA ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys 21:36:45.0392 0x06dc ggflt - ok 21:36:45.0395 0x06dc [ 6B503DF845EABF3457E49FBBDA26C10E, A1553E3822EDEA26D8E67FCC7F9EA40DFBED49EC92FD5674AAF938F2D58CF964 ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys 21:36:45.0402 0x06dc ggsemc - ok 21:36:45.0420 0x06dc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 21:36:45.0461 0x06dc gpsvc - ok 21:36:45.0467 0x06dc [ C6FF00DA1605982E616C03BE809FFE2D, 4D9C86B9FF2FA291DC320677D28DF00C26834409F7AD94D6C07D2233ED746B19 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:36:45.0476 0x06dc gupdate - ok 21:36:45.0481 0x06dc [ C6FF00DA1605982E616C03BE809FFE2D, 4D9C86B9FF2FA291DC320677D28DF00C26834409F7AD94D6C07D2233ED746B19 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:36:45.0490 0x06dc gupdatem - ok 21:36:45.0493 0x06dc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 21:36:45.0505 0x06dc hcw85cir - ok 21:36:45.0514 0x06dc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 21:36:45.0533 0x06dc HdAudAddService - ok 21:36:45.0539 0x06dc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 21:36:45.0553 0x06dc HDAudBus - ok 21:36:45.0556 0x06dc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 21:36:45.0567 0x06dc HidBatt - ok 21:36:45.0571 0x06dc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 21:36:45.0585 0x06dc HidBth - ok 21:36:45.0589 0x06dc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 21:36:45.0601 0x06dc HidIr - ok 21:36:45.0605 0x06dc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll 21:36:45.0629 0x06dc hidserv - ok 21:36:45.0632 0x06dc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 21:36:45.0642 0x06dc HidUsb - ok 21:36:45.0646 0x06dc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 21:36:45.0671 0x06dc hkmsvc - ok 21:36:45.0678 0x06dc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 21:36:45.0693 0x06dc HomeGroupListener - ok 21:36:45.0699 0x06dc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 21:36:45.0713 0x06dc HomeGroupProvider - ok 21:36:45.0724 0x06dc [ 1DAE5C46D42B02A6D5862E1482EFB390, 90B14E0A8376AE51872D89C141E88AE144B742805F94B4F7948E295322C78B9D ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll 21:36:45.0732 0x06dc hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 ) 21:36:48.0107 0x06dc Detect skipped due to KSN trusted 21:36:48.0107 0x06dc hpqcxs08 - ok 21:36:48.0118 0x06dc [ 99E8EEF42FE2F4AF29B08C3355DD7685, D57BC2148653DA5596FB49F1086D165B11C9F6C644608202C08305D3C8499CFE ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll 21:36:48.0131 0x06dc hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 ) 21:36:50.0509 0x06dc Detect skipped due to KSN trusted 21:36:50.0509 0x06dc hpqddsvc - ok 21:36:50.0518 0x06dc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 21:36:50.0538 0x06dc HpSAMD - ok 21:36:50.0570 0x06dc [ 7F57926169C1B8ABA9274EA7D4B70F18, A2BB01054737C6B0461381221D1C344951AC2BE9E5AE01E15A6871B31B62BE78 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL 21:36:50.0599 0x06dc HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 ) 21:36:53.0039 0x06dc Detect skipped due to KSN trusted 21:36:53.0039 0x06dc HPSLPSVC - ok 21:36:53.0049 0x06dc [ 1878A79551F2EDAE7EBD110AAE6D33AD, 1F409360B44AEB3A6023E953EAB350FFB3EB8322F589E2422AB312288B33A2DA ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe 21:36:53.0069 0x06dc HPSupportSolutionsFrameworkService - ok 21:36:53.0093 0x06dc [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys 21:36:53.0137 0x06dc HTTP - ok 21:36:53.0141 0x06dc [ 84D3088475BD9BC56ED76D6E0F740A63, 1A529E9939C902E370FCA09D43DB83F78FE2EB918D9AF96FF2F1451A1F4A7EE6 ] Huawei C:\Windows\system32\DRIVERS\ewdcsc.sys 21:36:53.0151 0x06dc Huawei - ok 21:36:53.0157 0x06dc [ 4B5C07DB91A0099272FAAE732E1152BD, E0408F85A2E1E310F5143A01A34456F120875D21E0E9D0A9F9EBC96514CFC47C ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys 21:36:53.0169 0x06dc hwdatacard - ok 21:36:53.0172 0x06dc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 21:36:53.0181 0x06dc hwpolicy - ok 21:36:53.0189 0x06dc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 21:36:53.0200 0x06dc i8042prt - ok 21:36:53.0212 0x06dc [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe 21:36:53.0227 0x06dc IAANTMON - ok 21:36:53.0238 0x06dc [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 21:36:53.0252 0x06dc iaStor - ok 21:36:53.0263 0x06dc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 21:36:53.0281 0x06dc iaStorV - ok 21:36:53.0287 0x06dc [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 21:36:53.0293 0x06dc IDriverT - detected UnsignedFile.Multi.Generic ( 1 ) 21:36:55.0666 0x06dc Detect skipped due to KSN trusted 21:36:55.0667 0x06dc IDriverT - ok 21:36:55.0702 0x06dc [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 21:36:55.0733 0x06dc idsvc - ok 21:36:55.0752 0x06dc [ B1CA6DD6534B546A2599187AE4BD9DD2, 0C56E2078FC812BD0C1E43154E3F86BCC1C4EDF36039A27F56AAC47424F635E5 ] IDSVia64 C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150828.001\IDSvia64.sys 21:36:55.0774 0x06dc IDSVia64 - ok 21:36:55.0779 0x06dc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 21:36:55.0788 0x06dc iirsp - ok 21:36:55.0808 0x06dc [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll 21:36:55.0849 0x06dc IKEEXT - ok 21:36:55.0854 0x06dc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 21:36:55.0863 0x06dc intelide - ok 21:36:55.0867 0x06dc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 21:36:55.0878 0x06dc intelppm - ok 21:36:55.0882 0x06dc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 21:36:55.0908 0x06dc IPBusEnum - ok 21:36:55.0912 0x06dc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:36:55.0936 0x06dc IpFilterDriver - ok 21:36:55.0950 0x06dc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 21:36:55.0973 0x06dc iphlpsvc - ok 21:36:55.0978 0x06dc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 21:36:55.0991 0x06dc IPMIDRV - ok 21:36:55.0995 0x06dc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 21:36:56.0022 0x06dc IPNAT - ok 21:36:56.0037 0x06dc [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 21:36:56.0056 0x06dc iPod Service - ok 21:36:56.0059 0x06dc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 21:36:56.0072 0x06dc IRENUM - ok 21:36:56.0075 0x06dc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 21:36:56.0084 0x06dc isapnp - ok 21:36:56.0092 0x06dc [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 21:36:56.0107 0x06dc iScsiPrt - ok 21:36:56.0113 0x06dc [ 6EBE4832B1A7C063FDF87035AFC1E3DC, 8BF8C0C2253832EBB183CF24052769E7984EC4DEBE595471749ECCEB52B29EEC ] JRAID C:\Windows\system32\DRIVERS\jraid.sys 21:36:56.0122 0x06dc JRAID - ok 21:36:56.0126 0x06dc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 21:36:56.0135 0x06dc kbdclass - ok 21:36:56.0138 0x06dc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 21:36:56.0149 0x06dc kbdhid - ok 21:36:56.0152 0x06dc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe 21:36:56.0162 0x06dc KeyIso - ok 21:36:56.0167 0x06dc [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 21:36:56.0177 0x06dc KSecDD - ok 21:36:56.0183 0x06dc [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 21:36:56.0195 0x06dc KSecPkg - ok 21:36:56.0198 0x06dc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 21:36:56.0222 0x06dc ksthunk - ok 21:36:56.0231 0x06dc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 21:36:56.0264 0x06dc KtmRm - ok 21:36:56.0268 0x06dc [ F33C5D79D3273530E1892A0922283A7B, 06345FC5758D619FE049931BAFF99215C2A73385385EC8004B08071A27B58DEC ] L8042Kbd C:\Windows\system32\DRIVERS\L8042Kbd.sys 21:36:56.0276 0x06dc L8042Kbd - ok 21:36:56.0284 0x06dc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll 21:36:56.0312 0x06dc LanmanServer - ok 21:36:56.0317 0x06dc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 21:36:56.0344 0x06dc LanmanWorkstation - ok 21:36:56.0350 0x06dc [ 88E52495B47C67126B510AF53FDB0BC7, 75027CE5F578592BBA29F4FB8D820AC5D4E5C8F3095CAF9441818B14128BB4E4 ] LBTServ C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe 21:36:56.0360 0x06dc LBTServ - ok 21:36:56.0365 0x06dc [ BECBD7CD46776B8739EE18061F45A581, 5379671AB2C04F9F9F4E5197255A9562B4E5EA2463355F996066E6FAB4F25EC9 ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys 21:36:56.0374 0x06dc LEqdUsb - ok 21:36:56.0378 0x06dc [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys 21:36:56.0386 0x06dc LGBusEnum - ok 21:36:56.0388 0x06dc [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys 21:36:56.0396 0x06dc LGVirHid - ok 21:36:56.0399 0x06dc [ 21D6BD7D62C270059EB8E2B1D4095880, 93DD175A37C8BAE95BD922965D75E4D479375F009BF531E47A5853B00E17FC45 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys 21:36:56.0407 0x06dc LHidEqd - ok 21:36:56.0410 0x06dc [ B6552D382FF070B4ED34CBD6737277C0, 7C2C24454037170311B0267DEFB797E8DF8D157D62157D271BF7F5F74B2A12F3 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys 21:36:56.0419 0x06dc LHidFilt - ok 21:36:56.0423 0x06dc [ 17203D81A68D9162DB9022A1FC601778, 7D4D4018D6BC95604003F15B792EAB061EF7CA9BC8443E32B99185D89095EA28 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 21:36:56.0427 0x06dc LightScribeService - detected UnsignedFile.Multi.Generic ( 1 ) 21:37:03.0899 0x06dc Detect skipped due to KSN trusted 21:37:03.0899 0x06dc LightScribeService - ok 21:37:03.0907 0x06dc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 21:37:03.0953 0x06dc lltdio - ok 21:37:03.0963 0x06dc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 21:37:03.0994 0x06dc lltdsvc - ok 21:37:03.0997 0x06dc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 21:37:04.0021 0x06dc lmhosts - ok 21:37:04.0025 0x06dc [ 73C1F563AB73D459DFFE682D66476558, 9B8BEE384C968DC6C37DD54B9128D9C2BA92EDBF7BDF49D753AA7DB165F18D00 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys 21:37:04.0032 0x06dc LMouFilt - ok 21:37:04.0038 0x06dc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 21:37:04.0051 0x06dc LSI_FC - ok 21:37:04.0056 0x06dc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 21:37:04.0068 0x06dc LSI_SAS - ok 21:37:04.0072 0x06dc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 21:37:04.0081 0x06dc LSI_SAS2 - ok 21:37:04.0086 0x06dc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 21:37:04.0097 0x06dc LSI_SCSI - ok 21:37:04.0101 0x06dc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 21:37:04.0127 0x06dc luafv - ok 21:37:04.0156 0x06dc [ CE6E5146039D248FEB991FBC9E2B6A7B, 4F995D56AF651EB75E3FFC2E5B1551AB9447E81C4376101594D5A763A5ECC4E9 ] lvpopf64 C:\Windows\system32\DRIVERS\lvpopf64.sys 21:37:04.0192 0x06dc lvpopf64 - ok 21:37:04.0197 0x06dc [ 6D5EA90F86F9B28CD44AF6BA9BE03BF9, 6A92EF21EB7543389649900BAB241A846DFE9CADF785D7352052C003AA717E5F ] LVUSBS64 C:\Windows\system32\drivers\LVUSBS64.sys 21:37:04.0205 0x06dc LVUSBS64 - ok 21:37:04.0284 0x06dc [ EB12688842EDE30C843A123FA6855858, 24DD1E4F32CA08EF2263100A3C65BF8D904BB0FFC55025519C477E7BAA31E064 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys 21:37:04.0368 0x06dc LVUVC64 - ok 21:37:04.0374 0x06dc MBAMSwissArmy - ok 21:37:04.0379 0x06dc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 21:37:04.0391 0x06dc Mcx2Svc - ok 21:37:04.0395 0x06dc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 21:37:04.0405 0x06dc megasas - ok 21:37:04.0412 0x06dc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 21:37:04.0427 0x06dc MegaSR - ok 21:37:04.0450 0x06dc [ 9F98EFA7BB6535E456D3B6E83D8F5474, E087984916127C25AC7FEC2A19D7CB385720B27E6DF2A0347C68F7C9EAE08374 ] mitsijm2014 C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe 21:37:04.0478 0x06dc mitsijm2014 - ok 21:37:04.0482 0x06dc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 21:37:04.0508 0x06dc MMCSS - ok 21:37:04.0524 0x06dc [ DF5BD9CCFFBF9AA9D5096C6DAAAF0A00, 3D2A330F96302BC36BE9A5B82B3AC33F29AA3B8AF23AB12E5744189A11294BC5 ] mod7700 C:\Windows\system32\DRIVERS\mod7700.sys 21:37:04.0550 0x06dc mod7700 - ok 21:37:04.0554 0x06dc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 21:37:04.0579 0x06dc Modem - ok 21:37:04.0582 0x06dc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 21:37:04.0593 0x06dc monitor - ok 21:37:04.0597 0x06dc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 21:37:04.0606 0x06dc mouclass - ok 21:37:04.0609 0x06dc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 21:37:04.0620 0x06dc mouhid - ok 21:37:04.0624 0x06dc [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 21:37:04.0634 0x06dc mountmgr - ok 21:37:04.0639 0x06dc [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 21:37:04.0650 0x06dc MozillaMaintenance - ok 21:37:04.0655 0x06dc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 21:37:04.0667 0x06dc mpio - ok 21:37:04.0671 0x06dc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 21:37:04.0696 0x06dc mpsdrv - ok 21:37:04.0714 0x06dc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 21:37:04.0756 0x06dc MpsSvc - ok 21:37:04.0762 0x06dc [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 21:37:04.0778 0x06dc MRxDAV - ok 21:37:04.0784 0x06dc [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 21:37:04.0797 0x06dc mrxsmb - ok 21:37:04.0806 0x06dc [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:37:04.0822 0x06dc mrxsmb10 - ok 21:37:04.0827 0x06dc [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:37:04.0839 0x06dc mrxsmb20 - ok 21:37:04.0842 0x06dc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 21:37:04.0851 0x06dc msahci - ok 21:37:04.0856 0x06dc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 21:37:04.0868 0x06dc msdsm - ok 21:37:04.0873 0x06dc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 21:37:04.0887 0x06dc MSDTC - ok 21:37:04.0893 0x06dc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 21:37:04.0916 0x06dc Msfs - ok 21:37:04.0919 0x06dc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 21:37:04.0942 0x06dc mshidkmdf - ok 21:37:04.0945 0x06dc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 21:37:04.0954 0x06dc msisadrv - ok 21:37:04.0959 0x06dc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 21:37:04.0987 0x06dc MSiSCSI - ok 21:37:04.0989 0x06dc msiserver - ok 21:37:04.0993 0x06dc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 21:37:05.0016 0x06dc MSKSSRV - ok 21:37:05.0019 0x06dc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 21:37:05.0043 0x06dc MSPCLOCK - ok 21:37:05.0046 0x06dc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 21:37:05.0071 0x06dc MSPQM - ok 21:37:05.0081 0x06dc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 21:37:05.0096 0x06dc MsRPC - ok 21:37:05.0101 0x06dc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 21:37:05.0110 0x06dc mssmbios - ok 21:37:05.0113 0x06dc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 21:37:05.0137 0x06dc MSTEE - ok 21:37:05.0139 0x06dc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 21:37:05.0150 0x06dc MTConfig - ok 21:37:05.0153 0x06dc [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys 21:37:05.0160 0x06dc MTsensor - ok 21:37:05.0163 0x06dc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 21:37:05.0173 0x06dc Mup - ok 21:37:05.0181 0x06dc [ 19CBAAB0B1F214AF834EDD9256F55977, 25C992B6A8E4936A07CBAE7BF247960470A5CD2276E366BFC16ABAD7E338B0AD ] mv91xx C:\Windows\system32\DRIVERS\mv91xx.sys 21:37:05.0193 0x06dc mv91xx - ok 21:37:05.0205 0x06dc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 21:37:05.0239 0x06dc napagent - ok 21:37:05.0249 0x06dc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 21:37:05.0268 0x06dc NativeWifiP - ok 21:37:05.0275 0x06dc [ 5A4EC58A5F2E63DB2092B343CF1B2834, 33F957565E38A3A2842DDB16D7C969F93A4FB888DB5AFBBF5431A712FADE4E13 ] NAVENG C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150830.020\ENG64.SYS 21:37:05.0286 0x06dc NAVENG - ok 21:37:05.0332 0x06dc [ 526EA496D7F06B3746775046B33027C1, FEC0B860F49C28ED6ED721A09D19239BB1E20CE3A29697B24B2FE604AE0EB808 ] NAVEX15 C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150830.020\EX64.SYS 21:37:05.0380 0x06dc NAVEX15 - ok 21:37:05.0404 0x06dc [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys 21:37:05.0433 0x06dc NDIS - ok 21:37:05.0437 0x06dc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 21:37:05.0461 0x06dc NdisCap - ok 21:37:05.0464 0x06dc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 21:37:05.0488 0x06dc NdisTapi - ok 21:37:05.0492 0x06dc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 21:37:05.0516 0x06dc Ndisuio - ok 21:37:05.0522 0x06dc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 21:37:05.0548 0x06dc NdisWan - ok 21:37:05.0552 0x06dc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 21:37:05.0576 0x06dc NDProxy - ok 21:37:05.0580 0x06dc [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 21:37:05.0584 0x06dc Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 ) 21:37:07.0956 0x06dc Detect skipped due to KSN trusted 21:37:07.0956 0x06dc Net Driver HPZ12 - ok 21:37:07.0963 0x06dc [ 6F4607E2333FE21E9E3FF8133A88B35B, F7B7B262D85D03552A8D0F3F91E795B31E3D09020DDA1E3D62A4A3209D916BB6 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys 21:37:07.0972 0x06dc Netaapl - detected UnsignedFile.Multi.Generic ( 1 ) 21:37:10.0351 0x06dc Detect skipped due to KSN trusted 21:37:10.0351 0x06dc Netaapl - ok 21:37:10.0358 0x06dc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 21:37:10.0402 0x06dc NetBIOS - ok 21:37:10.0411 0x06dc [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 21:37:10.0440 0x06dc NetBT - ok 21:37:10.0443 0x06dc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe 21:37:10.0453 0x06dc Netlogon - ok 21:37:10.0462 0x06dc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 21:37:10.0493 0x06dc Netman - ok 21:37:10.0504 0x06dc [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:37:10.0518 0x06dc NetMsmqActivator - ok 21:37:10.0523 0x06dc [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:37:10.0535 0x06dc NetPipeActivator - ok 21:37:10.0547 0x06dc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 21:37:10.0581 0x06dc netprofm - ok 21:37:10.0586 0x06dc [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:37:10.0598 0x06dc NetTcpActivator - ok 21:37:10.0603 0x06dc [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:37:10.0615 0x06dc NetTcpPortSharing - ok 21:37:10.0670 0x06dc [ 82FFC84EC3AFC2F2D38DB880F50157C0, 4D37A44A5BBD3ECA2B29FE8565FC5840093E5BB41D197BEDA406BCE4A7C3479A ] Netzmanager Service C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe 21:37:10.0739 0x06dc Netzmanager Service - detected UnsignedFile.Multi.Generic ( 1 ) 21:37:13.0111 0x06dc Detect skipped due to KSN trusted 21:37:13.0112 0x06dc Netzmanager Service - ok 21:37:13.0120 0x06dc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 21:37:13.0144 0x06dc nfrd960 - ok 21:37:13.0158 0x06dc [ F0A55A6DF23D7E9E16D81BE9867679D1, E245F45962A50EF4AED46AC097110E7C27508EC79328CC7F62CFB4A75765C659 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe 21:37:13.0174 0x06dc NIS - ok 21:37:13.0183 0x06dc [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll 21:37:13.0200 0x06dc NlaSvc - ok 21:37:13.0206 0x06dc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 21:37:13.0230 0x06dc Npfs - ok 21:37:13.0233 0x06dc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 21:37:13.0258 0x06dc nsi - ok 21:37:13.0261 0x06dc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 21:37:13.0285 0x06dc nsiproxy - ok 21:37:13.0296 0x06dc [ 26F6A31906BE7AFBEF4D81860F1EE51F, A0F0CD7E9E2B552CCE44CE238BB6DA2F0A97D142CDDB35E79E0624356055F334 ] NSM C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\NF.exe 21:37:13.0310 0x06dc NSM - ok 21:37:13.0346 0x06dc [ E453ACF4E7D44E5530B5D5F2B9CA8563, 85EEBCBB3187A21282619A0264C10E9E52EFE4387F3425D3D279EF460DA3AD06 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 21:37:13.0390 0x06dc Ntfs - ok 21:37:13.0395 0x06dc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 21:37:13.0420 0x06dc Null - ok 21:37:13.0424 0x06dc [ 285ACEC1B13A15BA520AAE06BACB9CFF, A6F576763818D4EAB2CDA3857F2963F61FDA67D7B581C52E1EB1DDB32FD642C3 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys 21:37:13.0433 0x06dc nusb3hub - ok 21:37:13.0439 0x06dc [ F6D625FF7B56BB6EA063F0D3A5BBC996, 830196E96C120367BDA8C0EC9D7B85A642D41E8108189B1A72193299A6C005B1 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys 21:37:13.0449 0x06dc nusb3xhc - ok 21:37:13.0454 0x06dc [ 857FB74754EBFF94EE3AD40788740916, FE4099D8F2E7967289BBC0802548C48D453A0BD0C44AAACCDB4C282ADBCC7BFE ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys 21:37:13.0464 0x06dc NVHDA - ok 21:37:13.0737 0x06dc [ 483DB4EFC499696298AED4C9DAEC2FEF, 7449F925AB7BE20105E03232C122C91C4F647B5B8C7FA09B5136C1A3E161AD61 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 21:37:13.0982 0x06dc nvlddmkm - ok 21:37:13.0998 0x06dc [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 21:37:14.0010 0x06dc nvraid - ok 21:37:14.0016 0x06dc [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 21:37:14.0029 0x06dc nvstor - ok 21:37:14.0033 0x06dc [ C53C14B6C1B2E54849F4833A5956F718, 045835D4860DD49D933608719AD70B9BA0C55F385820ECABE5533CD04E6B65EF ] NvStUSB C:\Windows\system32\DRIVERS\nvstusb.sys 21:37:14.0043 0x06dc NvStUSB - ok 21:37:14.0067 0x06dc [ C7A7995692357A11900EFC8F8812CB2E, 5FA7DD8C546A35A7AE9F8F14A0D09C8B27B8306B871B599AC0D8AF3898C9D83F ] NVSvc C:\Windows\system32\nvvsvc.exe 21:37:14.0096 0x06dc NVSvc - ok 21:37:14.0101 0x06dc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 21:37:14.0113 0x06dc nv_agp - ok 21:37:14.0117 0x06dc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 21:37:14.0129 0x06dc ohci1394 - ok 21:37:14.0134 0x06dc [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 21:37:14.0145 0x06dc ose - ok 21:37:14.0245 0x06dc [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 21:37:14.0360 0x06dc osppsvc - ok 21:37:14.0378 0x06dc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 21:37:14.0402 0x06dc p2pimsvc - ok 21:37:14.0415 0x06dc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 21:37:14.0439 0x06dc p2psvc - ok 21:37:14.0445 0x06dc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys 21:37:14.0457 0x06dc Parport - ok 21:37:14.0461 0x06dc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 21:37:14.0472 0x06dc partmgr - ok 21:37:14.0479 0x06dc [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll 21:37:14.0497 0x06dc PcaSvc - ok 21:37:14.0504 0x06dc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 21:37:14.0517 0x06dc pci - ok 21:37:14.0520 0x06dc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 21:37:14.0529 0x06dc pciide - ok 21:37:14.0535 0x06dc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 21:37:14.0549 0x06dc pcmcia - ok 21:37:14.0567 0x06dc [ 82EC1531BC74ADC34E0342C12958C55A, B2F97E4627FB4566F4837A18DACD0A94710DD9FA7596DCC16F9CD0B0A7C1D970 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe 21:37:14.0589 0x06dc PCToolsSSDMonitorSvc - ok 21:37:14.0594 0x06dc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 21:37:14.0603 0x06dc pcw - ok 21:37:14.0618 0x06dc [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 21:37:14.0657 0x06dc PEAUTH - ok 21:37:14.0687 0x06dc [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 21:37:14.0729 0x06dc PeerDistSvc - ok 21:37:14.0756 0x06dc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 21:37:14.0767 0x06dc PerfHost - ok 21:37:14.0802 0x06dc [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 21:37:14.0858 0x06dc pla - ok 21:37:14.0870 0x06dc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 21:37:14.0890 0x06dc PlugPlay - ok 21:37:14.0895 0x06dc [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 21:37:14.0900 0x06dc Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 ) 21:37:17.0274 0x06dc Detect skipped due to KSN trusted 21:37:17.0274 0x06dc Pml Driver HPZ12 - ok 21:37:17.0281 0x06dc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 21:37:17.0306 0x06dc PNRPAutoReg - ok 21:37:17.0321 0x06dc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 21:37:17.0342 0x06dc PNRPsvc - ok 21:37:17.0355 0x06dc [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 21:37:17.0388 0x06dc PolicyAgent - ok 21:37:17.0396 0x06dc [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 21:37:17.0423 0x06dc Power - ok 21:37:17.0428 0x06dc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 21:37:17.0453 0x06dc PptpMiniport - ok 21:37:17.0457 0x06dc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys 21:37:17.0468 0x06dc Processor - ok 21:37:17.0475 0x06dc [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll 21:37:17.0490 0x06dc ProfSvc - ok 21:37:17.0493 0x06dc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe 21:37:17.0503 0x06dc ProtectedStorage - ok 21:37:17.0508 0x06dc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 21:37:17.0533 0x06dc Psched - ok 21:37:17.0537 0x06dc [ CCE65976AAEB1DB4C3B98243B8AC448E, 996BC8CF7B5BFDA04D27FF0FCFEA8BA3C5623FDABFE96C9BE6503C6D3201D0AD ] PVUSB C:\Windows\system32\DRIVERS\CESG64.sys 21:37:17.0546 0x06dc PVUSB - ok 21:37:17.0579 0x06dc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 21:37:17.0619 0x06dc ql2300 - ok 21:37:17.0626 0x06dc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 21:37:17.0637 0x06dc ql40xx - ok 21:37:17.0644 0x06dc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 21:37:17.0663 0x06dc QWAVE - ok 21:37:17.0666 0x06dc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 21:37:17.0679 0x06dc QWAVEdrv - ok 21:37:17.0682 0x06dc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 21:37:17.0705 0x06dc RasAcd - ok 21:37:17.0709 0x06dc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 21:37:17.0733 0x06dc RasAgileVpn - ok 21:37:17.0737 0x06dc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 21:37:17.0763 0x06dc RasAuto - ok 21:37:17.0768 0x06dc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 21:37:17.0793 0x06dc Rasl2tp - ok 21:37:17.0803 0x06dc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 21:37:17.0833 0x06dc RasMan - ok 21:37:17.0838 0x06dc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 21:37:17.0863 0x06dc RasPppoe - ok 21:37:17.0867 0x06dc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 21:37:17.0893 0x06dc RasSstp - ok 21:37:17.0902 0x06dc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 21:37:17.0931 0x06dc rdbss - ok 21:37:17.0935 0x06dc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 21:37:17.0946 0x06dc rdpbus - ok 21:37:17.0949 0x06dc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 21:37:17.0972 0x06dc RDPCDD - ok 21:37:17.0979 0x06dc [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 21:37:17.0993 0x06dc RDPDR - ok 21:37:17.0996 0x06dc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 21:37:18.0019 0x06dc RDPENCDD - ok 21:37:18.0023 0x06dc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 21:37:18.0046 0x06dc RDPREFMP - ok 21:37:18.0053 0x06dc [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 21:37:18.0068 0x06dc RDPWD - ok 21:37:18.0075 0x06dc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 21:37:18.0088 0x06dc rdyboost - ok 21:37:18.0092 0x06dc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 21:37:18.0118 0x06dc RemoteAccess - ok 21:37:18.0124 0x06dc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 21:37:18.0152 0x06dc RemoteRegistry - ok 21:37:18.0158 0x06dc [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 21:37:18.0173 0x06dc RFCOMM - ok 21:37:18.0177 0x06dc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 21:37:18.0203 0x06dc RpcEptMapper - ok 21:37:18.0206 0x06dc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 21:37:18.0216 0x06dc RpcLocator - ok 21:37:18.0228 0x06dc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 21:37:18.0261 0x06dc RpcSs - ok 21:37:18.0265 0x06dc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 21:37:18.0290 0x06dc rspndr - ok 21:37:18.0297 0x06dc [ BAEFEE35D27A5440D35092CE10267BEC, FB550D38C01E07B1170C52C1441874B56DD3BECB10CBE8E132EE3276A05C796E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 21:37:18.0311 0x06dc RTL8167 - ok 21:37:18.0314 0x06dc [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys 21:37:18.0323 0x06dc s3cap - ok 21:37:18.0326 0x06dc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\Windows\system32\lsass.exe 21:37:18.0336 0x06dc SamSs - ok 21:37:18.0340 0x06dc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 21:37:18.0351 0x06dc sbp2port - ok 21:37:18.0357 0x06dc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 21:37:18.0385 0x06dc SCardSvr - ok 21:37:18.0388 0x06dc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 21:37:18.0412 0x06dc scfilter - ok 21:37:18.0435 0x06dc [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll 21:37:18.0484 0x06dc Schedule - ok 21:37:18.0489 0x06dc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 21:37:18.0512 0x06dc SCPolicySvc - ok 21:37:18.0518 0x06dc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 21:37:18.0533 0x06dc SDRSVC - ok 21:37:18.0536 0x06dc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 21:37:18.0560 0x06dc secdrv - ok 21:37:18.0563 0x06dc [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 21:37:18.0588 0x06dc seclogon - ok 21:37:18.0592 0x06dc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll 21:37:18.0618 0x06dc SENS - ok 21:37:18.0621 0x06dc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 21:37:18.0633 0x06dc SensrSvc - ok 21:37:18.0636 0x06dc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 21:37:18.0646 0x06dc Serenum - ok 21:37:18.0650 0x06dc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys 21:37:18.0662 0x06dc Serial - ok 21:37:18.0665 0x06dc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 21:37:18.0675 0x06dc sermouse - ok 21:37:18.0683 0x06dc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 21:37:18.0709 0x06dc SessionEnv - ok 21:37:18.0712 0x06dc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 21:37:18.0724 0x06dc sffdisk - ok 21:37:18.0727 0x06dc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 21:37:18.0739 0x06dc sffp_mmc - ok 21:37:18.0742 0x06dc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 21:37:18.0754 0x06dc sffp_sd - ok 21:37:18.0757 0x06dc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 21:37:18.0767 0x06dc sfloppy - ok 21:37:18.0777 0x06dc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 21:37:18.0808 0x06dc SharedAccess - ok 21:37:18.0818 0x06dc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 21:37:18.0850 0x06dc ShellHWDetection - ok 21:37:18.0854 0x06dc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 21:37:18.0864 0x06dc SiSRaid2 - ok 21:37:18.0867 0x06dc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 21:37:18.0878 0x06dc SiSRaid4 - ok 21:37:18.0880 0x06dc SkypeUpdate - ok 21:37:18.0886 0x06dc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 21:37:18.0912 0x06dc Smb - ok 21:37:18.0917 0x06dc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 21:37:18.0928 0x06dc SNMPTRAP - ok 21:37:18.0935 0x06dc [ 21FF393512F51F5A98620C794B4488A3, 8A35923D3D6993FC014D86F0F7BD5C106586824DB8D26C04DC2AD0B8ED13ED20 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe 21:37:18.0945 0x06dc Sony PC Companion - ok 21:37:18.0948 0x06dc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 21:37:18.0957 0x06dc spldr - ok 21:37:18.0970 0x06dc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 21:37:18.0992 0x06dc Spooler - ok 21:37:19.0065 0x06dc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 21:37:19.0168 0x06dc sppsvc - ok 21:37:19.0175 0x06dc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 21:37:19.0200 0x06dc sppuinotify - ok 21:37:19.0222 0x06dc [ 3361466E3C5353CAB7E978C236FADF3B, DEF6FD4EB35C4CA9E67843A324FF1A8D6A064CBC76FD3392E70BBAF85D9421BA ] SRTSP C:\Windows\System32\Drivers\NISx64\1605020.00F\SRTSP64.SYS 21:37:19.0246 0x06dc SRTSP - ok 21:37:19.0251 0x06dc [ BA2ABBEA69BD1866C973DE11CB0CE9F8, 7A04BC2F4DA9A69A996911CC429064D24CF51F4046A2EE688D4326B44C9EDAFB ] SRTSPX C:\Windows\system32\drivers\NISx64\1605020.00F\SRTSPX64.SYS 21:37:19.0260 0x06dc SRTSPX - ok 21:37:19.0272 0x06dc [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 21:37:19.0293 0x06dc srv - ok 21:37:19.0304 0x06dc [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 21:37:19.0324 0x06dc srv2 - ok 21:37:19.0330 0x06dc [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 21:37:19.0343 0x06dc srvnet - ok 21:37:19.0350 0x06dc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 21:37:19.0377 0x06dc SSDPSRV - ok 21:37:19.0382 0x06dc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 21:37:19.0407 0x06dc SstpSvc - ok 21:37:19.0421 0x06dc [ 706080AD43599D4AB04F1676A3A62CC1, BD9A645163501E2234CAB2B99DB297A634526786D2CDC55FE1C18F5019623E34 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 21:37:19.0442 0x06dc Steam Client Service - ok 21:37:19.0453 0x06dc [ 78F3F2C97C91C11AC8D8480248D23F78, 66E984B0CC3B79D04050669F253D54C48B17755F2A8F465078B3916086C1BFB4 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 21:37:19.0467 0x06dc Stereo Service - ok 21:37:19.0470 0x06dc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 21:37:19.0480 0x06dc stexstor - ok 21:37:19.0482 0x06dc [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 21:37:19.0494 0x06dc StillCam - ok 21:37:19.0509 0x06dc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 21:37:19.0536 0x06dc stisvc - ok 21:37:19.0540 0x06dc [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys 21:37:19.0549 0x06dc storflt - ok 21:37:19.0552 0x06dc [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll 21:37:19.0564 0x06dc StorSvc - ok 21:37:19.0567 0x06dc [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys 21:37:19.0576 0x06dc storvsc - ok 21:37:19.0579 0x06dc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys 21:37:19.0588 0x06dc swenum - ok 21:37:19.0601 0x06dc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 21:37:19.0638 0x06dc swprv - ok 21:37:19.0676 0x06dc [ C9EC22D5B3C6B32A7C8B4A73870A7379, BA530C64FDE63D9A4023BB9E667497D5248B2910BC1A214B592318CC64034735 ] SymEFASI C:\Windows\system32\drivers\NISx64\1605020.00F\SYMEFASI64.SYS 21:37:19.0718 0x06dc SymEFASI - ok 21:37:19.0725 0x06dc [ 6DF8F618B93C821630C9BAA8DA3FAAAF, 553972D63F3347291EC8370AB910F741EF1DA61BC74FBA4192EF6E1DF567FB99 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 21:37:19.0736 0x06dc SymEvent - ok 21:37:19.0744 0x06dc [ 0891E59A27208B9B727BAB863B853E80, 7BBDD53CB7AB003DF803D6D596A2B5216425DCC7FA8D3F311AE5BD4EC19FBB0A ] SymIRON C:\Windows\system32\drivers\NISx64\1605020.00F\Ironx64.SYS 21:37:19.0757 0x06dc SymIRON - ok 21:37:19.0772 0x06dc [ 5EA70535B2A6504278E14943867B1B39, 53F191DE2F1F692983BD9068DCF0A851111B7A08FCEDFE871FA0594B0C46FCB7 ] SymNetS C:\Windows\System32\Drivers\NISx64\1605020.00F\SYMNETS.SYS 21:37:19.0792 0x06dc SymNetS - ok 21:37:19.0801 0x06dc [ B6179F26F3CA563C607A7CD7E9773844, 5726B817DF2A379D751A768CEA6DBFBB60D3EC0ABDA30E64035C123473BDB787 ] SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A} C:\Windows\System32\Drivers\NSMx64\0304000.02B\SymRdrS.SYS 21:37:19.0815 0x06dc SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A} - ok 21:37:19.0855 0x06dc [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll 21:37:19.0910 0x06dc SysMain - ok 21:37:19.0916 0x06dc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 21:37:19.0932 0x06dc TabletInputService - ok 21:37:19.0940 0x06dc [ D0D68330B57D503C9F3BC0F5452FC43E, 50E18FB83E34D0FFE39C93F15A8C39CD6237C5FE3532C81405AD7F2B6A2C9401 ] TampMon C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\TampMon.exe 21:37:19.0953 0x06dc TampMon - ok 21:37:19.0962 0x06dc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 21:37:19.0993 0x06dc TapiSrv - ok 21:37:19.0998 0x06dc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 21:37:20.0023 0x06dc TBS - ok 21:37:20.0065 0x06dc [ 37608401DFDB388CAF66917F6B2D6FB0, 3E8A594CB84D94C4AFEB5B5657D2DEEECBAF64BB6AD16510BCDDFDE07F099056 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 21:37:20.0116 0x06dc Tcpip - ok 21:37:20.0159 0x06dc [ 37608401DFDB388CAF66917F6B2D6FB0, 3E8A594CB84D94C4AFEB5B5657D2DEEECBAF64BB6AD16510BCDDFDE07F099056 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 21:37:20.0201 0x06dc TCPIP6 - ok 21:37:20.0207 0x06dc [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 21:37:20.0219 0x06dc tcpipreg - ok 21:37:20.0224 0x06dc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 21:37:20.0235 0x06dc TDPIPE - ok 21:37:20.0238 0x06dc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 21:37:20.0250 0x06dc TDTCP - ok 21:37:20.0255 0x06dc [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 21:37:20.0281 0x06dc tdx - ok 21:37:20.0285 0x06dc [ 4283D7125BA4BD0CB50BB0F78B54257A, A9DBFC45CDF7444BA7AD92734E66E3E4F844BF036AC19FD43F915151191F12C5 ] TelekomNM6 C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys 21:37:20.0293 0x06dc TelekomNM6 - ok 21:37:20.0297 0x06dc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys 21:37:20.0306 0x06dc TermDD - ok 21:37:20.0323 0x06dc [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll 21:37:20.0362 0x06dc TermService - ok 21:37:20.0366 0x06dc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 21:37:20.0380 0x06dc Themes - ok 21:37:20.0384 0x06dc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 21:37:20.0408 0x06dc THREADORDER - ok 21:37:20.0413 0x06dc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 21:37:20.0440 0x06dc TrkWks - ok 21:37:20.0446 0x06dc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 21:37:20.0474 0x06dc TrustedInstaller - ok 21:37:20.0479 0x06dc [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 21:37:20.0503 0x06dc tssecsrv - ok 21:37:20.0507 0x06dc [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 21:37:20.0518 0x06dc TsUsbFlt - ok 21:37:20.0523 0x06dc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 21:37:20.0549 0x06dc tunnel - ok 21:37:20.0553 0x06dc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 21:37:20.0564 0x06dc uagp35 - ok 21:37:20.0573 0x06dc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 21:37:20.0603 0x06dc udfs - ok 21:37:20.0609 0x06dc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 21:37:20.0624 0x06dc UI0Detect - ok 21:37:20.0633 0x06dc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 21:37:20.0644 0x06dc uliagpkx - ok 21:37:20.0647 0x06dc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 21:37:20.0658 0x06dc umbus - ok 21:37:20.0662 0x06dc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 21:37:20.0674 0x06dc UmPass - ok 21:37:20.0683 0x06dc [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll 21:37:20.0700 0x06dc UmRdpService - ok 21:37:20.0710 0x06dc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 21:37:20.0743 0x06dc upnphost - ok 21:37:20.0747 0x06dc [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 21:37:20.0758 0x06dc USBAAPL64 - ok 21:37:20.0763 0x06dc [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A, DE1CDDEEF2285CC8387E88ACB13C000576DC8819DF6DC648C988068B5C83BB15 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 21:37:20.0776 0x06dc usbaudio - ok 21:37:20.0780 0x06dc [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 21:37:20.0793 0x06dc usbccgp - ok 21:37:20.0798 0x06dc [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys 21:37:20.0811 0x06dc usbcir - ok 21:37:20.0815 0x06dc [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\Windows\system32\drivers\usbehci.sys 21:37:20.0825 0x06dc usbehci - ok 21:37:20.0834 0x06dc [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 21:37:20.0853 0x06dc usbhub - ok 21:37:20.0856 0x06dc [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\Windows\system32\drivers\usbohci.sys 21:37:20.0867 0x06dc usbohci - ok 21:37:20.0870 0x06dc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 21:37:20.0882 0x06dc usbprint - ok 21:37:20.0885 0x06dc [ 4ACEE387FA8FD39F83564FCD2FC234F2, 3D62DE27027B8C032D15EB74F97A14B4EC24E67052C1163862740D6312B2569B ] usbser C:\Windows\system32\DRIVERS\usbser.sys 21:37:20.0897 0x06dc usbser - ok 21:37:20.0901 0x06dc [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:37:20.0914 0x06dc USBSTOR - ok 21:37:20.0917 0x06dc [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 21:37:20.0927 0x06dc usbuhci - ok 21:37:20.0930 0x06dc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 21:37:20.0956 0x06dc UxSms - ok 21:37:20.0959 0x06dc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\Windows\system32\lsass.exe 21:37:20.0969 0x06dc VaultSvc - ok 21:37:20.0972 0x06dc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 21:37:20.0981 0x06dc vdrvroot - ok 21:37:20.0994 0x06dc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 21:37:21.0029 0x06dc vds - ok 21:37:21.0033 0x06dc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 21:37:21.0045 0x06dc vga - ok 21:37:21.0048 0x06dc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 21:37:21.0074 0x06dc VgaSave - ok 21:37:21.0081 0x06dc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 21:37:21.0095 0x06dc vhdmp - ok 21:37:21.0126 0x06dc [ 8F69C38A8BA725F891F26AAC8888696E, 1D5F86E7642F14A3A339AEEBB8A7D76671D9F19DEBDE25069B4252D9ACE5912F ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys 21:37:21.0158 0x06dc VIAHdAudAddService - ok 21:37:21.0162 0x06dc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 21:37:21.0171 0x06dc viaide - ok 21:37:21.0178 0x06dc [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys 21:37:21.0191 0x06dc vmbus - ok 21:37:21.0194 0x06dc [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 21:37:21.0204 0x06dc VMBusHID - ok 21:37:21.0209 0x06dc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 21:37:21.0219 0x06dc volmgr - ok 21:37:21.0229 0x06dc [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 21:37:21.0245 0x06dc volmgrx - ok 21:37:21.0254 0x06dc [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 21:37:21.0268 0x06dc volsnap - ok 21:37:21.0275 0x06dc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 21:37:21.0287 0x06dc vsmraid - ok 21:37:21.0323 0x06dc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 21:37:21.0386 0x06dc VSS - ok 21:37:21.0391 0x06dc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 21:37:21.0404 0x06dc vwifibus - ok 21:37:21.0416 0x06dc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 21:37:21.0450 0x06dc W32Time - ok 21:37:21.0455 0x06dc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 21:37:21.0465 0x06dc WacomPen - ok 21:37:21.0470 0x06dc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 21:37:21.0494 0x06dc WANARP - ok 21:37:21.0498 0x06dc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 21:37:21.0521 0x06dc Wanarpv6 - ok 21:37:21.0550 0x06dc [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 21:37:21.0585 0x06dc WatAdminSvc - ok 21:37:21.0617 0x06dc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 21:37:21.0663 0x06dc wbengine - ok 21:37:21.0671 0x06dc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 21:37:21.0688 0x06dc WbioSrvc - ok 21:37:21.0698 0x06dc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 21:37:21.0720 0x06dc wcncsvc - ok 21:37:21.0724 0x06dc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 21:37:21.0735 0x06dc WcsPlugInService - ok 21:37:21.0738 0x06dc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys 21:37:21.0747 0x06dc Wd - ok 21:37:21.0765 0x06dc [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 21:37:21.0791 0x06dc Wdf01000 - ok 21:37:21.0796 0x06dc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll 21:37:21.0824 0x06dc WdiServiceHost - ok 21:37:21.0828 0x06dc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll 21:37:21.0844 0x06dc WdiSystemHost - ok 21:37:21.0851 0x06dc [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll 21:37:21.0870 0x06dc WebClient - ok 21:37:21.0877 0x06dc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 21:37:21.0907 0x06dc Wecsvc - ok 21:37:21.0911 0x06dc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 21:37:21.0937 0x06dc wercplsupport - ok 21:37:21.0941 0x06dc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 21:37:21.0967 0x06dc WerSvc - ok 21:37:21.0970 0x06dc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 21:37:21.0993 0x06dc WfpLwf - ok 21:37:21.0996 0x06dc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 21:37:22.0005 0x06dc WIMMount - ok 21:37:22.0008 0x06dc WinDefend - ok 21:37:22.0013 0x06dc WinHttpAutoProxySvc - ok 21:37:22.0023 0x06dc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 21:37:22.0051 0x06dc Winmgmt - ok 21:37:22.0094 0x06dc [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll 21:37:22.0163 0x06dc WinRM - ok 21:37:22.0171 0x06dc [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 21:37:22.0183 0x06dc WinUsb - ok 21:37:22.0203 0x06dc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 21:37:22.0236 0x06dc Wlansvc - ok 21:37:22.0239 0x06dc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 21:37:22.0249 0x06dc WmiAcpi - ok 21:37:22.0257 0x06dc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 21:37:22.0272 0x06dc wmiApSrv - ok 21:37:22.0274 0x06dc WMPNetworkSvc - ok 21:37:22.0278 0x06dc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 21:37:22.0288 0x06dc WPCSvc - ok 21:37:22.0293 0x06dc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 21:37:22.0306 0x06dc WPDBusEnum - ok 21:37:22.0309 0x06dc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 21:37:22.0332 0x06dc ws2ifsl - ok 21:37:22.0337 0x06dc [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll 21:37:22.0352 0x06dc wscsvc - ok 21:37:22.0354 0x06dc WSearch - ok 21:37:22.0406 0x06dc [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll 21:37:22.0464 0x06dc wuauserv - ok 21:37:22.0471 0x06dc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 21:37:22.0483 0x06dc WudfPf - ok 21:37:22.0489 0x06dc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 21:37:22.0503 0x06dc WUDFRd - ok 21:37:22.0507 0x06dc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 21:37:22.0519 0x06dc wudfsvc - ok 21:37:22.0526 0x06dc [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll 21:37:22.0544 0x06dc WwanSvc - ok 21:37:22.0552 0x06dc ================ Scan global =============================== |
31.08.2015, 20:43 | #6 |
| redirect Virus Windows 7 Musste es auf zweimal einstellen. Hier die Fortsetzung. Code:
ATTFilter 21:37:22.0555 0x06dc [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll 21:37:22.0562 0x06dc [ F46BBAAC1C4980F4D0DD463F190A42D3, 8694BC790610419BE29E02275CC09E7BCF7BF667005FC747BD4111DA880C8490 ] C:\Windows\system32\winsrv.dll 21:37:22.0572 0x06dc [ F46BBAAC1C4980F4D0DD463F190A42D3, 8694BC790610419BE29E02275CC09E7BCF7BF667005FC747BD4111DA880C8490 ] C:\Windows\system32\winsrv.dll 21:37:22.0578 0x06dc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 21:37:22.0588 0x06dc [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe 21:37:22.0594 0x06dc [ Global ] - ok 21:37:22.0594 0x06dc ================ Scan MBR ================================== 21:37:22.0642 0x06dc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 21:37:22.0868 0x06dc \Device\Harddisk1\DR1 - ok 21:37:22.0871 0x06dc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 21:37:22.0990 0x06dc \Device\Harddisk0\DR0 - ok 21:37:22.0996 0x06dc [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2 21:37:23.0143 0x06dc \Device\Harddisk2\DR2 - ok 21:37:23.0144 0x06dc ================ Scan VBR ================================== 21:37:23.0146 0x06dc [ 28B72AD2E57237302C20EC1946A94367 ] \Device\Harddisk1\DR1\Partition1 21:37:23.0177 0x06dc \Device\Harddisk1\DR1\Partition1 - ok 21:37:23.0180 0x06dc [ 308482E65DAA3EE2C847DA5B34CA852F ] \Device\Harddisk0\DR0\Partition1 21:37:23.0182 0x06dc \Device\Harddisk0\DR0\Partition1 - ok 21:37:23.0184 0x06dc [ 420DCB9BEE4790E972863044EA0B8D00 ] \Device\Harddisk0\DR0\Partition2 21:37:23.0186 0x06dc \Device\Harddisk0\DR0\Partition2 - ok 21:37:23.0189 0x06dc [ 961D6D5B29942C74D5CCE0EB890B853C ] \Device\Harddisk2\DR2\Partition1 21:37:23.0191 0x06dc \Device\Harddisk2\DR2\Partition1 - ok 21:37:23.0191 0x06dc ================ Scan generic autorun ====================== 21:37:23.0195 0x06dc [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe 21:37:23.0211 0x06dc Logitech Download Assistant - ok 21:37:23.0223 0x06dc [ 3F28896C91F8498F37D5A9C7EF961752, 3557B3D569D520E6F7B2D3367D506409433B540DE259010834C6C52B16AA71F0 ] C:\Program Files\Microsoft LifeChat\LifeChat.exe 21:37:23.0236 0x06dc LifeChat - detected UnsignedFile.Multi.Generic ( 1 ) 21:37:25.0674 0x06dc Detect skipped due to KSN trusted 21:37:25.0674 0x06dc LifeChat - ok 21:37:25.0683 0x06dc [ 0D4B73DBE667647DD073D9CB72B1700C, DF9FA0BD26855EA51CDBBCECC7BFA2E09DC9495A8B02BD16112C02E7E26FE921 ] C:\Program Files\Logitech Gaming Software\LCore.exe 21:37:25.0704 0x06dc Launch LCore - ok 21:37:25.0714 0x06dc [ 74354790ECAE60C11631BD7856C0AFD0, 4932908C79842CFDB4882A767BCAECB97F663892C9715D4FA1F4AE902335DCB5 ] C:\Windows\KHALMNPR.EXE 21:37:25.0728 0x06dc Kernel and Hardware Abstraction Layer - ok 21:37:25.0796 0x06dc [ 076B3EE149E01ADBAC2DC529554A3FD9, 4F65D9D2EE44829AA2264210112851E899165C2346489BEBE679C41420CF7D07 ] F:\Programme\Program Files (x86)\iTunesHelper.exe 21:37:25.0816 0x06dc iTunesHelper - ok 21:37:25.0826 0x06dc [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe 21:37:25.0843 0x06dc IAAnotif - ok 21:37:25.0844 0x06dc Bluetooth Connection Assistant - ok 21:37:25.0852 0x06dc [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 21:37:25.0866 0x06dc SunJavaUpdateSched - ok 21:37:25.0871 0x06dc [ 25ADED425EB9D94DA7FC8CC25BA5A0AD, BEB2FED7C3B0CD87D3E15E6C891F7D38A154715F1F313179932FD42EE8018F36 ] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe 21:37:25.0878 0x06dc SSDMonitor - ok 21:37:25.0889 0x06dc [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe 21:37:25.0901 0x06dc QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 ) 21:37:28.0274 0x06dc Detect skipped due to KSN trusted 21:37:28.0274 0x06dc QuickTime Task - ok 21:37:28.0283 0x06dc [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe 21:37:28.0302 0x06dc NUSB3MON - ok 21:37:28.0305 0x06dc [ 9D56299FA5C9B3D9E67FF3ACB301139F, 202A0542BEA33C5F78A406EF9479EB7BD42FCBEAC9F49F38F6ECC48554117811 ] C:\Program Files (x86)\lg_fwupdate\lgfw.exe 21:37:28.0315 0x06dc LGODDFU - ok 21:37:28.0318 0x06dc [ DB4E2D9C09A5762CB2551222B5E443B2, 318AD09D1821E38B7D7ACC0A06965057B494A752C9E34FD1CA41247DC703F985 ] C:\Windows\RaidTool\xInsIDE.exe 21:37:28.0323 0x06dc JMB36X IDE Setup - detected UnsignedFile.Multi.Generic ( 1 ) 21:37:30.0698 0x06dc Detect skipped due to KSN trusted 21:37:30.0698 0x06dc JMB36X IDE Setup - ok 21:37:30.0704 0x06dc [ C637FC4638A96165256B28D38DE7B953, CD658543610F151C7860DBDCF36596C9B5417D87E598FA50A435392D4AED1C14 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe 21:37:30.0722 0x06dc HP Software Update - ok 21:37:30.0781 0x06dc [ 87BF5BD7D8D441EE18BE699B37FA3FBF, F28D17443987F7942DA6F7FEB7FC4491C31C9D52FB0B849D7637445BEEC07884 ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe 21:37:30.0839 0x06dc HDAudDeck - ok 21:37:30.0884 0x06dc [ 504C916D52ABA407FD4DC1E709AEA71E, 8F279620247481F28DF7D9FD4A81173396E39EB807E24587E89CAF1172CC846C ] C:\Program Files (x86)\avmwlanstick\wlangui.exe 21:37:30.0936 0x06dc AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 ) 21:37:33.0309 0x06dc Detect skipped due to KSN trusted 21:37:33.0309 0x06dc AVMWlanClient - ok 21:37:33.0316 0x06dc [ 4275C55AA440DC08EA0267AED31D9654, A5EF4505960D9CECC45376026A8B51FF43282AE811C88617CCD8F7F1E6E56A7B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe 21:37:33.0334 0x06dc APSDaemon - ok 21:37:33.0339 0x06dc [ 714C602C1B8CEF17E25C753F1BACF78D, E0B0DC548CA9DA7F3D0EEE9EDACC9058D5C845E8B03B841434EB1E03683A9B73 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe 21:37:33.0350 0x06dc AppleSyncNotifier - ok 21:37:33.0358 0x06dc [ 72860972F8196EBB3C896F53D2B95470, 95C046A66DD0089377867F073CADCE585B7C69CA23E724DCAD9D896BF01E023D ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe 21:37:33.0366 0x06dc hpqSRMon - detected UnsignedFile.Multi.Generic ( 1 ) 21:37:35.0740 0x06dc Detect skipped due to KSN trusted 21:37:35.0740 0x06dc hpqSRMon - ok 21:37:35.0830 0x06dc [ D730A7220B6E006B9B3630B7DE5124AB, A16D82A68339046DE63E6F4177FA474CC9442E8C42830C3C8DC59F55630489C3 ] C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe 21:37:35.0891 0x06dc GoPro Studio Importer - ok 21:37:35.0940 0x06dc [ F34001FB7E4EA94D404339CD8B15D84C, 7E76FD43729CE6B6F29C2ED4F6B41BE3232390D9E6224F65AB506C0846BB557D ] C:\Users\Filep\AppData\Roaming\Spotify\SpotifyWebHelper.exe 21:37:35.0988 0x06dc Spotify Web Helper - ok 21:37:36.0146 0x06dc [ 09C24A487DA063B6626FEDF8FD5B80E0, 34E909D5FACAD7ED78D09FB8103198BEF81323F69F20E4EDF44E54C6D39D3948 ] C:\Users\Filep\AppData\Roaming\Spotify\Spotify.exe 21:37:36.0280 0x06dc Spotify - ok 21:37:36.0297 0x06dc [ 362A07AA3055C61F386C807C56BC8F97, 690506ED7D09EF13DE7719E08B9B1980A0B5427B394E508430FC6E68453BF5C1 ] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe 21:37:36.0310 0x06dc Sony PC Companion - ok 21:37:36.0341 0x06dc [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe 21:37:36.0384 0x06dc Sidebar - ok 21:37:36.0433 0x06dc [ 131376E3926395D76525566632F2B1E5, 7D37FA6BF1FA85E22257573E45657D539DED7750C5E84E6B3E6A8405C0ADC6D4 ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe 21:37:36.0493 0x06dc LightScribe Control Panel - detected UnsignedFile.Multi.Generic ( 1 ) 21:37:38.0868 0x06dc Detect skipped due to KSN trusted 21:37:38.0868 0x06dc LightScribe Control Panel - ok 21:37:38.0874 0x06dc [ EC58C1A9A3281CE0C8FCC05BDBFECB37, 3738BBC112346B32F686F1CB4B4AAD89B06AA1F8FB2D333BC2D2F554212A0A59 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe 21:37:38.0891 0x06dc iCloudServices - ok 21:37:38.0898 0x06dc [ 334725C0DB429BF71F43CCEFEA1376A4, D7838C556DECC87EE5E125D643FD9ADCCE91C2DDEEBFA064312C5C821BE80CF0 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe 21:37:38.0915 0x06dc iCloudDrive - ok 21:37:38.0946 0x06dc [ 1E2CF357B62A8C8A3AC2B831D68733C5, DF70BB7437BC3437D4AFC9D150FE9CABFD51F929694455C943276AA91D63E672 ] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe 21:37:38.0971 0x06dc Autodesk Sync - ok 21:37:38.0975 0x06dc [ 105C276BB7B43501225C419B062096D0, F5D35230FC5E116FB04147F216313D2E2542D96E975B19F5FD9F7641CF11271F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe 21:37:38.0982 0x06dc ApplePhotoStreams - ok 21:37:39.0083 0x06dc [ 5721B5C4CBEBBD0C85AE311366783386, C2A780D6F49A0F75CF53C6A032BC9C4494D6F0FB5A0B767845AE5052179C7C40 ] C:\Users\Filep\AppData\Local\Akamai\netsession_win.exe 21:37:39.0171 0x06dc Akamai NetSession Interface - ok 21:37:39.0179 0x06dc [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Filep\AppData\Local\Dropbox\Update\DropboxUpdate.exe 21:37:39.0188 0x06dc Dropbox Update - ok 21:37:39.0206 0x06dc [ 92B2CC464136BA72FF7E57DF98993ACA, 76FA85AD2CA9EADEDB5B018D6432FD7D6D90A0893E9B1676C3B686001AB9EFF1 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 21:37:39.0226 0x06dc GoogleChromeAutoLaunch_D9414D4DFAD2C873EED3A19B298D3FAC - ok 21:37:39.0275 0x06dc [ 131376E3926395D76525566632F2B1E5, 7D37FA6BF1FA85E22257573E45657D539DED7750C5E84E6B3E6A8405C0ADC6D4 ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe 21:37:39.0325 0x06dc LightScribe Control Panel - detected UnsignedFile.Multi.Generic ( 1 ) 21:37:39.0325 0x06dc Detect skipped due to KSN trusted 21:37:39.0325 0x06dc LightScribe Control Panel - ok 21:37:39.0336 0x06dc [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe 21:37:39.0347 0x06dc QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 ) 21:37:39.0347 0x06dc Detect skipped due to KSN trusted 21:37:39.0347 0x06dc QuickTime Task - ok 21:37:39.0348 0x06dc Waiting for KSN requests completion. In queue: 12 21:37:40.0348 0x06dc Waiting for KSN requests completion. In queue: 12 21:37:41.0348 0x06dc Waiting for KSN requests completion. In queue: 12 21:37:42.0365 0x06dc AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\WSCStub.exe ( 22.5.0.0 ), 0x51000 ( enabled : updated ) 21:37:42.0368 0x06dc FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\WSCStub.exe ( 22.5.0.0 ), 0x51010 ( enabled ) 21:37:44.0758 0x06dc ============================================================ 21:37:44.0758 0x06dc Scan finished 21:37:44.0758 0x06dc ============================================================ 21:37:44.0771 0x0e40 Detected object count: 0 21:37:44.0771 0x0e40 Actual detected object count: 0 |
01.09.2015, 08:02 | #7 |
/// Winkelfunktion /// TB-Süch-Tiger™ | redirect Virus Windows 7 Adware/Junkware/Toolbars entfernen 1. Schritt: Malwarebytes Downloade Dir bitte Malwarebytes Anti-Malware
(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!) 2. Schritt: adwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
3. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
4. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
01.09.2015, 14:55 | #8 |
| redirect Virus Windows 7 MBAM Logfile: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 01.09.2015 Suchlaufzeit: 15:22 Protokolldatei: mbam.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.09.01.03 Rootkit-Datenbank: v2015.08.16.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Filep Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 450359 Abgelaufene Zeit: 8 Min., 20 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.005 - Bericht erstellt am 01/09/2015 um 15:37:56 # Aktualisiert am 31/08/2015 von Xplode # Datenbank : 2015-08-31.2 [Server] # Betriebssystem : Windows 7 Professional Service Pack 1 (x64) # Benutzername : Filep - FILEP-PC # Gestartet von : C:\Users\Filep\Downloads\AdwCleaner_5.005.exe # Option : Löschen # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** ***** [ Ordner ] ***** ***** [ Dateien ] ***** ***** [ Verknüpfungen ] ***** ***** [ Geplante Tasks ] ***** [!] Task Nicht Gelöscht : Oxy [!] Task Nicht Gelöscht : RunAsStdUser Task [!] Task Nicht Gelöscht : Windows Updater ***** [ Registrierungsdatenbank ] ***** ***** [ Internetbrowser ] ***** ************************* :: Proxy Einstellungen zurückgesetzt :: Internet Explorer Richtlinien gelöscht ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [843 Bytes] ########## JRT Logfile: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 7.6.0 (08.31.2015:1) OS: Windows 7 Professional x64 Ran by Filep on 01.09.2015 at 15:45:55,22 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_D9414D4DFAD2C873EED3A19B298D3FAC Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer ~~~ Files ~~~ Folders ~~~ Chrome [C:\Users\Filep\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset [C:\Users\Filep\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted: [C:\Users\Filep\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset [C:\Users\Filep\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted: [] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 01.09.2015 at 15:48:40,87 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015 durchgeführt von Filep (Administrator) auf FILEP-PC (01-09-2015 15:51:13) Gestartet von C:\Users\Filep\Downloads Geladene Profile: Filep (Verfügbare Profile: Filep & Gast) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 9 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\nis.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\nis.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Symantec Corporation) C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\TampMon.exe (Symantec Corporation) C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\NF.exe (Symantec Corporation) C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\NF.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\conathst.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\nacl64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\nacl64.exe (Symantec Corporation) C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\coNatHstNF.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\Filep\Downloads\FRST64 (1).exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [LifeChat] => C:\Program Files\Microsoft LifeChat\LifeChat.exe [371712 2009-09-24] (Microsoft Corporation) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [104008 2010-11-16] (Logitech Inc.) HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.) HKLM\...\Run: [iTunesHelper] => F:\Programme\Program Files (x86)\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.) HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation) HKLM\...\Run: [Bluetooth Connection Assistant] => LBTWIZ.EXE -silent HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [103896 2011-10-25] (PC Tools) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation) HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-07-23] (Bitleader) HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2009-10-19] () HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard) HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2472048 2010-08-11] (VIA) HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.) HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.) HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3217672 2015-07-02] (GoPro) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dllACHTUNG! ====> ZeroAccess? HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Spotify Web Helper] => C:\Users\Filep\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-31] (Spotify Ltd) HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Spotify] => C:\Users\Filep\AppData\Roaming\Spotify\Spotify.exe [7535672 2015-08-31] (Spotify Ltd) HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-07-24] (Sony) HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-04-22] (Hewlett-Packard Company) HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.) HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-11-21] (Apple Inc.) HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.) HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.) HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Filep\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.) HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Dropbox Update] => C:\Users\Filep\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.) HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [GoogleChromeAutoLaunch_D9414D4DFAD2C873EED3A19B298D3FAC] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-18] (Google Inc.) HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) Startup: C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-06-25] ShortcutTarget: Dropbox.lnk -> C:\Users\Filep\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk [2015-06-25] ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG) Startup: C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-06-25] ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448 2011-03-06] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll" Winsock: Catalog5-x64 01 C:\Windows\System32\mswsock.dll [326144 2011-03-06] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll" Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1 Tcpip\..\Interfaces\{C2EBE2D5-7A37-4D2E-883C-3C7C966033DA}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{DAB167F1-50C2-4BC8-A4BD-8510C13A125F}: [DhcpNameServer] 192.168.2.1 192.168.2.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.7.0.11 HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.7.0.11 HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.7.0.11 SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO: Norton Family BHO -> {B8E07826-0971-4f16-B133-047B88034E89} -> C:\Program Files (x86)\Norton Family\Engine64\3.4.0.43\coIEPlg.dll [2015-08-12] (Symantec Corporation) BHO: Toolbar 3.0 der Telekom Browserhilfsobjekt -> {C9603180-FA5C-4DB0-A013-ADC60309AF82} -> C:\Program Files\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation) BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL Keine Datei BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll Keine Datei BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO-x32: Norton Family BHO -> {B8E07826-0971-4f16-B133-047B88034E89} -> C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\coIEPlg.dll [2015-08-12] (Symantec Corporation) BHO-x32: Toolbar 3.0 der Telekom Browserhilfsobjekt -> {C9603180-FA5C-4DB0-A013-ADC60309AF82} -> C:\Program Files (x86)\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll Keine Datei BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.) Toolbar: HKLM - Toolbar 3.0 der Telekom - {2015C8D4-8534-48DB-B5FB-5C76291F080C} - C:\Program Files\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation) Toolbar: HKLM-x32 - Toolbar 3.0 der Telekom - {2015C8D4-8534-48DB-B5FB-5C76291F080C} - C:\Program Files (x86)\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation) Toolbar: HKU\S-1-5-21-1820486185-2003612580-2916385394-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-1820486185-2003612580-2916385394-1000 -> Toolbar 3.0 der Telekom - {2015C8D4-8534-48DB-B5FB-5C76291F080C} - C:\Program Files\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {82E5DF24-51E8-47CD-864A-F4BD5005AA73} hxxps://www.icloud.com/system/iCloud.cab DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://javadl-esd.sun.com/update/1.4.2/jinstall-1_4_2-windows-i586.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab FireFox: ======== FF ProfilePath: C:\Users\Filep\AppData\Roaming\Mozilla\Firefox\Profiles\xv6aaryn.default FF Homepage: about:home FF NetworkProxy: "ftp", "proxyus.stealthy.co" FF NetworkProxy: "ftp_port", 3128 FF NetworkProxy: "http", "proxyus.stealthy.co" FF NetworkProxy: "http_port", 3128 FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co" FF NetworkProxy: "share_proxy_settings", true FF NetworkProxy: "socks", "proxyus.stealthy.co" FF NetworkProxy: "socks_port", 3128 FF NetworkProxy: "ssl", "proxyus.stealthy.co" FF NetworkProxy: "ssl_port", 3128 FF NetworkProxy: "type", 0 FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll [2012-08-08] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Keine Datei] FF Plugin-x32: @innoplus.de/ino3DViewer -> C:\Program Files (x86)\innoplus\3D-Viewer-innoPlus\npIno3DViewer.dll [Keine Datei] FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [Keine Datei] FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [Keine Datei] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-01-13] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-01-13] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: Adobe Reader -> F:\Programme\Program Files (x86)\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1820486185-2003612580-2916385394-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Filep\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll Keine Datei FF Plugin HKU\S-1-5-21-1820486185-2003612580-2916385394-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2013-08-22] (Sony Network Entertainment International LLC) FF Extension: Stealthy - C:\Users\Filep\AppData\Roaming\Mozilla\Firefox\Profiles\xv6aaryn.default\Extensions\stealthyextension@gmail.com.xpi [2015-02-21] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-03-04] FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFPlgn FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFPlgn [2015-09-01] FF HKLM-x32\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_3.4.0.43\coFFFw FF Extension: Norton Family - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_3.4.0.43\coFFFw [2015-09-01] FF HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: Kein Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn [nicht gefunden] StartMenuInternet: FIREFOX.EXE - F:\Programme\Program Files (x86)\firefox.exe Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.de/" CHR Profile: C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (ProxFlow) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-02-21] CHR Extension: (Norton Security Toolbar) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-07-12] CHR Extension: (Stealthy) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2015-06-13] CHR Extension: (eBay for Chrome) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2015-06-13] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-30] CHR Extension: (Audio EQ) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfafdlnjaliaghpjdajmlcnnblkgcefh [2015-06-13] CHR Extension: (Norton™ Family) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\napjheenlliimoedooldaalpjfidlidp [2015-08-24] CHR Extension: (Chrome Web Store Payments) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-20] CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-26] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [napjheenlliimoedooldaalpjfidlidp] - C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\Extensions\Chrome.crx [2015-08-29] CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-26] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [napjheenlliimoedooldaalpjfidlidp] - C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\Extensions\Chrome.crx [2015-08-29] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.) S2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert] S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [129440 2011-01-13] (Futuremark Corporation) R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert] S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert] S2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-04-22] (Hewlett-Packard Company) [Datei ist nicht signiert] S2 mitsijm2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [952608 2013-01-25] (Autodesk, Inc.) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert] R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [Datei ist nicht signiert] R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe [282016 2015-07-16] (Symantec Corporation) R2 NSM; C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\NF.exe [364416 2015-08-21] (Symantec Corporation) S2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2011-10-25] (PC Tools) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert] R2 TampMon; C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\TampMon.exe [314680 2015-08-21] (Symantec Corporation) S2 CLKMSVC10_9EC60124; "C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe" /svc [X] S2 SkypeUpdate; "C:\Program Files (x86)\Skype\Updater\Updater.exe" [X] S2 WinDefend; %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] () R3 AsyncMac; C:\Windows\SysWOW64\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation) S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin) R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150821.001\BHDrvx64.sys [1650936 2015-07-23] (Symantec Corporation) R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1605020.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation) R1 ccSet_NSM; C:\Windows\system32\drivers\NSMx64\0304000.02B\ccSetx64.sys [165080 2015-06-04] (Symantec Corporation) R1 cdrom; C:\Windows\SysWOW64\DRIVERS\cdrom.sys [147456 2010-11-20] (Microsoft Corporation) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-28] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-28] (Symantec Corporation) S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH) S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2007-08-09] (Huawei Tech. Co., Ltd.) S3 i8042prt; C:\Windows\SysWOW64\DRIVERS\i8042prt.sys [105472 2009-07-14] (Microsoft Corporation) R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150828.001\IDSvia64.sys [767224 2015-08-29] (Symantec Corporation) R3 intelppm; C:\Windows\SysWOW64\DRIVERS\intelppm.sys [62464 2009-07-14] (Microsoft Corporation) S3 mod7700; C:\Windows\System32\DRIVERS\mod7700.sys [691712 2008-04-14] (DiBcom SA) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] () R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150830.020\ENG64.SYS [138488 2015-05-20] (Symantec Corporation) R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150830.020\EX64.SYS [2146040 2015-05-20] (Symantec Corporation) R0 NDIS; C:\Windows\SysWOW64\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation) R3 Ndisuio; C:\Windows\SysWOW64\DRIVERS\ndisuio.sys [56832 2010-11-20] (Microsoft Corporation) R3 NDProxy; C:\Windows\SysWow64\Drivers\NDProxy.sys [57856 2010-11-20] (Microsoft Corporation) S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-08-02] (Apple Inc.) [Datei ist nicht signiert] R1 NetBIOS; C:\Windows\SysWOW64\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation) R1 NetBT; C:\Windows\SysWOW64\DRIVERS\netbt.sys [261632 2010-11-20] (Microsoft Corporation) R1 Null; C:\Windows\SysWow64\Drivers\Null.sys [6144 2009-07-14] (Microsoft Corporation) S3 NvStUSB; C:\Windows\System32\DRIVERS\nvstusb.sys [63592 2010-06-07] () S3 PVUSB; C:\Windows\System32\DRIVERS\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD.) R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1605020.00F\SRTSP64.SYS [926448 2015-07-11] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1605020.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation) R0 SymEFASI; C:\Windows\System32\drivers\NISx64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-08-29] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NISx64\1605020.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1605020.00F\SYMNETS.SYS [576248 2015-07-11] (Symantec Corporation) S3 SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}; C:\Windows\System32\Drivers\NSMx64\0304000.02B\SymRdrS.SYS [243416 2015-08-19] (Symantec Corporation) R0 Tcpip; C:\Windows\SysWOW64\drivers\tcpip.sys [1914248 2012-10-03] (Microsoft Corporation) S3 TCPIP6; C:\Windows\SysWOW64\DRIVERS\tcpip.sys [1914248 2012-10-03] (Microsoft Corporation) R1 tdx; C:\Windows\SysWOW64\DRIVERS\tdx.sys [119296 2010-11-20] (Microsoft Corporation) R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X] S3 EraserUtilDrv11310; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11310.sys [X] S3 EraserUtilDrv11313; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11313.sys [X] S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) NETSVCx32: AppInfo -> C:\Windows\SysWOW64\appinfo.dll ==> Keine Datei NETSVCx32: browser -> C:\Windows\SysWOW64\browser.dll ==> Keine Datei NETSVCx32: EapHost -> C:\Windows\SysWOW64\eapsvc.dll ==> Keine Datei NETSVCx32: hkmsvc -> C:\Windows\SysWOW64\kmsvc.dll ==> Keine Datei NETSVCx32: IKEEXT -> C:\Windows\SysWOW64\ikeext.dll ==> Keine Datei NETSVCx32: MMCSS -> C:\Windows\SysWOW64\mmcss.dll ==> Keine Datei NETSVCx32: ProfSvc -> C:\Windows\SysWOW64\profsvc.dll ==> Keine Datei NETSVCx32: seclogon -> %windir%\SysWOW64\seclogon.dll ==> Keine Datei NETSVCx32: wercplsupport -> C:\Windows\SysWOW64\wercplsupport.dll ==> Keine Datei NETSVCx32: BDESVC -> C:\Windows\SysWOW64\bdesvc.dll ==> Keine Datei ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-01 15:50 - 2015-09-01 15:51 - 00000000 ____D C:\FRST 2015-09-01 15:49 - 2015-09-01 15:50 - 02188800 _____ (Farbar) C:\Users\Filep\Downloads\FRST64 (1).exe 2015-09-01 15:48 - 2015-09-01 15:48 - 00001450 _____ C:\Users\Filep\Desktop\JRT.txt 2015-09-01 15:45 - 2015-09-01 00:43 - 01799392 _____ (Malwarebytes Corporation) C:\Users\Filep\Desktop\JRT.exe 2015-09-01 15:40 - 2015-09-01 15:40 - 00000921 _____ C:\Users\Filep\Desktop\AdwCleaner[C2].txt 2015-09-01 15:36 - 2015-09-01 15:37 - 00000000 ____D C:\AdwCleaner 2015-09-01 15:32 - 2015-09-01 15:32 - 00001198 _____ C:\Users\Filep\Desktop\mbam.txt 2015-09-01 15:20 - 2015-09-01 15:20 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Filep\Downloads\mbam-setup-2.1.8.1057 (1).exe 2015-08-31 21:35 - 2015-08-31 21:35 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Filep\Downloads\tdsskiller.exe 2015-08-31 20:38 - 2012-10-03 19:56 - 01914248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\tcpip.sys 2015-08-31 20:38 - 2010-11-20 12:52 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\ndproxy.sys 2015-08-31 20:38 - 2010-11-20 11:23 - 00261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\netbt.sys 2015-08-31 20:38 - 2010-11-20 11:21 - 00119296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\tdx.sys 2015-08-31 20:38 - 2010-11-20 11:19 - 00147456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\cdrom.sys 2015-08-31 20:38 - 2009-07-14 02:10 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\asyncmac.sys 2015-08-31 20:38 - 2009-07-14 02:10 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\ws2ifsl.sys 2015-08-31 20:38 - 2009-07-14 02:00 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\Serial.sys 2015-08-31 20:38 - 2009-07-14 01:19 - 00105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\i8042prt.sys 2015-08-31 20:38 - 2009-07-14 01:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\intelppm.sys 2015-08-31 20:37 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\ndis.sys 2015-08-31 20:37 - 2011-12-28 06:01 - 00498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\afd.sys 2015-08-31 20:37 - 2011-03-29 05:32 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\usbehci.sys 2015-08-31 20:37 - 2010-11-20 12:50 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\ndisuio.sys 2015-08-31 20:37 - 2009-07-14 02:09 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\netbios.sys 2015-08-31 20:37 - 2009-07-14 01:19 - 00006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\null.sys 2015-08-31 20:10 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2015-08-31 20:10 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe 2015-08-31 20:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-08-31 20:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-08-31 20:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-08-31 20:10 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2015-08-31 20:10 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2015-08-31 20:10 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2015-08-31 20:05 - 2015-08-31 20:42 - 00000000 ____D C:\Qoobox 2015-08-31 20:05 - 2015-08-31 20:41 - 00000000 ____D C:\Windows\erdnt 2015-08-31 20:04 - 2015-08-31 20:04 - 05635666 ____R (Swearware) C:\Users\Filep\Downloads\ComboFix.exe 2015-08-31 14:56 - 2015-08-31 14:56 - 01798640 _____ (Malwarebytes Corporation) C:\Users\Filep\Downloads\JRT.exe 2015-08-31 14:39 - 2015-08-31 14:39 - 01618432 _____ C:\Users\Filep\Downloads\AdwCleaner_5.004.exe 2015-08-31 14:32 - 2015-08-31 14:32 - 00000000 ____D C:\Users\Filep\AppData\Local\VirtualStore 2015-08-31 14:13 - 2015-08-31 14:14 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Filep\Downloads\mbam-setup-2.1.8.1057.exe 2015-08-31 14:10 - 2015-09-01 15:51 - 00037249 _____ C:\Users\Filep\Downloads\FRST.txt 2015-08-31 14:10 - 2015-08-31 14:27 - 00084511 _____ C:\Users\Filep\Downloads\Addition.txt 2015-08-31 14:09 - 2015-08-31 14:09 - 02188288 _____ (Farbar) C:\Users\Filep\Downloads\FRST64.exe 2015-08-31 13:59 - 2015-08-31 13:58 - 00000797 _____ C:\Windows\system32\Drivers\etc\hosts.20150831-135934.backup 2015-08-31 13:41 - 2015-08-31 14:29 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2015-08-31 13:41 - 2015-08-31 13:41 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2015-08-31 13:31 - 2015-08-31 13:31 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Filep\Downloads\spybot-2.4.exe 2015-08-31 13:18 - 2015-08-31 13:18 - 00000000 ____D C:\Users\Filep\AppData\Local\Microsoft Help 2015-08-22 18:50 - 2015-08-31 13:05 - 00000000 ____D C:\Windows\System32\Tasks\Norton Family 2015-08-22 18:49 - 2015-08-31 13:00 - 00000000 ____D C:\Windows\system32\Drivers\NSMx64 2015-08-22 18:49 - 2015-08-22 18:53 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton 2015-08-22 18:49 - 2015-08-22 18:49 - 01038368 _____ (Symantec Corporation) C:\Users\Filep\Downloads\NF_Installer.exe 2015-08-22 18:49 - 2015-08-22 18:49 - 00001227 _____ C:\Users\Filep\Desktop\Norton Installation Files.lnk 2015-08-22 18:49 - 2015-08-22 18:49 - 00000000 ____D C:\Program Files (x86)\Norton Family 2015-08-22 17:33 - 2015-08-22 17:33 - 00000000 ____D C:\games 2015-08-22 17:31 - 2015-08-22 17:31 - 00536412 _____ C:\Users\Filep\Downloads\Icy Tower.zip 2015-08-18 22:05 - 2015-08-16 12:15 - 1529124864 _____ C:\Users\Filep\Desktop\Heiratsantrag.MTS 2015-08-18 22:00 - 2015-08-18 22:03 - 105186437 _____ C:\Users\Filep\Desktop\Heiratsantrag gekürzt neu.mp4 2015-08-18 21:55 - 2015-08-18 21:58 - 48992010 _____ C:\Users\Filep\Desktop\Heiratsantrag gekürzt.mp4 2015-08-18 21:54 - 2015-08-18 21:54 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Digiarty 2015-08-18 21:53 - 2015-08-18 21:53 - 36396504 _____ (Digiarty Software, Inc. ) C:\Users\Filep\Downloads\winx-hd-converter-deluxe.exe 2015-08-18 19:51 - 2015-08-18 19:51 - 00000000 ____D C:\Users\Filep\AppData\Local\Movavi 2015-08-18 19:40 - 2015-08-18 19:40 - 39158440 _____ (Movavi) C:\Users\Filep\Downloads\MovaviVideoConverterSetupC.exe 2015-08-16 21:51 - 2015-08-16 21:51 - 00001646 _____ C:\Users\Public\Desktop\Aiseesoft AVCHD Video Converter.lnk 2015-08-16 21:51 - 2015-08-16 21:51 - 00000000 ____D C:\Users\Filep\Documents\Aiseesoft Studio 2015-08-16 21:51 - 2015-08-16 21:51 - 00000000 ____D C:\Users\Filep\AppData\Local\Aiseesoft Studio 2015-08-16 21:51 - 2015-08-16 21:51 - 00000000 ____D C:\Program Files (x86)\Aiseesoft Studio 2015-08-16 21:50 - 2015-08-16 21:50 - 24566856 _____ (Aiseesoft Studio ) C:\Users\Filep\Downloads\avchd-video-60converter.exe 2015-08-14 17:10 - 2015-08-14 17:10 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-08-12 16:53 - 2015-08-12 16:53 - 00000000 ____D C:\Users\Filep\AppData\Local\CEF 2015-08-11 16:59 - 2015-08-11 16:59 - 00160154 _____ C:\Users\Filep\Downloads\Ihr Besuch in Tripsdrill.zip ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-01 15:46 - 2009-07-14 06:45 - 00015360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-09-01 15:46 - 2009-07-14 06:45 - 00015360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-09-01 15:44 - 2009-07-14 19:58 - 00702980 _____ C:\Windows\system32\perfh007.dat 2015-09-01 15:44 - 2009-07-14 19:58 - 00150620 _____ C:\Windows\system32\perfc007.dat 2015-09-01 15:44 - 2009-07-14 07:13 - 01629334 _____ C:\Windows\system32\PerfStringBackup.INI 2015-09-01 15:39 - 2015-04-20 20:50 - 00000000 ___RD C:\Users\Filep\iCloudDrive 2015-09-01 15:39 - 2015-02-21 10:19 - 00000000 ___RD C:\Users\Filep\Dropbox 2015-09-01 15:39 - 2015-02-17 20:37 - 00000000 ____D C:\Users\Filep\AppData\Local\Spotify 2015-09-01 15:39 - 2014-10-24 15:34 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Dropbox 2015-09-01 15:39 - 2013-12-31 18:27 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Spotify 2015-09-01 15:39 - 2011-03-16 01:36 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-09-01 15:39 - 2011-03-06 08:36 - 00647858 _____ C:\Windows\PFRO.log 2015-09-01 15:39 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-09-01 15:39 - 2009-07-14 06:51 - 00152999 _____ C:\Windows\setupact.log 2015-09-01 15:38 - 2011-02-26 23:37 - 01418028 _____ C:\Windows\WindowsUpdate.log 2015-09-01 15:18 - 2011-03-16 01:36 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-09-01 15:16 - 2013-12-29 16:18 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-09-01 15:16 - 2011-03-06 01:37 - 00000344 _____ C:\Windows\lgfwup.ini 2015-09-01 15:16 - 2011-02-27 18:20 - 00000000 ____D C:\Program Files (x86)\lg_fwupdate 2015-09-01 14:54 - 2015-06-26 15:44 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1820486185-2003612580-2916385394-1000UA.job 2015-08-31 20:40 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini 2015-08-31 20:25 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default 2015-08-31 15:54 - 2015-06-26 15:44 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1820486185-2003612580-2916385394-1000Core.job 2015-08-31 14:42 - 2014-08-30 17:57 - 00001070 _____ C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2015-08-31 14:28 - 2009-07-14 20:18 - 00000000 ____D C:\Windows\CSC 2015-08-31 14:27 - 2013-11-09 19:10 - 03029504 ___SH C:\Users\Filep\Desktop\Thumbs.db 2015-08-31 14:25 - 2015-03-14 20:18 - 00000000 ____D C:\Users\Filep\AppData\Local\5D515C96_stp 2015-08-29 20:13 - 2011-03-16 01:36 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-08-29 20:13 - 2011-03-16 01:36 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-08-29 14:57 - 2014-08-10 14:23 - 00111344 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 2015-08-29 14:57 - 2014-08-10 14:23 - 00008214 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT 2015-08-24 20:07 - 2011-12-10 20:00 - 00000418 _____ C:\Windows\SysWOW64\AppLog.log 2015-08-22 20:28 - 2011-12-10 15:00 - 00000000 ____D C:\Program Files (x86)\PC Tools Registry Mechanic 2015-08-22 18:49 - 2015-07-11 18:41 - 00000000 ____D C:\Users\Public\Downloads\Norton 2015-08-21 16:34 - 2015-07-10 15:21 - 00002002 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk 2015-08-21 16:34 - 2013-11-23 19:50 - 00376272 _____ C:\Windows\DPINST.LOG 2015-08-21 16:34 - 2011-02-26 23:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-08-19 20:08 - 2011-03-06 07:24 - 00000000 ____D C:\Program Files (x86)\avmwlanstick 2015-08-18 19:51 - 2011-02-26 23:37 - 00000000 ____D C:\Users\Filep 2015-08-12 16:54 - 2014-04-06 19:13 - 00000000 ____D C:\Users\Filep\AppData\Local\Akamai ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-03-14 20:18 - 2015-03-14 20:19 - 4286798 _____ () C:\Users\Filep\AppData\Local\5C5FDFC1_stp.CIS 2015-03-14 20:18 - 2015-03-14 20:19 - 0000326 _____ () C:\Users\Filep\AppData\Local\5C5FDFC1_stp.CIS.part 2015-03-14 20:18 - 2015-03-14 20:18 - 0385602 _____ () C:\Users\Filep\AppData\Local\5D515C96_stp.CIS 2015-03-14 20:18 - 2015-04-26 17:46 - 0000220 _____ () C:\Users\Filep\AppData\Local\5D515C96_stp.CIS.part 2015-03-14 20:18 - 2015-03-14 20:18 - 0193463 _____ () C:\Users\Filep\AppData\Local\62C2AAC5_stp.CIS 2015-03-14 20:18 - 2015-03-14 20:18 - 0000250 _____ () C:\Users\Filep\AppData\Local\62C2AAC5_stp.CIS.part 2013-05-04 12:08 - 2013-05-04 12:08 - 0000000 _____ () C:\ProgramData\as98213.txt 2012-07-21 10:34 - 2015-06-25 13:03 - 0015768 _____ () C:\ProgramData\hpzinstall.log Einige Dateien in TEMP: ==================== C:\Users\Filep\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpoe7q_c.dll C:\Users\Filep\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. LastRegBack: 2015-09-01 15:09 ==================== Ende von FRST.txt ========================== |
01.09.2015, 19:55 | #9 |
/// Winkelfunktion /// TB-Süch-Tiger™ | redirect Virus Windows 7 Anleitung von adwCleaner bitte richtig lesen und umsetzen.
__________________ Logfiles bitte immer in CODE-Tags posten |
01.09.2015, 21:41 | #10 |
| redirect Virus Windows 7 Bin nochmal genau nach Anleitung vorgegangen. -adwcleaner runter geladen. -musste Norton Auto-Protect deaktivieren. -Alle Browser geschlossen. -adwcleaner gestartet. -alle 4 Häckchen gesetzt. -suchlauf gestartet. -keine Ergebnisse gefunden. -trotzdem auf löschen geklickt. -Pc wurde Neu gestartet. -nach neustart hat sich folgender Logfile geöffnet. Code:
ATTFilter # AdwCleaner v5.005 - Bericht erstellt am 01/09/2015 um 22:36:25 # Aktualisiert am 31/08/2015 von Xplode # Datenbank : 2015-08-31.2 [Server] # Betriebssystem : Windows 7 Professional Service Pack 1 (x64) # Benutzername : Filep - FILEP-PC # Gestartet von : C:\Users\Filep\Desktop\AdwCleaner_5.005.exe # Option : Löschen # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** ***** [ Ordner ] ***** ***** [ Dateien ] ***** ***** [ Verknüpfungen ] ***** ***** [ Geplante Tasks ] ***** [!] Task Nicht Gelöscht : Oxy [!] Task Nicht Gelöscht : RunAsStdUser Task [!] Task Nicht Gelöscht : Windows Updater ***** [ Registrierungsdatenbank ] ***** ***** [ Internetbrowser ] ***** ************************* :: Proxy Einstellungen zurückgesetzt ########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [798 Bytes] ########## |
02.09.2015, 10:31 | #11 |
/// Winkelfunktion /// TB-Süch-Tiger™ | redirect Virus Windows 7Code:
ATTFilter ************************* :: Proxy Einstellungen zurückgesetzt ########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [798 Bytes] ##########
__________________ Logfiles bitte immer in CODE-Tags posten |
02.09.2015, 13:23 | #12 |
| redirect Virus Windows 7 So oft ich adwcleaner auch anwende, es kommt jedes mal das nur die Proxy Einstellungen zurückgesetzt sind. An dieser Stelle muss ich dazu sagen, ich habe adwcleaner schon mal eingesetzt bevor ich mich hier angemeldet habe. Habe zuerst einen FRST gemacht und anschließend den adwcleaner laufen lassen. Bin dabei auch nach Anleitung vor gegangen und habe die 4 Häckchen gesetzt. Im übrigen die redirect Seite öffnet sich Jedenfalls nicht mehr. hier noch der erste adwcleaner Log. Code:
ATTFilter # AdwCleaner v5.004 - Bericht erstellt 31/08/2015 um 14:42:01 # Aktualisiert 26/08/2015 von Xplode # Datenbank : 2015-08-30.1 [Server] # Betriebssystem : Windows 7 Professional Service Pack 1 (x64) # Benutzername : Filep - FILEP-PC # Gestarted von : C:\Users\Filep\Downloads\AdwCleaner_5.004.exe # Option : Löschen # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** ***** [ Ordner ] ***** [-] Ordner Gelöscht : C:\Program Files (x86)\Uniblue [-] Ordner Gelöscht : C:\ProgramData\apn [-] Ordner Gelöscht : C:\ProgramData\Babylon [-] Ordner Gelöscht : C:\ProgramData\Tarma Installer [#] Ordner Gelöscht : C:\ProgramData\mntemp [-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue [-] Ordner Gelöscht : C:\Users\Filep\AppData\Roaming\RHEng [-] Ordner Gelöscht : C:\Users\Filep\AppData\Roaming\winsta [-] Ordner Gelöscht : C:\Users\Gast\AppData\LocalLow\HPAppData [-] Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\DealPly ***** [ Dateien ] ***** [-] Datei Gelöscht : C:\END [-] Datei Gelöscht : C:\Users\Filep\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\RegistryBooster.lnk [-] Datei Gelöscht : C:\Users\Filep\AppData\Roaming\Mozilla\Firefox\Profiles\xv6aaryn.default\Extensions\{b64d9b05-48e1-4ceb-bf58-e0643994e900}.xpi [-] Datei Gelöscht : C:\Users\Filep\AppData\Roaming\Mozilla\Firefox\Profiles\xv6aaryn.default\searchplugins\safesearch.xml [-] Datei Gelöscht : C:\Windows\Sysnative\roboot64.exe ***** [ Verknüpfungen ] ***** [-] Verknüpfung Desinfiziert : C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk ***** [ Geplante Tasks ] ***** [!] Task Nicht Gelöscht : Oxy [!] Task Nicht Gelöscht : RunAsStdUser Task [!] Task Nicht Gelöscht : Windows Updater ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1 [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.BandooCore [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1 [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1 [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1 [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1 [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1 [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1 [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escrtBtn.1 [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap [-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com] [-] Schlüssel Gelöscht : HKCU\Software\53578c8db73fb849 [-] Schlüssel Gelöscht : HKLM\SOFTWARE\53578c8db73fb849 [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9863E762-BACC-46E4-8CAA-2A6ADA06B65B} [!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9863E762-BACC-46E4-8CAA-2A6ADA06B65B} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872F3C0B-4462-424C-BB9F-74C6899B9F92} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] [-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}] [-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{59C0C5BD-2579-433A-BBB8-AFFD59642BAF}] [-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}] [-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080} [-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}] [-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}] [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080} [-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\IBUpdaterService [-] Schlüssel Gelöscht : HKCU\Software\Alexa Internet [-] Schlüssel Gelöscht : HKCU\Software\APN PIP [-] Schlüssel Gelöscht : HKCU\Software\Conduit [-] Schlüssel Gelöscht : HKCU\Software\Cr_Installer [-] Schlüssel Gelöscht : HKCU\Software\distromatic [-] Schlüssel Gelöscht : HKCU\Software\Escolade [-] Schlüssel Gelöscht : HKCU\Software\ilivid [-] Schlüssel Gelöscht : HKCU\Software\IM [-] Schlüssel Gelöscht : HKCU\Software\ImInstaller [-] Schlüssel Gelöscht : HKCU\Software\performersoft llc [-] Schlüssel Gelöscht : HKCU\Software\systweak [-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar [-] Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Bandoo [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit [-] Schlüssel Gelöscht : HKLM\SOFTWARE\ImInstaller [-] Schlüssel Gelöscht : HKLM\SOFTWARE\PIP [-] Schlüssel Gelöscht : HKLM\SOFTWARE\SearchquMediabarTb [-] Schlüssel Gelöscht : HKLM\SOFTWARE\systweak [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Wpm [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Clara [-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FoxTab FLV Player [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Browser Bar [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1 [!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Alexa Internet [!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\APN PIP [!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Conduit [!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Cr_Installer [!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\distromatic [!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Escolade [!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\ilivid [!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\IM [!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\ImInstaller [!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\performersoft llc [!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\systweak [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7 ***** [ Internetbrowser ] ***** ************************* :: Proxy Einstellungen zurückgesetzt ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [15043 Bytes] ########## |
02.09.2015, 13:49 | #13 |
/// Winkelfunktion /// TB-Süch-Tiger™ | redirect Virus Windows 7 Okay, dann Kontrollscans mit MBAM und ESET bitte: Downloade Dir bitte Malwarebytes Anti-Malware
ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
02.09.2015, 19:28 | #14 |
| redirect Virus Windows 7 mbam Log Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 02.09.2015 Suchlaufzeit: 14:53 Protokolldatei: mbam.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.09.02.05 Rootkit-Datenbank: v2015.08.16.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Filep Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 450577 Abgelaufene Zeit: 8 Min., 21 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=884444ab15343342958a6407ad625575 # end=init # utc_time=2015-09-02 01:03:58 # local_time=2015-09-02 03:03:58 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.1.7601 NT Service Pack 1 Update Init Update Download Update Finalize Updated modules version: 25565 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=884444ab15343342958a6407ad625575 # end=updated # utc_time=2015-09-02 01:11:10 # local_time=2015-09-02 03:11:10 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.1.7601 NT Service Pack 1 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=884444ab15343342958a6407ad625575 # engine=25565 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-09-02 02:28:59 # local_time=2015-09-02 04:28:59 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='Norton Internet Security' # compatibility_mode=3597 16777213 87 89 936057 203800724 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776574 100 94 178425 192833989 0 0 # scanned=386594 # found=142 # cleaned=0 # scan_time=4668 sh=4C929F89E59670E7CD0A9927AF9B9794D1136C4A ft=1 fh=c0469ad632bfa79c vn="Variante von Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Uniblue\RegistryBooster\Launcher.exe.vir" sh=DBC8AD4693B91AB7916C242622B29C209F335CCA ft=1 fh=cdf9e87ab1c0297d vn="Variante von Win32/RegistryBooster.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Uniblue\RegistryBooster\registrybooster.exe.vir" sh=0FD7F3F732BFBD0956BB319E25F361E2AE6D8F12 ft=1 fh=a33b31cb5f52c3c7 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\Sysnative\roboot64.exe.vir" sh=0E7C7C3984E2F9C69296D89FC75C5507CFB45C24 ft=0 fh=0000000000000000 vn="Variante von Win32/Solimba.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Filep\Downloads\Icy Tower.zip" sh=2EC1D10BD0D4F71CCFD02BFD766986EC88C0B7FC ft=1 fh=ff28826a0bbfe168 vn="Variante von MSIL/Toolbar.Linkury.X evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC8CE.tmp-\ProxySettings.dll" sh=B9C19D20B0D96E3D9C8E72ED0791C6FB2B77AAAD ft=1 fh=ff125595eb936734 vn="Variante von MSIL/Toolbar.Linkury.W evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC8CE.tmp-\Smartbar.Communication.NamedPipe.dll" sh=637D3859E6B38DDB33914DBEB27A94D6A35CC3B2 ft=1 fh=8ac43ac923ce5482 vn="Variante von MSIL/Toolbar.Linkury.AC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC8CE.tmp-\Smartbar.GUI.Docking.dll" sh=C2AB7694841EBD33388534F816BD5DB106477FFC ft=1 fh=045e6a88813d3bcc vn="Variante von MSIL/Toolbar.Linkury.T evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC8CE.tmp-\Smartbar.Infrastructure.Utilities.dll" sh=AE0496E8B7EF7260A5A9A03C5283D6345D09A13C ft=1 fh=d5332291c5aae89f vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC8CE.tmp-\Smartbar.Resources.LanguageSettings.resources.dll" sh=2A202A2F429F4102BD3516F2C116925EEA12E7E1 ft=1 fh=b18d6bdb77076cb4 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC8CE.tmp-\spbe.dll" sh=354DAE7D75BC3750A7C27F46E144689ADD69FECE ft=1 fh=56e124954a8ab304 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC8CE.tmp-\spbl.dll" sh=B54A10A054F72B438B85B8C01A2FDDB9E4AA9D95 ft=1 fh=bad654b42602edb0 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC8CE.tmp-\sppsm.dll" sh=74E1FD38F895EE603C538EEB0CB62D2B7AD1F9EF ft=1 fh=eadc0e05b009aa54 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC8CE.tmp-\spusm.dll" sh=F6C87DDAD471C76D3CC2D79EDDF405591C807BD0 ft=1 fh=f5edc0ac44f0273c vn="Variante von MSIL/Toolbar.Linkury.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC8CE.tmp-\sreu.dll" sh=A80CE1722B00015806A72129AD99D6CD456BC430 ft=1 fh=a0739cbdc3e3df69 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC8CE.tmp-\srpu.dll" sh=C5FAF56605FD39E793236B914E13096861955C44 ft=0 fh=0000000000000000 vn="Win32/SubSeven.22 Trojaner" ac=I fn="E:\$RECYCLE.BIN\S-1-5-21-592136732-1660084262-2273919341-1000\$R9PCR48.0\cgi\setup.cgi" sh=DC5B77F5CC38F7EC9AF9C0ADE5254EF7CBB0F0EE ft=1 fh=1f98fff82a2cf428 vn="Win32/Adware.SaveNow Anwendung" ac=I fn="E:\$RECYCLE.BIN\S-1-5-21-592136732-1660084262-2273919341-1000\$RAD1PR4\BSINSTALLDE.exe" sh=9EE0733642C8AF058949F842EB027707EB49F997 ft=1 fh=235bec411af72c00 vn="Variante von Win32/Adware.Kazaa.A Anwendung" ac=I fn="E:\$RECYCLE.BIN\S-1-5-21-592136732-1660084262-2273919341-1000\$RAD1PR4\kmd.exe" sh=FECCED50B65B111CE659110154E1496B2B747627 ft=1 fh=ea201ae72b3ceb78 vn="Mehrere Bedrohungen" ac=I fn="E:\$RECYCLE.BIN\S-1-5-21-592136732-1660084262-2273919341-1000\$RAD1PR4\netpumper-1.23-setup.exe" sh=1DC7A5B73E687100CC54DA688E0035C6CF3265AD ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="E:\$RECYCLE.BIN\S-1-5-21-592136732-1660084262-2273919341-1000\$RAD1PR4\Spiele\[PC GAME NO CD] Lord of the Rings Battle for Middle Earth.zip" sh=4C929F89E59670E7CD0A9927AF9B9794D1136C4A ft=1 fh=c0469ad632bfa79c vn="Variante von Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Program Files (x86)\Uniblue\RegistryBooster\Launcher.exe" sh=DBC8AD4693B91AB7916C242622B29C209F335CCA ft=1 fh=cdf9e87ab1c0297d vn="Variante von Win32/RegistryBooster.D evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Program Files (x86)\Uniblue\RegistryBooster\registrybooster.exe" sh=1CBFF3BADC71DF7CE2A39D6513F977BFC5E88D33 ft=1 fh=be5c08edcfbfb2a8 vn="Variante von Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngr.dll" sh=1B914EB3AB94F1466EB595D38785F15E52DB848B ft=1 fh=8ac696ba96ab6d55 vn="Variante von Win32/Toolbar.SearchSuite.AC evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe" sh=D9661E7DF46F4FCB37E7D8C3E1BF74ED9332F66D ft=1 fh=e6b80258c992497f vn="Variante von Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll" sh=B81BAAC9D35824000ADB556418067A9220C40F01 ft=1 fh=23a12d968d390125 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe" sh=5618448E0195BA9251A1A0A5132CE2612037D630 ft=1 fh=ccf0f11a65c989b1 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchquband.dll" sh=9069C1AE362702A5CFD0947D07C49791244CF7E1 ft=1 fh=b2a7890de2375dad vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll" sh=FEC329015A05713AF1099846DA6776DE31CF1C79 ft=1 fh=d0c5b0d7efa7296b vn="Variante von Win64/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\datamngr.dll" sh=CC3E4DF6F706D1DD3EEEF749169F25D791A9E137 ft=1 fh=8e73515f6fa99a5a vn="Variante von Win64/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\IEBHO.dll" sh=DD8D791EF618CF7E811163BD85712B508835F16B ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Linkury.P evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\LPTInstaller.msi" sh=83B4FA6DB6962D7B2481EF59B5EE91FD58B63130 ft=1 fh=addb3552374cb86e vn="Variante von MSIL/Toolbar.Linkury.X evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\ProxySettings.dll" sh=A28076214311001A56B2E6106572C7D0BFE55B17 ft=1 fh=64ddbd5518bd4024 vn="Variante von MSIL/Toolbar.Linkury.W evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\Smartbar.Communication.NamedPipe.dll" sh=C61AB5CAAC9E4C1281A6CD28E94783B6C99CC0B5 ft=1 fh=67630488935d94ba vn="Variante von MSIL/Toolbar.Linkury.T evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\Smartbar.Infrastructure.Utilities.dll" sh=28B1091D6D02EC40B4FA9D3B43E3274519500CC2 ft=1 fh=dc3dd842225a5598 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll" sh=FFE23BDD6346E7C5D29C42177F20155CC9F46D54 ft=1 fh=7a155473475e5bcb vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\smia.exe" sh=FA6AF80E753D92E2CDEAB92813DEDBD8424A8E09 ft=1 fh=c3a50bcc4f306f01 vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\smia64.exe" sh=0A97E76D470BDF2FEC3210A9481458F73FA11FC5 ft=1 fh=0a1e00ceb507ee08 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\sppsm.dll" sh=5203FC48184140370D77A233D2B87E38789D1FAE ft=1 fh=4a7e921095e7b713 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\spusm.dll" sh=F942C2DDD83B52C19800599A1EDC41CF4DD4B85B ft=1 fh=08056106f4cd783d vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\srbs.dll" sh=BDA09511E34B5B402029090624B8C16B2740EFBB ft=1 fh=4cddddbd6f60add9 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\srbu.dll" sh=B25F19560EA6FB1C071141C1504B193CA65197F4 ft=1 fh=07207bd1a8646c50 vn="Variante von MSIL/Toolbar.Linkury.V evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\sreu.dll" sh=FFB6DEEA914EDB830A2065A83CC43B06952DCDFB ft=1 fh=bbcfb579c6e9abfa vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\srptc.dll" sh=EC57672B84D7BEA8A2C29BE3A5F036065A25247A ft=1 fh=486c15f1356944c1 vn="Variante von MSIL/Toolbar.Linkury.U evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\srptm.exe" sh=B18AD571FCE903550FFBF758EAF2C042266690AD ft=1 fh=eef0b21cf141f89e vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\srut.dll" sh=2F86D264D9A07A1B011581D5F601471DBDFFA6ED ft=1 fh=c477c8da445430eb vn="Variante von Win32/Toolbar.Linkury.P evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\Resources\crdli.dll" sh=7E2E92CB1757B9C6C5A15F2A3580048BBFA14A1B ft=1 fh=153cd01bb662b989 vn="Variante von Win64/Toolbar.Linkury.B evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\Resources\crdli64.dll" sh=0E1FEB0F3AF55FDE12A93DC04ED7A5CA78DBC65F ft=1 fh=a72aac3d074632ae vn="Variante von Win32/Toolbar.Linkury.O evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\Resources\crdlil.dll" sh=1FC6D13E860C374F82E7ED794D90F2FFF76BF452 ft=1 fh=6c14e3e167a49ab7 vn="Variante von Win32/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\Resources\ntdis_32.dll" sh=A41A407346118B661CEC513AD36A4482033251C6 ft=1 fh=13b93acb53fc915a vn="Variante von Win64/Toolbar.Linkury.A.gen evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\LPT\Resources\ntdis_64.dll" sh=CF5AA05A6E333AA9885344A74206B0A4E75759EB ft=1 fh=7082011e713b1fc7 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Lrcnta.exe" sh=83B4FA6DB6962D7B2481EF59B5EE91FD58B63130 ft=1 fh=addb3552374cb86e vn="Variante von MSIL/Toolbar.Linkury.X evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\ProxySettings.dll" sh=A28076214311001A56B2E6106572C7D0BFE55B17 ft=1 fh=64ddbd5518bd4024 vn="Variante von MSIL/Toolbar.Linkury.W evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Smartbar.Communication.NamedPipe.dll" sh=6B39B0BB7D6BE0BC46B81B1709E062275ABD831F ft=1 fh=3251082e0b3613be vn="Variante von MSIL/Toolbar.Linkury.AC evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll" sh=4C685D9DCC2D144D70ED50B918660F8C86A71BAF ft=1 fh=c4739051513afd1d vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll" sh=24B15C15E9C1B13854A6C30CB9DE35B422AE6A4B ft=1 fh=11858545bf819d27 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll" sh=5B47B8E46C04FA3CE610CD1C583F2A77C8768BED ft=1 fh=b022a1896b0948ba vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll" sh=64E541FF22567CC88631E1B5B21DCE0A68A01436 ft=1 fh=2295c923ac6e9738 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll" sh=C61AB5CAAC9E4C1281A6CD28E94783B6C99CC0B5 ft=1 fh=67630488935d94ba vn="Variante von MSIL/Toolbar.Linkury.T evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll" sh=28B1091D6D02EC40B4FA9D3B43E3274519500CC2 ft=1 fh=dc3dd842225a5598 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll" sh=78D9E0411C1526954C2CBE6323DEEB2785DDEE4A ft=1 fh=fdb7dcf1b7f59c67 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll" sh=78D9E0411C1526954C2CBE6323DEEB2785DDEE4A ft=1 fh=fdb7dcf1b7f59c67 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll" sh=1FF9AF16D449C2BFB1EF1E7FA06BCDAA583F30A3 ft=1 fh=149a39831ca470ca vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll" sh=1FF9AF16D449C2BFB1EF1E7FA06BCDAA583F30A3 ft=1 fh=149a39831ca470ca vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll" sh=FA6AF80E753D92E2CDEAB92813DEDBD8424A8E09 ft=1 fh=c3a50bcc4f306f01 vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\smia64.exe" sh=618D7CCD8FC26B9DD182002D94FDE0EC2412A339 ft=1 fh=6cae1c096c687eea vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\smsp.dll" sh=7AB836645400B6C93597C98F01344925B26ECB34 ft=1 fh=ccaa2072c2336201 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\smta.dll" sh=EB25F2FC448AACEAA3E5CB017E712369E42C9747 ft=1 fh=6f92e9d9af0788c8 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\smtu.dll" sh=202B30E1DE95B9E2326E84C56125C4332788EDA8 ft=1 fh=85a07bdf5b422be2 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\spbe.dll" sh=911497C3842999564F201A892883380B0DDC0F6D ft=1 fh=6071f30fc8aea719 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\spbl.dll" sh=0A97E76D470BDF2FEC3210A9481458F73FA11FC5 ft=1 fh=0a1e00ceb507ee08 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\sppsm.dll" sh=5203FC48184140370D77A233D2B87E38789D1FAE ft=1 fh=4a7e921095e7b713 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\spusm.dll" sh=F942C2DDD83B52C19800599A1EDC41CF4DD4B85B ft=1 fh=08056106f4cd783d vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\srbs.dll" sh=BDA09511E34B5B402029090624B8C16B2740EFBB ft=1 fh=4cddddbd6f60add9 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\srbu.dll" sh=B25F19560EA6FB1C071141C1504B193CA65197F4 ft=1 fh=07207bd1a8646c50 vn="Variante von MSIL/Toolbar.Linkury.V evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\sreu.dll" sh=F3EB186AE221978925BDF95B9EBD7110B7B29361 ft=1 fh=5ffd94704bbd93ac vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\srpu.dll" sh=B18AD571FCE903550FFBF758EAF2C042266690AD ft=1 fh=eef0b21cf141f89e vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\srut.dll" sh=C017F422723F95B2F7A57B0EAED2615F60C0A233 ft=1 fh=0d7aa04b8ca04d08 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll" sh=352FEEF409CBE5A1E9E141FF3ED10973FDDE0BEF ft=1 fh=e46e9e7fffe02575 vn="Variante von Win32/Toolbar.Linkury.P evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Resources\crdli.dll" sh=2F86D264D9A07A1B011581D5F601471DBDFFA6ED ft=1 fh=c477c8da445430eb vn="Variante von Win32/Toolbar.Linkury.P evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Resources\crdli.dll.tmp" sh=20BEA6C3838A6722DD77645E7F7078E7FFDFC87B ft=1 fh=f7550168cf5bb87a vn="Variante von Win64/Toolbar.Linkury.B evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Resources\crdli64.dll" sh=7E2E92CB1757B9C6C5A15F2A3580048BBFA14A1B ft=1 fh=153cd01bb662b989 vn="Variante von Win64/Toolbar.Linkury.B evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Resources\crdli64.dll.tmp" sh=D5F1695D5B190DC9C3349A2A7659B9E0780849A1 ft=1 fh=79fe5bc84778d475 vn="Variante von Win32/Toolbar.Linkury.O evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Resources\crdlil.dll" sh=0E1FEB0F3AF55FDE12A93DC04ED7A5CA78DBC65F ft=1 fh=a72aac3d074632ae vn="Variante von Win32/Toolbar.Linkury.O evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Smartbar\Application\Resources\crdlil.dll.tmp" sh=4368ED4EFE437D5D313A3EB7794D9CC3114FA8C4 ft=1 fh=18e2fb87f85d379c vn="Win32/FileScout.A evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\62FA.tmp" sh=4368ED4EFE437D5D313A3EB7794D9CC3114FA8C4 ft=1 fh=18e2fb87f85d379c vn="Win32/FileScout.A evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\6B60.tmp" sh=4368ED4EFE437D5D313A3EB7794D9CC3114FA8C4 ft=1 fh=18e2fb87f85d379c vn="Win32/FileScout.A evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\6B61.tmp" sh=AF2C51167C4DD2B3F085FF9F1BBDD02ECAE5F31A ft=1 fh=870976e227533f87 vn="Win32/InstallCore.PD evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\ICReinstall_nsi27EF.tmp" sh=01D00CE61472B6D282E0C8BF083D4CA84012911E ft=1 fh=44e4d9936dac16a5 vn="Variante von Win32/BundleInstaller.D evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\Kollegah_King_Downloader.exe" sh=AF2C51167C4DD2B3F085FF9F1BBDD02ECAE5F31A ft=1 fh=870976e227533f87 vn="Win32/InstallCore.PD evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\nsi27EF.tmp" sh=EE7646E9A9ECD2FA138A5EE732368D3785E060B2 ft=1 fh=a9e6d2fee3def72a vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\7BAFF62F-BAB0-7891-9AC0-16D8993551F3\IEHelper.dll" sh=730970F5946FBAD6B127C41A8C224AE2D2335F48 ft=1 fh=e3b7f7ac4b096ca3 vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\7BAFF62F-BAB0-7891-9AC0-16D8993551F3\MyBabylonTB.exe" sh=1B2983DD978DB886263B1740E4C7E0CA1CEF88C4 ft=1 fh=29f8994b325a4b60 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\7BAFF62F-BAB0-7891-9AC0-16D8993551F3\Setup.exe" sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\bus1322\CrxUpdater_g.exe" sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\bus164D\CrxUpdater_g.exe" sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\bus1F14\CrxUpdater_g.exe" sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\bus222\CrxUpdater_g.exe" sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\bus31B\CrxUpdater_g.exe" sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\bus36A1\CrxUpdater_g.exe" sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\bus5AB\CrxUpdater_g.exe" sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\bus5CE\CrxUpdater_g.exe" sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\bus65E2\CrxUpdater_g.exe" sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\bus96E5\CrxUpdater_g.exe" sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\busCCF5\CrxUpdater_g.exe" sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\busE510\CrxUpdater_g.exe" sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\busF1DC\CrxUpdater_g.exe" sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\busF22A\CrxUpdater_g.exe" sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\busF3D0\CrxUpdater_g.exe" sh=A5B2C42049A8340306CD976682585AAC803F3A89 ft=1 fh=6d4efb7db87b3c41 vn="Variante von Win32/Toolbar.Babylon.AE evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\busF45D\fntupdtr.exe" sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\busF833\CrxUpdater_g.exe" sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\busFB6E\CrxUpdater_g.exe" sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\busFC67\CrxUpdater_g.exe" sh=6E7676BD5E1CD79C644C93277DE0DE101D934EFE ft=1 fh=52028514d6af1101 vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\busFD22\CrxUpdater_g.exe" sh=01D00CE61472B6D282E0C8BF083D4CA84012911E ft=1 fh=44e4d9936dac16a5 vn="Variante von Win32/BundleInstaller.D evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\Download_85BD\Kollegah_King_Downloader.exe" sh=01D00CE61472B6D282E0C8BF083D4CA84012911E ft=1 fh=44e4d9936dac16a5 vn="Variante von Win32/BundleInstaller.D evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\Download_90AD\oxyinst.exe" sh=DED201AE02FB9EA3646489AFEDA49270C4620D9C ft=1 fh=c71c001196f8c3ac vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\F77E360A-BAB0-7891-8B18-CFA794399EFE\Latest\BExternal.dll" sh=EEFF60A396BED04892CA52676900D8587DDBF535 ft=1 fh=68bfd67c0e83835c vn="Win32/Toolbar.Babylon.AE evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\F77E360A-BAB0-7891-8B18-CFA794399EFE\Latest\BUSolForMontiera.dll" sh=671E3E4E9E4C9A039D9AD1479A0C91E670AF18E3 ft=1 fh=d643e79c9fb8f862 vn="Win32/Toolbar.Babylon.AE evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\F77E360A-BAB0-7891-8B18-CFA794399EFE\Latest\BUSolution.dll" sh=8440A7218C16DEECD3F6DB6555C98815BA9D19EF ft=1 fh=7fd29e57d5490fe7 vn="Win32/Toolbar.Babylon.M evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\F77E360A-BAB0-7891-8B18-CFA794399EFE\Latest\ccp.exe" sh=3B15680A3589647FF70A88674775D76A6091CA58 ft=1 fh=f4428b42dcd5e354 vn="Win32/Toolbar.Babylon.AE evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\F77E360A-BAB0-7891-8B18-CFA794399EFE\Latest\ChromeToolbarSetup.dll" sh=1466BC1893B6D4B277A177CD2C7D1BEF65F6AAEB ft=1 fh=407239d3cdeb51cc vn="Win32/Toolbar.Babylon.U evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\F77E360A-BAB0-7891-8B18-CFA794399EFE\Latest\CrxInstaller.dll" sh=7759A3318DE2ABC3755EBB7F50322C6D586B5286 ft=1 fh=e3d39714b3bfb2a0 vn="Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\F77E360A-BAB0-7891-8B18-CFA794399EFE\Latest\IEHelper.dll" sh=25EA5C7F4A48D166A2006CA37B936ECA340F58ED ft=1 fh=c71c0011e4611a52 vn="Win32/Toolbar.Babylon.V evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\F77E360A-BAB0-7891-8B18-CFA794399EFE\Latest\MntrDLLInstall.dll" sh=63B9ACAA33978D6BA181B45C51DABE9FF76B50AA ft=1 fh=75ac944de1f3f413 vn="Variante von Win32/Toolbar.Babylon.H evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\F77E360A-BAB0-7891-8B18-CFA794399EFE\Latest\Setup.exe" sh=65F1F0D076FEC3A794F84FE5CB355E525054128E ft=1 fh=c3ad2ea4cdaf915e vn="Variante von Win32/InstallCore.YX evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\is45637729\1884879_stp\icc.dll" sh=65F1F0D076FEC3A794F84FE5CB355E525054128E ft=1 fh=c3ad2ea4cdaf915e vn="Variante von Win32/InstallCore.YX evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\is45637729\213134850_stp\icc.dll" sh=65F1F0D076FEC3A794F84FE5CB355E525054128E ft=1 fh=c3ad2ea4cdaf915e vn="Variante von Win32/InstallCore.YX evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\is45637729\37137336_stp\icc.dll" sh=65F1F0D076FEC3A794F84FE5CB355E525054128E ft=1 fh=c3ad2ea4cdaf915e vn="Variante von Win32/InstallCore.YX evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\is45637729\38338503_stp\icc.dll" sh=65F1F0D076FEC3A794F84FE5CB355E525054128E ft=1 fh=c3ad2ea4cdaf915e vn="Variante von Win32/InstallCore.YX evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\is45637729\91148_stp\icc.dll" sh=01D00CE61472B6D282E0C8BF083D4CA84012911E ft=1 fh=44e4d9936dac16a5 vn="Variante von Win32/BundleInstaller.D evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\Kollegah KingDownload_886C\Kollegah_King_Downloader.exe" sh=8BBBF899968C13EBDD0D374BFC5A1226C2CCAA4E ft=1 fh=e3203141e68830b7 vn="Win32/Reporter.A evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\n7203\systemspeedup_1203-72c8223c.exe" sh=C90629835BF226820E3D665F4F994FDADBB6FA63 ft=1 fh=da0c0b9de52fd9f9 vn="Variante von Win32/ELEX.AL evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Local\Temp\n7203\webssearches_1006-0b8bb60b.exe" sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\LocalLow\IncrediMail_MediaBar_2\ldrtbInc0.dll" sh=3E30150D840AC9A0C0A7969D2FFD45118BE827D6 ft=1 fh=afbdb7c39edb934a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\LocalLow\IncrediMail_MediaBar_2\tbInc0.dll" sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\LocalLow\IncrediMail_MediaBar_2\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll" sh=5580BFC0B09834F6FC072B28C439D88178C5088F ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="F:\Programme\Users\Filep\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\b454ca0-64ccdb6c" sh=16BF44BC4DE2C4D83E0143E923C18D32083D902C ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2012-1723.JU Trojaner" ac=I fn="F:\Programme\Users\Filep\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\5b5f436b-54caba76" sh=37CCAD86409E08816A4C00F1DBEA4604BA36D3A1 ft=1 fh=919a9505016e0e1e vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Roaming\OpenCandy\A339A08FA7CE4344A3DB859E49E61D05\DeltaTB.exe" sh=4F1EC034FA273DF15EBEF1E3FA66F819DB8A1943 ft=1 fh=752909aa377c6468 vn="Variante von Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Roaming\OpenCandy\OpenCandy_D36338AD4BF74801A1078D7902416217\registrybooster(9).exe" sh=ED8CD814782D14B1C20A91EB1D78681F408D1328 ft=1 fh=e295b31a0ce14a28 vn="Variante von Win32/TrojanDropper.MsiDrop.A Trojaner" ac=I fn="F:\Programme\Users\Filep\AppData\Roaming\RHEng\6526CD65039B4A62BE3044475B568977\Installer.exe" sh=9E77E1D2FD7B77B0FD8A71A70C35DD5A16836CF3 ft=1 fh=b241df9fafd25e77 vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\AppData\Roaming\systweak\ssd\SSDPTstub.exe" sh=B07E725C96415205EEB1DEC6D4A8E7AD82BA2880 ft=1 fh=3ac679bcc602ba76 vn="Variante von Win32/Toolbar.SearchSuite.J evtl. unerwünschte Anwendung" ac=I fn="F:\Programme\Users\Filep\Downloads\jZipSetup-r398-n-bc.exe" |
02.09.2015, 22:23 | #15 |
/// Winkelfunktion /// TB-Süch-Tiger™ | redirect Virus Windows 7 FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Filep\Downloads\Icy Tower.zip C:\Windows\Installer\MSIC8CE.tmp-\ F:\Programme\Program Files (x86)\Uniblue F:\Programme\Program Files (x86)\Windows iLivid Toolbar F:\Programme\Users\Filep\AppData\Local\LPT\ F:\Programme\Users\Filep\AppData\Local\Smartbar F:\Programme\Users\Filep\AppData\Local\Temp F:\Programme\Users\Filep\AppData\LocalLow\IncrediMail_MediaBar_2 F:\Programme\Users\Filep\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 F:\Programme\Users\Filep\AppData\Roaming\OpenCandy F:\Programme\Users\Filep\AppData\Roaming\RHEng F:\Programme\Users\Filep\AppData\Roaming\systweak\ssd\SSDPTstub.exe F:\Programme\Users\Filep\Downloads\jZipSetup-r398-n-bc.exe EmptyTemp: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu redirect Virus Windows 7 |
akamai, bonjour, computer, dnsapi.dll, ebay, explorer, flash player, ftp, google, iexplore.exe, installation, mozilla, mp3, prozesse, redirect, registry, rundll, scan, security, software, stick, symantec, system, temp, usb, virus, windows, windows 7 |